Cracker (computer security)
Cracker (from the English crack for "to crack" or "break in") bypass or break access barriers in computer systems and computer networks .
This generally includes scriptkiddies and hackers who focus their activities on circumventing security mechanisms (see delimitations ). In particular, the word encompasses programming experts who use cracking to break the protective mechanisms of software (from the unlawful manipulation of software, for example as part of the warez scene, to a legal cracker scene of enthusiastic programmers who use CrackMes to practice a sport on an intellectual level) .
In addition, the definition of the term cracker is not uniform, which is why its meaning depends heavily on the respective context:
- The jargon file clarifies the self-image of the "academic hacker culture", a term that suggests the originally academic environment (such as MIT , Stanford , Berkeley and Carnegie Mellon ) of that subculture since the 1960s. But that doesn't mean that hacking was an academic field of study back then. As a reaction to bad press, the Jargon File wants to see all hackers who emphasize their activities on circumventing security mechanisms, "regardless of their motivation", not as hackers, but as crackers since 1990.
- The "computer security hacker culture", however, only classifies the darker-colored directions (people from their category of black hat hackers ) and scriptkiddies as crackers.
In the journalistic and political public, there is usually no distinction between these terms. There are also hackers who reject a moral demarcation due to the lack of a clear dividing line between “good” and “bad”.
In addition to this use, there is another use in which someone is specifically referred to as a (software) cracker who knows how to bypass protective mechanisms in software. This applies across cultures regardless of motivation, i.e. even if cracking software is practiced as a legal sport in which the cracker cancels the program protection of self-written software ( CrackMe ) that has been released for this purpose .
“CRACKER - Term given to so-called 'malicious' hackers by the original MIT hackers, hoping the media would leave the name' hacker 'alone and not damage the original hackers' pristine, snow-white reputation. Never really got picked up, probably because it sounds a lot like a wheat consumable or a derogatory term for a white hick. While (I think, at least) this is a really lame word, it is occasionally used by those wishing to seem knowledgable. [Comes from 'cracking' into systems.] "
CRACKER: Term given by the original MIT hackers to differentiate themselves from so-called 'malicious' hackers in the hope that the media will leave the term 'hacker' alone and no longer the previously flawless reputation of the original Meaning of the word hackers would damage. It was never really adopted, presumably because cracker sounds like a bite into a crispy wheat pastry or sounds pejorative like a 'pale hillbilly'. While it is a really weak term (at least in my opinion), it is occasionally used by those who want to be knowledgeable. [Comes from 'breaking into' systems.] "
The academic hacker culture differs from the computer security hacker culture in that the academic hacking community focuses on creating new and improving existing infrastructures, especially its own software environment. Computer security is not a relevant aspect. However, a basic understanding of computer security is also common in the academic hacking community. For example, during his Turing Award speech in 1983 , Ken Thompson noted that it is possible to build a back door into the UNIX login program so that it accepts normal passwords, but also a general password. He called this the "Trojan Horse". Thompson argued that to obfuscate the whole thing, the C compiler could be modified to automatically add this backdoor when the login program was compiled. Since the C compiler itself is a program that is compiled with a compiler, you could finally automatically insert this compiler change when compiling the compiler itself, without this manipulation being evident from the compiler source text. It would therefore only be available in translated compilers and in the translated programs without leaving any trace in the source code base.
Thompson distanced himself clearly from the activities of the computer security hackers:
“I would like to criticize the press in its handling of the 'hackers', the 414 gang, the Dalton gang, etc. The acts performed by these kids are vandalism at best and probably trespass and theft at worst. […] I have watched kids testifying before the Congress. It is clear that they are completely unaware of the seriousness of their acts. "
Another prominent case of the overlap between these two cultures is Robert T. Morris , who belonged to the hacking community at the "AI" computer at MIT, but wrote the Morris worm nonetheless. The jargon file therefore calls him "a true hacker who blundered" ("a real hacker who failed").
The academic hacking community sees incidental security bypassing as legitimate when done to remove specific barriers to actual work. In special forms, something like this can also be a possible expression of imaginative intellectual willingness to experiment. Nevertheless, the supporters of the academic scene tend to evaluate the preoccupation with security gaps negatively and to distance themselves from it. They commonly refer to people who do this as crackers and categorically reject any definition of the term hacker that includes an emphasis on activities related to bypassing security mechanisms.
The computer security hacking culture, on the other hand, does not generally distinguish so strictly between the two scenes. Instead, they limit the use of the term cracker to their categories of "scriptkiddies" and "black hat hackers". In the area of computer security, for example, parts of the CCC see the academic hacker movement as a conservative faction of a single, larger, interwoven and all-encompassing hacker culture.
- Hacker's Guide . Market and Technology, 2003, ISBN 3-8272-6522-3 .
- Markus Schumacher, Utz Rödig, Marie-Luise Moschgath: Hacker Contest . Xpert.press, ISBN 3-540-41164-X .
- Jan Krömer, Evrim Sen : NO COPY - The world of digital pirated copies . 1st edition, 2006, ISBN 3-932170-82-2 . Website
- Evrim Sen: Hackerland - The scene's log . 3rd edition, Tropen Verlag 2001, ISBN 3-932170-29-6 . website
- Evrim Sen: Hackertales - Stories from Freund + Feind . 1st edition, Tropen Verlag 2002, ISBN 3-932170-38-5 . Website
- Clifford Stoll : Kuckucksei: The hunt for the German hackers who cracked the Pentagon . Fischer paperback books, ISBN 3-596-13984-8 .
- Alexander Schulz: New criminal offenses and problems - The draft of the Criminal Law Amendment Act (StrafÄndG) to combat computer crime from September 20, 2006. Article, October 10, 2006.
- ↑ a b Since jargon file 2.1.1 of 1990, the term cracker, and not hacker, has been used in academic hacker culture for someone who circumvents security barriers ( CRACKER: One who breaks security on a system. Coined c. 1985 by hackers in defense against journalistic misuse of HACKER ... ).
- ^ Frank Kargl: Hacker. Presentation slides by Frank Kargl, Chaos Computer Club, Ulm 2003, online at Ulm.CCC.de (PDF; 3 MB); Overview of the roots and history of the hacker movement from the perspective of the Chaos Computer Club .
- ^ Armin Medosch: The kids are out to play. In: Telepolis , June 14, 2001 (German). Online at Heise.de, accessed on December 12, 2016.
- ^ Hacker's Encyclopedia. (txt) 1997, accessed on December 12, 2016 (English).
- ↑ Ken Thompson: Reflections on Trusting Trust. In: Communications of the ACM , Volume 27, No. 8, August 1984, (English, PDF; 225 kB). Online at ece.cmu.edu, accessed December 12, 2016.
- ^ Jargon File: Bibliography. In: Part III. Appendices - Bibliography. Online at catb.org, accessed December 12, 2016.
- ^ Richard Stallman: The Hacker Community and Ethics: An Interview with Richard M. Stallman. University Press, Tampere 2002. Online at gnu.org, accessed December 12, 2016.
- ↑ Joe Wilson: For hack (er) s who want to complain to CBS. September 19, 1983. Online on Google Groups, accessed December 12, 2016.
↑ Eric Steven Raymond: How to become a hacker. In: Thyrsus Enterprises , 2001. Online at catb.org (English), accessed on December 12, 2016.
See the German translation: Was ist ein Hacker? 1999. Online at Koeln.CCC.de, accessed on December 12, 2016.