Misplaced Pages

Revision as of 20:22, 26 December 2007

A Hacker is a general term in computing that refers to a computer programmer who takes advantage of the faults in the design of computer software or hardware (commonly referred to as "weaknesses") in order to:

1. gain further knowledge about the internal workings of the software or hardware,
2. gain access to some previously locked or hidden function of the software or hardware,
3. disable some previously functioning part of the software or hardware so that it no longer works in the way it was originally intended, or
4. command the software or hardware to perform an additional task that it was not originally designed to do.

As a hacker's activities commonly (but not always) involve reverse engineering or direct modification of the software or hardware without the manufacturer's knowledge or authorisation, hacking often violates existing Copyright and Patent laws in many countries. A hacker's activities also frequently include the exploitation of a weakness in software or hardware to, for example, command the software or hardware to perform a malicious action against an individual or organisation. While reverse engineering software or hardware to gain further knowledge about its internal may not be considered a crime, malicious acts arising from the exploitation of any weaknesses found are considered crimes and are even considered as terrorist acts in some countries. For these reasons, hacking, the activity of a hacker, is considered a crime under law in most countries especially United States Law. Numerous hackers have been, and continue to be, prosecuted for their actions, some even becoming infamous through the reporting of their activities in the media.

The word Hacker is a general term within the field of computing and there are more specific terms in use, particularly just within the United States, to describe the different types of hackers and the different kinds of software and hardware that they find weaknesses in. These different types of hackers are listed briefly in Section 6 of this arcticle, however, to read in detail about these different kinds of hackers, please consult Hacker (disambiguation) or Hacking.

Overview

The hacker of the late 1950s to the early 1970s was originally known for applying expertise and skill to getting the maximum benefit out of hardware and software. These hackers were computer enthusiasts who were highly respected and their skills helped the software and hardware industries to advance very quickly in the early days of computing. However, hackers in general quickly became associated with crime as some of them applied their considerable expertise to illegal activities such as:

• the theft of assets (e.g. money or information)
• the use of services (e.g. telephones) without paying, and
• performing malicious deeds against, or causing material damage to, corporations and government institutions (e.g. espionage).

Within the Computer User clubs and IT-related Universities in the United States of America, there is currently a debate about the usage of the word hacker within US Academia and there is a proposal that it should only be associated with its original expertise-oriented meaning. To read in detail about this debate, and the issues involved, please see the article Hacker Definition Controversy.

The Dawn of the Hacker

As early as the mid 1940s, the American Government was sponsoring projects to build huge mainframe computers to forward research into processors and possible applications of those processors. One such project was a US Navy contract initiated during World War II for a flight simulator computer. The computer took so long to design that, by the time the designs were completed, the war was over and the US Navy had lost interest in the project. However, the Massachusetts Institute of Technology (MIT) in Cambridge, Massachusetts, USA, took over the designs and built just the computer. The result was the MIT Whirlwind computer. The MIT Whirwind computer is said to have been the first ever computer to have a full-screen graphical display and it was this feature that led programmers of the huge mainframe (four floors of a two-storey building) to exercise their skills and stretch the capabilities of the computer to perform tasks that it was not originally designed to do. One such programmer, George Yale Cherlin, Ph.D, became famous amongst the Whirlwind project's 175 staff when he and some colleagues together managed to use the military-designed mainframe to create a graphical, real-time, simulation of the physics of a bouncing rubber ball. Cherlin's expertise in programming at that time can certainly be considered one of the earliest acts of hacking in the original good sense of the word.

The First Hardware Hackers

While US universities, like MITs Artifical Intelligence Laboratory, continued to push the boundaries of processors and the software running on those processors, industrial applications of the new technology were also being pushed. However, while software was advancing at a very fast pace, the first recorded hacking attempts were on simpler electronic machines that were designed to perform only a single task. Among the first such machines were the part electronic/part mechanical US telephone exchanges and it was in the late 1950s that a young boy called Joe Engressia first managed to hack one of these exchanges.

