Hack, Crack or Phreak

From iGeek
Jump to: navigation, search
HackCrackPhreak.png
What are Hackers, Crackers and Phreaks? I did a little of all three, but that was decades ago (literally), and in computer times that is ancient history. But the concepts are still valid -- even if I'm no longer "plugged in" or have lost interest in doing them.

Hackers started as a term "hackers" for those geeks (code hackers) who would just pound on a problem, until they found a solution.

  • In early computers, many problems had never been solved before -- so everything had to be sort of "brute forced", and people were creating algorithms and concepts by trial and error. Systems were poorly documented, and things weren't engineered as much as just "put together" or "pounded out" -- i.e. hacked. Early in computer system this hacking was the fast way to go. Remember, everything was new and nothing had been "done before", so you had to just "trial and error" it until it worked (hack it out).
  • Later, as there was more and more "done before", hackers were the kids and homegrown programmers who didn't research things as much as they just enjoyed pounding out their own solutions. 9 out of 10 times they would create a solution that someone else had done before (if only they had just read about it, or if they had been plugged in to academia). Still, they would occasionally create something new, and often creating the solution on their own gave them a far deeper understanding of the problem. Hackers are usually anti-accademics, and enjoyed problem solving, but not the papers, process, and politics.

Many hackers were very bright, many were working hard instead of smart. Many solutions that academics have gotten credit for were solved long before, or have been solved in better ways by hackers. Life would be a lot easier if there was only more open lines of communication between the two groups. But there isn't and won't usually be -- they are on opposite extremes of a philosophical boundary. One attitude is "just do it" the other is "lets talk about it, write about it, and design in based in deep theory and by committee consensus".

Even today this form of "hacking code" together, instead of designing and engineering; creating things through discipline and process -- is very common. In fact, this is far more common than people realize -- which explains all of Microsoft's bugs. Marketing and business realities are such that there is never time to do it right, but always time to do it over or "fix in the next revision". So many programmers (especially in commercial development) never get beyond the hacker stage.

Hackers had a dim view of rules, and of wasting time with process and a bunch of administrators trying to control their lives. This is what can cause friction between them and engineers or academics. When it came to network security, or just about anything else, they would do it, for curiosity and as a way to thumb their noses at the establishment. They would solve these problems because they were there, and for the joy of learning. 99% of it was not malicious, but many hackers were often young -- and if you got on their bad side, it could certainly take a dark turn.

Types

Over time there became different type of hackers. The traditional term lost force -- and "code hackers" is not what people think of when they hear the term. Programmers still use "hackers" to talk about code hackers, and it can still be a compliment (especially from another hacker). But most people don't use the them that way. The concept of "those that pound on a problem until they solve it" still stuck, and it expanded (or fragmented) into subgroups of hackers.

  • Some hackers would hack into networks -- or pound on networks until they find security holes and ways in. So these hackers were "network hackers".
  • There are some people who have direct access to a System (computer), and they hack into the multi-user computer System, they are "system hackers". But there is a real subtle difference between a System hack and a network hack (since they're both trying to get "in" the System and past security). So I differentiate these two, because they are slightly different disciplines, but I don't think most people do.
  • Other hackers started hacking into phone systems. At first it was figuring out how to play little wiring tricks, and it evolved into hacking phone company computers. These hackers became the hardware "Phreaks" of the hacker world -- hardware weenies who would get around telco's (telephone companies).
  • Hackers that broke software protection for games and the like became the "crackers", as they cracked the copy protection.

With Crackers and Phreaks pulled out as separate discipline, the original meaning of hackers was lost -- and now "Hackers" is usually used to refer to network hackers. The media has tended to only look at the darkest side, and make it all seem bad. But 90% of what goes on is just the exchange of information, and showing off of prowess -- with no real damage done. But it is hard to convince a curious kid that he shouldn't see if he can break a password or outsmart the system -- and adults that have grown up with that mentality aren't much better. It is the thrill of learning and exploring -- and the laws are pretty silly, so they are treated with contempt.

Remember to a hackers point of view, you are either selling them software which they feel it is their God-given-right to explore and improve (like removing the copy protection). Or you are putting information on a network, so why the hell shouldn't they look at it. Or you are creating a PUBLIC phone system, and why shouldn't they play games with it and explore the design holes you left in. I mean making a certain tone/noise on a phone system is illegal (just because they can make free calls by using it)? How stupid.

