essay

Hackers and Crackers: a common misconception

“Information sharing is a powerful, positive good, and it is the ethical duty of a hacker to share their expertise by writing free software and facilitating access to information and to computer resources wherever possible.” (Himanen 2001: 3)

In today’s day and age, the term hacker is thrown around all too lightly, The public views hackers as social outcasts, who break into computers and destroy them by exposing sensitive information, exploiting someone or spreading virii everywhere, and who can blame them? They are usually uninformed and misled into believing this via the countless many media streams, but it is nothing more than a misconception. The true definition for these people is known to the digital underground as a ‘cracker’. Every hacker’s ultimate goal is knowledge. Any possible means may be used to obtain that, including illegal ones; on the other hand, a cracker breaks into a computer system for the sheer joy of destruction and confusion. This essay will look at the origin of ‘the hack’, make clear the true hacker ethic, hackers within the work force and their benefits to society. Then it will distinguish what a ‘cracker’ is, and what they do, and finally the laws and punishments associated with computer crime.

After a group of MIT programmers from the 1960’s adopted the word ‘hack’ as a synonym for their work, came the second wave of hackers in the early 1980’s. What characterised this group was that they desperately wanted computers and computer systems designed to be useful and accessible to citizens. Now in the late 80’s, the meaning of the word hacker changed once again, the to computer underground, ‘to hack’ meant to break into a computer system, and a ‘hacker’ was the person who did this. In a book titled Hackers: heroes of the computer revolution (Levy 1984: 52) the hacker ethic is but down into 5 points.

‘All information must be free.’
‘Mistrust authority – Promote decentralisation.’
‘Hackers should be judged by their hacking, not by criteria such as degrees, age, race, or position.’
‘You can create art and beauty on a computer.’
‘Computers can change your life for the better.’

Reading the ‘Hacker Manifesto’ written in 1986 by a hacker named ‘the mentor’, who was part of the elite hacking group ‘the legion of doom’, presents a view which is similar to this, a story of the curious explorer, pursuing knowledge and intellectual challenge. The hacker ethic would state that unauthorised access to a www server would be acceptable as long as no damage is done. Now in 1991, 3 members of the legion of doom founded a company known as Comsec Data Security, a Houston based consulting firm. The firm quickly built a client list made up of several Fortune 500 companies, but just as quickly as they rose to power, the company went out of business due to media hysteria and blackballing by rival companies, exploiting the fact they were former hackers. The computer industry has a long, respected tradition of hiring so-called teams of professional hackers to attack a computer system to determine how secure it is. The idea is that only by waging a full-scale siege on a system with an authorized break-in can its true level of vulnerability be determined, so that backdoors and weaknesses are rectified.

One thing which you very rarely see the media publish is that not only do hackers help companies, but other forms of ‘ethical hacking’ such as working with various forms of justice departments to help put criminals behind bars, one example of this is an article published in the U.K newspaper the Telegraph (Bamber 1999) where hackers working in conjunction with the police, helped infiltrate a internet paedophilia community and in only 60 hours, found evidence that helped police make 19 arrests, on counts such as rape, incest, indecent assault and possession and distribution of indecent images of children. Even the U.S department of justice has looked to recruit hackers in order to conduct penetration tests on its networks (Furnell, Dowland & Sanders 1999)

On the other side of the so easily mistaken line, are ‘crackers’, whose skill levels vary on a large scale. The Chantler study (Chantler 1996) classes hackers into several factions. At the bottom end of the scale you have ‘Lamers’, people who use programs such as BO2K or ‘back orifice.’(BO2K 1999) Written by the hacking group Cult of the Dead Cow it enables any user with half a brain to control another computer from a remote location. Originally intended for ethical use, for system administrators wishing to remotely monitor systems within their network, but eventually found its way into the hands of those who would use it to maliciously attack users by entering another users system to steal passwords, delete files and also spread pre-written virii for kicks. Moving up your scale you have users who have a better understanding, who exploit weaknesses in websites in order to rearrange them, either as a joke, or for more serious issues usually politically related. One such group is the Chilean “Byond Hackers Team”, who has claimed to have more than 8000 hacks to their name, famous for hacking the NASA website, as well as government sites in their own country, the US, Israel and many other South American states(Kornakov 2006). Finally, right at the top of the scale are the crackers who hack into financial institutions and corporations for personal gain, usually in the form of money. A computer industry survey in 1998 calculated that 550 of Americas corporations, government agencies, and universities had lost more than $100million to computer related financial fraud, copyright theft, and data sabotage (Taylor 1999: 71)