Engressia was born in 1949 and was blind from birth. As a result of this, however, he was endowed with other amazing talents, one of which was Perfect Pitch. Perfect Pitch is the ability to be able to repeatedly, and exactly, generate a tone of any frequency through singing or whistling. He discovered by accident at the age of just eight years old that the US long-distance telephone exchanges responded to a special "line-idle tone", a 2600Hz frequency tone internal to exchanges that indicated a long-distance line was available for use. The tone was important as it was used by the exchanges to detect when calls had finished, and therefore was used to calculate telephone bills. If a freephone number was dialled, the local exchange would search for an available long-distance line and mark the call as free. Once the long-distance line had been found, generating the 2600Hz idle tone would make the long-distance exchange think the line was idle and it would stop billing the call. However, the local exchange was still connected and any number dialled would then not be billed. Every time Engressia wanted to make a free long-distance call, he would simply whistle into the telephone receiver and receive his free call.

Soon after, in the early 1970s, another man called John Draper discovered the same tone was generated by a toy whistle that came free with boxes of breakfast cereal. Draper blew the whistle into a telephone receiver and also received free calls. Draper become somewhat infamous for envanglesing the technology to be able to cheat the telephone companies without actually using the technology himself. He even gave hacking classes and workshops to his fellow inmates whilst in jail and gave practical demonstrations of his hacking techniques using prison telephones.

Both Engressia and Draper were arrested and convicted (Draper on multiple occasions) for their hacking of US telephone exchanges and even became infamous in the local newspapers of the time. Engressia died on August 8th, 2007, however, both Engressia's and Draper's activities inspired a whole division of hacking focussed on telephone systems that would later be called Phreaking.

Emergence of Software Hackers

During the 1960s and 1970s, computers were too expensive to buy for the majority of normal people. However, this all changed in the late 1970s and the 1980s with the worldwide home computer revolution. Corporations and individuals alike rushed to create machines for hobbyists to use and experiment with in their own homes and many brands like Apple, Commodore, and Tandy/Radio Shack were born. Many hobbyists rushed out to buy a computer and one such person was a young boy called Kevin Mitnick.

Long before he used a computer, Mitnick had already been involved in hacking when in 1976, at the age of just 13, he managed to hack the bus ticket system in his hometown of Los Angeles, USA to get free bus rides. The system relied on tickets with punched holes in them and Mitnick, using his own specially-made hole punch, was able to cheat ticket machines and travel to any destination he wanted within the Los Angeles area free of charge. By 1982, at the age of 19, he was proficient enough with a computer to be able to hack into the US Government's North American Aerospace Defense Command system (NORAD), a military surveillance system. Although no damage was done and no criminal charges were brought, it is this incident that is widely believed to have been the inspiration for the 1983 film WarGames, a story about a young boy who hacks into a government computer and accidentally starts a launch countdown for some nuclear missiles. In 1988, however, Mitnick went one step further and hacked into the computers of an IT company and illegally downloaded $1m of the computer company's software. The case, brought to court by the computer manufacturer Digital Equipment Corporation, was sucessfully prosecuted and Mitnick received one year in prison in 1989 for his crime.

Mitnick has been jailed on multiple occasions and his reputation as a hacker, plus the rumour that the 1983 film WarGames was based on Mitnick's own experiences, has turned him into a cult figure. Mitnick, having served his sentences, now provides his skill and expertise as a security consultant for is own legitimate internet security firm. However, Mitnick has found himself, ironically, the victim of several successful hacking attempts, bringing much embarassment to the person they once used to call "the most wanted computer hacker in the world".

Difficulties in Prosecuting Hackers

The 1980s and the 1990s saw a revolutionisation in the computer industry that resulted in computers filling every office and touching every aspect of our lives. Whilst technology has continued to advance to bring the world faster and cheaper computers that are in everything from car engines to mobile phones, and the software security to protect those computers has also been advancing, the hackers have also been evolving their techniques to break the new, stronger security.

In August 2007, a 17-year old teenager named George Hotz hacked a mobile phone so that the software restricting its use to a single mobile phone network was disabled, enabling the phone to be used on any rival mobile phone network. Apple Inc.'s iPhone mobile phone handset was announced in an exclusive partnership will US mobile network provider AT&T Wireless in January 2007. Although software in the handset made sure that the iPhone could only operate on AT&T Wireless's network, the phone presented a challenge to hackers who wanted to use the phone on other providers' networks. Hotz was the first person to hack the phone using a combination of software and hardware modifications and he demonstrated his modified iPhone handset working on AT&T Wireless's rival T-Mobile's network.