But many of these things (hacking) are illegal. There was a T-shirt that had the an encryption algorithm on it (PGP I believe), and it basically had a caption that was, "if you are a foreigner, and you read this, we are both guilty of arms dealing". Which is true, because the laws are that dumb. So some hacker does something that is minor transgression, at worst, and he can be labeled a criminal (and treated like one). Once labeled a criminal by the system, for doing something as minor as outsmarting "the experts", it is easy for him (them) to devalue all of societies laws (even the few good ones) -- to the point where their contempt for the law makes them into criminals. Of course there are certainly a few that were criminals all along -- but I believe there are far more that sort of evolve into it. And there are many more who evolve out of it, and become consultants to phone company or computer companies to help them plug the holes that they found. So there are both black-hat and white-hat hackers -- but realistically most are gray-hat ones that cross the lines, because the lines are impossible to know, and the more you know about them, the less you care. So not all hackers are bad or good -- and many do little "bad" things -- the question is just where does each hacker/cracker/phreak draw the line.

Example: I phreaked a lot of phone systems just for the learning, but I stopped using other people's sprint codes after a few months (even though I could get away with it) -- and I stopped playing with various operator tones and ways my different "boxes". I cracked software for a while, but I didn't sell my cracked copies. I hacked a few networks, but I never destroyed data. But each hacker will have their own "do's" and "don'ts".

Conclusion

There is a lot more to hacking and the hacker mentality. And the lines between disciplines aren't quite that distinct -- the personality that allows you to hack into one thing, and what makes you curious, is likely to mean you will cross over disciplines and explore. Plus there are things, like Phone Phreaks, who hack into the Phone Companies network (System/Network Hack), in order to control the phone lines; what's that, a phreak or a network hack? I'll write more on each of the style of hackers, and tell my little stories in each of the subgroups, what I've done and what I've seen. The objective is not to glorify what are crimes. Nor is it to rationalize or justify the actions. But maybe I can give people some perspective on what and why. Maybe you can learn what is really going on -- instead of the watered down black and white view of the world we get through our televisions and newspapers. Maybe if you understand "how to" a little, you can understand "how not to" or how to plug up holes. Certainly if you understand what is going on, you will probably fear them less (or more) -- but at least people will probably vilify hackers less.

More

You can read more about the terms or my exploits at:

Hacking

Hacking.jpg

It is not that hard to hack into a network/machine - far easier than people realize, yet far harder than the movies make it seem. It can get very complex -- but there are usually "easier" in's that the hard brute force methods. There are many levels to a break in -- from the ballsy "impersonating an employee" and just walking around a company (badges are easy to create, and don't slow most people down) -- to stealing network traffic and analyzing it. There are thousands of ways to get in, and the more complex the counter measures, the more potential holes there are (but the harder they may be to find).

Cracking

Piracy.png

Cracking is the black art of removing copy protection from other people's programs. There are many "pirates" (people that use software without buying it) -- but far fewer crackers. Cracking requires enormous dedication and patience. It was far easier in yesteryear (systems were simpler) -- but now days there are better tools, so in some ways that makes it easier.

Cracking is often a battle of wits and patience, where the cracker removes all of the copy-protection code or figures out ways around it. At least it is a game for the cracker -- the companies that have their software cracked find it far from "fun" or "amusing".

Phreaking

Phreaking.png

Are you out of your phreaking minds?

Phreaking is when people (hackers) figure out how to break the phone companies security, to get access to control the phones. Most often used to make free phone calls, or get operator powers. Network hacking is breaking in (usually looking around without doing harm). Cracking is defeating copy protection in someone else's code. But there is far less moral ambiguity about phreaking -- almost all phreaks get free phone calls, and that is something the law (and the phone company) frowned upon -- seriously. The phone company dedicated resources to countering phreaking, and hunting down phreaks. It became the blackest of the black computer "arts", and through improvements in security, and commoditization of long distance phone call costs, it largely doesn't exist any more.

1998.09.07

More on Cyber Security and threats : Hack, Crack or PhreakCrackingEaster Eggs • Firewalls • Hacking • How Secure are you?PasswordsPhreaking • Privacy • Shopping • Virus, Worms, Trojans