Australia’s federal law on hacking has many penalties. in section 76C’ A person who intentionally and without authority or lawful excuse :(a) destroys, erases or alters data stored in, or inserts data into a Commonwealth computer;(b) interferes with, or interrupts or obstructs the lawful use of, a Commonwealth computer;(c) destroys, erases, alters or adds data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer.
All of which are possible by using programs as simple to use as the back orifice tool, the penalty for this is 10 year imprisonment! (Extract from Federal Law on Hacking 2003)
In the U.S, courts are also getting harsher with their penalties, most maximum prison sentences handed down for computer crime range from one year to 10 years. Hackers whose exploits result in injury or death -- if they disable emergency response networks or destroy electronic medical records, for example -- face 20 years to life in prison. Hackers will face up to a 25% increase in their sentences if they hijack e-mail accounts or steal personal data -- including financial and medical records and digital photographs. Convicted virus and worm authors face a 50 percent increase.
Sentences also will increase by 50 percent for hackers who share stolen personal data with anyone. The sentences will double if the information is posted on the Internet. (Krebs 2003). Perhaps the most famous hacker throughout the late 70’s to the early 90’s was Kevin Mitnick, who has been in and out of jail and in the tabloids throughout that time frame, described as a ‘brilliant and elusive cyber-thief’. (Meriwether 1995)

The media and the government will always look down upon hackers AND crackers, and make mistakes about which is which. The simple fact is a hacker builds things, a cracker breaks them. Nevertheless within their culture lies an attitude towards solving fascinating problems. Challenging ones mind is the highest form of mental stimulation, and if not for hackers and the computer enthusiasts from the 70’s and 80’s, we may not have come this far with technology. Much of our computing technology that we take for granted today, like the internet and what it has become, e-mail, word processing.. Almost everything would not be what it is today without their efforts and as long as there is technology, there will be people wishing to know more about it, inevitably, hackers will hack on.
































Bibliography

Bamber, David (1999) ‘Police hackers catch Internet paedophiles’ http://www.telegraph.co.uk/htmlContent.jhtml?html=/archive/1999/08/15/nhack15.html (accessed 28 April 2007)

‘BO2K’ http://www.BO2K.com (accessed 26 April 2007)

Caroline, A (2004) ‘Political hacktivism: tool of the underdog or scourge of cyberspace?’ Aslib Proceedings: New Information Perspectives 56(4) 212-221

Chantler, N (1996) Profile of a computer hacker Infowar Florida

‘Extract from Federal Law on Hacking’ http://www.uwa.edu.au/it/rules/fedhacking (accessed 26 April 2007)

Foltz, B (2004) ‘Cyberterrorism, computer crime, and reality’ Information management and computer security 12(2) 154-166

Furnell, S.M, Chiliarchaki, P and Dowland, P.S (2001) ‘Security analysers: administrator assistants or hacker helpers?’ Information management and computer security 9(2) 93-101

Furnell, S.M, Dowland, S.M, and Sanders, P.W (1999) ‘Dissecting the ‘Hacker Manifesto’’ Information management and computer security 7(2) 69-75

Himanen, Pekka (2001) The hacker ethic and the spirit of the information age Secker & Warburg London

Kornakov, Konstantin (2006) ‘Major hacking crew taken down in South America’ http://www.viruslist.com/en/news?id=%20206082634 (accessed 29 April 2007)

Krebs, Brian (2003) ‘Hackers to Face Tougher Sentences’ http://www.washingtonpost.com/ac2wp-dynA35261-2003Oct2language=printer
(accessed 29 April 2007)

Levy, S (1984) hackers: heroes of the computer revolution Bantam Doubleday Dell New York

Meriwether, Dan (1995) ‘Kevin Mitnick’ http://www.takedown.com/bio/mitnick.html (accessed 28 April 2007)

Smith, A.D and Rupp, W.T (2002) ‘Issues in cybersecurity: understanding the potential risks associated with hackers/crackers.’ Information management and computer security 9(2) 178-183

Taylor, P (1999) Hackers: crime in the digital sublime Routledge New York