Whilst Hotz was congratulated by hacking communities everywhere, Apple and AT&T Wireless were not happy, although Hotz appears to have been spared going to court when he stated in interviews that he didn't want to sell his hack. Instead, he was consulted by Apple as to the nature of the hack and Apple soon released an update to the phone's software that was claimed not to include the weaknesses that Hotz had managed to exploit. However, companies and other hacking firms that did try and sell Hotz's hack were approached by Apple's lawyers who successfully blocked the firms from selling the hack citing copyright infringment and reverse engineering, something that is considered illegal through such legislation as the United States Digital Millennium Copyright Act .

Hotz's actions highlighted the difficulties that software and hardware companies face when trying to prevent hackers from reverse engineering their work. While corporations struggle to protect their inventions and business strategies, hackers everywhere are struggling equally hard to try and reverse engineer those inventions for their own profit or gain. One of the reasons why Hotz wasn't brought to trial was because of sections of the US Digital Millenium Copyright Act that appear to permit software or hardware to be reverse engineered and modified without the original manufacturer's consent, where the modification allows the product to interoperate with other programs in the manner for which it was originally intended. This was important, as Apple's iPhone was originally designed to be used on every provider's network in the world although this design was limited to AT&T's network using special security software. Thus, as Hotz's modifications to the iPhone did not change the iPhone's original purpose, and the modifications allowed the phone to interoperate with another provider's network, both Apple and AT&T found it difficult to prosecute the teenager, a situation that neither corporation was happy about.

The Evolution of the Hacker

As the software industry has evolved over time, it has become an industry with many different areas of expertise. Along with the expansion of the industry has come an expansion in the number of specific terms in use, particularly just within the United States, to describe the different types of hackers and the different kinds of software and hardware that they focus on.

The different types of hacker that exist today are listed in the table below.

As the number of hackers has increased, and the seriousness of the hacker's crimes has also increased, groups of programmers within US Academia and the homebrew clubs have been trying to distiguish and distance themselves from the criminal hackers and the criminal image of hacking. These groups are trying to reestablish the use of the general word "hacker" in its original sense - i.e. as a person who exercises great skill in creating or modifying software and getting the maximum benefit out of it. To read about this discussion in detail, please read Hacker Definition Controversy.

Techniques of the Hacker

There are many techniques that the Hacker uses to engage in his or her activities, and new methods are being continuously being devised and discovered. Each method is designed to exploit a particular kind of weakness and a hacker may use one method, or many methods in combination with each other, to achieve their objective.

Although there are many different techniques and technologies, most techniques can be split into a small number of distinct categories which are listed below:

The Influence of Hackers on Everyday Society

The effect of hackers on the way we live our lives has been significant. Software, although reliable at performing the same task identically millions and millions of times, now has to be protected against hackers who want to modify it so it repeatedly performs a different, often malicious, task. Furthermore, as the protection that is used is itself a target for the hackers, technology that can automatically detect when the security has been broken has also had to be developed (for example, a CD player detects when a copy of a CD is being played instead of the original purchased CD).

In the modern world, software is operating every minute of every day making sure that actions performed by machines on behalf of individuals are only performed when properly authorised to do so. For example, the action of withdrawing money from a bank using a card must only be done by the authorised card holder, and special software in the form of smart cards attempts to protect stolen bank cards from being used. Another example might be a company who wants to protect the copyright of its products and in this case the software could be protecting the product from being copied illegally, or from being used in a manner that the company explicitly forbids (like using a mobile phone handset on another company's network). At the same time, however, hackers are trying their best to devise new techniques based on Trojan Horses, Viruses, and Worms to find and exploit weaknesses in software so that they can use your stolen bank card or they can use that mobile phone on another provider's network. Thanks to the skill and expertise of engineers in the IT industry, though, this conflict remains largely hidden and does not affect normal people in all but the most extreme cases.

As hackers' techniques advance further still, software design is also advancing so that software can withstand the attempts of hackers to reverse engineer or modify the software. One of the biggest challenges facing all sections of the computer industry is how to implement software so that the copyright of works, or access to personal information, can be protected from hackers without making software products so complicated that they become unusable, bringing the lives and jobs of ordinary people to a standstill.

