Monday, September 24, 2007

Definitions of the Terms Hacker, Cracker and Coder

It was several months ago that I noticed the discussion at Jason Scotts blog about the definitions for hacker and cracker. I would add to that mix the term coder, because it will become important in the details of own definition of each of those terms.

Three important facts will I mention right from the start:
  1. There are hundreds of definitions for the term hacker out there and they are all different ranging from portraying a hacker as an ethical and selfless whiz kid who does things for the greater good to the evil and selfish wannabe who cannot create stuff himself and thus prefers to destroy other people’s work.
  2. The meaning of the word hacker did change over time. People used the word in much broader terms in the past and even outside of computers.
  3. Mass media put their mark on the term and helped to add to the confusion and misconception.

I recommend avoiding the use of the words whenever possible, because everybody perceives and understands it different. Especially if you are using the words in a positive context are misunderstandings just waiting there to happen. Instead of cracker, use "computer-crack" or in instead of hack, use the term ”exploit” or “workaround” instead for example. However, if you have to or want o use the terms, clarify what you mean by them and not just let the terms out there on their own.

My definitions incorporate the changes in the computer industry and the fact that it is not the world of single mainframe computers at individual universities anymore. Computers became a commodity and a large number of users are normal people today, who are not geeks and often not have very much practical understanding of the matter at the same time.

My Definitions

A "hacker" is for me a person who is an "advanced power user" and not necessarily somebody who is a programmer. A person who analyses software, tests it, automates requests via tools to scan a broad range of possible options in a short time-period. A person who wants to gain access and or control over another system by exploiting known security flaws, using brute force (scanning, dictionary attacks etc.) or human weaknesses and flaws (why use parents the first name of one of their child's as password so often?). He maybe finds technical security holes by accident, but is not the one who can seek them out as well. The hacker was spending time to find out the new frequencies for ATT, MCI or SPRINT to break their lines, scanned for valid calling card numbers, attempts to find new working credit card numbers by creating similar siblings from an existing credit card that works etc.


A "cracker" is for me somebody who "eats code raw", a person who is comfortable using software debugger, mostly doing debugging at the Assembler level. A cracker enjoys dissecting other people's code and "fixes" little inconveniences and "flaws" in software, like skipping license key input screens to speed up the software installation process. Crackers are not necessarily great programmers themselves, but have a deep understanding of technology and computer software.


A "coder" is somebody with remarkable programming skills. A coder is this type of person who spends countless hours on something of little or no practical value (just by itself), just because he wants to figure it out. Things like writing a program that listens to IO operations of a hardware component and displays it on the screen, which looks like your TV screen, if you did not select a TV channel, showing nothing but seemingly random noise.

Each One Could be One, Two or all Three of Them at the same Time

A hacker could be a cracker and coder as well, but often are the three different types of characters found in three distinct and different persons. They can excel by working together in conjunction with each other and as part of a group.

I reduced my definitions to what kind of skills each of them has and less on what exactly each skill is being used for. That each of the people is often living in its own little world is probably true. The world they live in is not always the same world normal people perceive as reality.

Hypothetical Collaboration between a Hacker, Cracker and Coder

If you ask how the collaboration between a hacker, cracker and coder would look like, here is how I see it. The hacker would be the person who is in charge and coordinates the efforts. He is the one who has clear goals and ideas in his head. He would be the one, for example, who thinks up how a tool would have to work to do something very specific. The coder could write that tool for the hacker.

A port scanner for example (just to keep it simple) could be such a tool. The hacker needs a cracker, if the hacker encounters specific software and cannot get around it by using brute force or guessing. He would try to get a copy and have the cracker take a look at it to find flaws or have him create an altered version, the hacker could try to sneak in as replacement for the original.

By Default Neither Good nor Bad

Here is a positive example to avoid the misconception that it is all about breaking into something and stealing data etc. What they do and what they do it for are two distinct and very different things and independent of the definition.

The coder writes a piece of software. The hacker tests the software thoroughly and approaches it from all kinds of different angles. He does in essence the quality assurance. The cracker is the one who is looking under "the hood" and checks the software for deep build in flaws and errors.

Quality Assurance

In the example of a piece of security software would the coder write the interface to enter the password, the encryption routines etc.

The cracker checks the code to make sure that the encryption is strong enough and that nothing is being exposed that reduces the effectiveness of the protection, like loading the key pairs in plain text into the memory for processing and stuff like that.

The hacker checks more like things such as minimum keyword length, supported characters and flaws in the interface.

The best encryption is worthless if the password can only be a set of numbers and the password is three digits long = only 1000 possible combinations which can be tried out in no time, via a script or even manually.

The best protection software is also useless, if you can simply press ALT-F4 and close it and then be able to move on and do what you want to do anyway. The hacker is the one who would look for this kind of stuff.

Conclusion

That is my take on this whole thing and I am convinced that most people would be comfortable with it, if they think about it for a moment, including hackers, crackers and coders themselves.

What are your thoughts on this subject? Feel free to comment below.

Cheers!
Carsten aka Roy/SAC

2 comments:

Anonymous said...

lthough, lately some abusive crackers and hackers, who happens to be coders themselves, ususes their knowledge to find pitfalls in systems and take advantage of it for their own profit.

like writing programs which would destroy a certain system and then present themselves as "people who's got the cure for the problem"(that they created), and make a lot of money from it.

Carsten a.k.a. Roy/SAC said...

parisukat, that sounds more like the plot of a bad movie for me, but it is certainly possible.

"Bad" hackers are more the type of person who break into computers and steal information and then sell it for profit or modify/delete stuff to damage the compromised system.

Crackers are usually associated with software piracy and the removal of copy protections. If that is good or bad depends on the eye of the beholder. It is general illegal in most countries, but even where such laws exist, also exists some exceptions where this kind of activity is not considered unlawful.

"Bad" Coders would be the people who develop tools that serve a malicious purpose. An example for that would be the development of a "Bot-Net" system with remote control mechanisms to commercially exploit it by committing click-fraud, email spam, DOS attacks or identity theft.

Post a Comment

Hi, thanks for taking the time to comment at my blog.

Due to spam issues comments are not immediately posted on the site and require my manual approval first, before they become visible.

I try to approve comments as quickly as possible and usually within 24 hours.

To be notified about follow up comments that are made after yours, use the subscribe option with your email address and you will receive an email alert, if somebody else comments at this post in the future.

Also check out the rest of the website beyond this blog, visit RoySAC.com. Also see my YouTube channels, SACReleases for intros and demos.

Cheers!
Carsten aka Roy/SAC

Note: Only a member of this blog may post a comment.