References

1. United States Department of Justice - 18 U.S.C §§1831-1839 Theft of Commercial Trade Secrets
2. United Kingdom Office of Public Sector Information - Terrorism Act 2006 ¶16
3. United States Department of Justice, Computer Crime & Intellectual Property Section - Summary of Computer Crime Cases
4. United States Department of Justice, Computer Crime and Intellectual Property Section - Press Releases
5. $70M bank scam foiled; 7 charged - USA Today Newspaper Archives, 19th May 1988
6. Police Swoop on 'hacker of the year' - The Sydney Morning Herald, 15th November, 2007
7. Dangerous Decisions: Problem Solving in Tomorrow's World - Enum Mumford. ISBN-13: 978-0306461439. Pages 161-165 (paperback)
8. ^ Edward Cherlin, Simputer Evangelist and son of George Yale Cherlin, Ph.D, courtesy of www.oldcomputers.com
9. ^ New York Times, 20th August 2007 - "JoyBubbles, 58, Peter Pan of Phone Hackers, Dies" (Online Version: delete cookies before viewing)
10. ^ Origins of Phreaking - Gary Robson
11. ^ John Draper interviewed in early 1995 by Tom Barbalet, software programmer and Co-Chair of Intellectual Property Rights Special Interest Group
12. ^ The Trials of Kevin Mitnick - CNN Special Report, 1999
13. Biography of Kevin Mitnick - Courtesy of Takedown.com
14. Prominent Hacker Mitnick Hacked - BBC News Online, 11th February, 2003
15. ^ Teenage Hacker Unlocks the iPhone - BBC News Online, 25th August, 2007
16. Apple Inc. Press Releases - Apple Chooses Cingular as Exclusive US Carrier for Its Revolutionary iPhone, January 7th 2007
17. Legal Threats Halt iPhone Crack - BBC News Online, 28th August 2007
18. ^ The Digital Millenium Copyright Act of 1998, U.S. Copyright Office Summary - Library of Congress
19. The Digital Millenium Copyright Act of 1998, U.S. Copyright Office Summary - Library of Congress. Page 5, exception 2
20. Library of Congress, United States Copyright Office - Fair Use
21. The Library of Greek Mythology - Apollodorus (translation by Robin Hard) ISBN-13: 978-0192839244
22. How Viruses Work - Craig C. Freudenrich, Ph.D. Courtesy of How Stuff Works
23. The Shockwave Rider - John Brunner ISBN-13: 978-0345324313
24. Xerox Parc - Innovation Milestones
25. The "Worm" Programs - early experience with a distributed computation. Shoch, J.F and Hupp, J.A. Palo Alto Research Center NY: ACM; 1999; 19-27
26. Symantec Corporation: Security Responses - W32.Blaster.Worm

Notes

• Long-distance telephone calls are calls made within the United States where the number being called is in a different state to the caller's number. See Long Distance (US) for more information.
• US Copyright Law, of which the DMCA is an extension, states "fair use" as using a work (in this case, the iPhone hardware and software) in a way that does not infringe the way in which the original author (in this case, Apple Inc.) "expressed themselves". The modified iPhone was identical is appearance, features, and function to the original iPhone, so use of the modified iPhone could have been argued to constitute "fair use".
• Markus Hess, a German hacker who lived in Hanover, Germany, breached the security of at least 24 US military computers between 1986 and 1989. He was jailed for stealing United States military secrets and for later selling the secrets, and the hacking techniques used to steal those secrets, to the KGB in return for money.
• Joe Engressia's legal name was "JoyBubbles" as from 1991.
• Freephone (United Kingdom, Australia), Freecall (New Zealand) or Toll Free (United States, Canada) numbers are telephone numbers that can be dialled free of charge. Typically, these numbers contain the sequence 800 in the code. These numbers are commonly used by companies to provide complementary services, and by governments to provide information and support.
• Users of the iPhone in the United States actually make their contracts with AT&T Wireless. However, the alliance to develop and market the iPhone was between Apple Inc. and Cingular, a US mobile network provider who bought AT&T Wireless in February, 2004. (CNN Money news report).
• A homebrew club is a term used in the United States to describe a club for computer hobbyists. The name homebrew is taken from the name of the most famous computer club in the US, the Homebrew Computer Club, where such people as Steve Jobbs and Steve Wozniak (co-founders of Apple Inc.) were members.
• The opposite of engineering. Reverse Engineering is the process of examining a finished software or hardware product and taking it apart in order to find out it was originally constructed.

External Links

• www.old-computers.com - The Old Computer Museum (history of most computers manufactured from 1951-1995)
• Viruses & Risks Symantec Corporation

• Computer hacking
• Computing culture
• Crime
• Criminals