Is The Line Between 'Hacker' And 'Criminal' Really That Fuzzy?
from the only-if-you-don't-really-understand-stuff dept
We recently wrote about a series of cases where young computer hackers were either charged or threatened with criminal charges for doing things that don’t seem particularly criminal at all. The NY Times now has a blog post on more or less the same subject, but focusing on the “fuzzy and shifting line between hacker and criminal.” While it’s good that more attention is getting paid to these kinds of questionable cases, I wonder if that framing is really accurate. I don’t think there’s a “line” — fuzzy, shifting or not — between “hacker” and “criminal.” The two things are different. Can you be a criminal hacker? Sure. But the problem is that many non-techie folks seem to assume that any kind of hacking must be criminal. And that’s the problem. It’s not that some imaginary line is moving around, but that some people don’t seem to understand that hacking itself is not criminal, and that there are plenty of good reasons to hack — including to expose security holes.
Filed Under: cracker, criminal, freedom to tinker, hacker, intent
Comments on “Is The Line Between 'Hacker' And 'Criminal' Really That Fuzzy?”
This line sums it up best...
“Whew! All this computer hacking is making me thirsty, I’m going to order a tab.” – The Simpsons
Re: This line sums it up best...
….and fire up the IMSAI
I don’t think there’s a “line” — fuzzy, shifting or not — between “hacker” and “criminal.” The two things are different.
. . . some people don’t seem to understand that hacking itself is not criminal . . .
You could replace “hacker” with “Muslim” and “criminal” with “terrorist” and find tons of folks in that camp as well.
But then, what kind of a world would it be if there weren’t people everywhere with unfounded beliefs and opinions…
Re: Re:
…A world without humorous happenings?
I have to say i’m kinda in their boat that “Hacking” is against the law, but then again you have to look at the definition of hacking. To me, hacking is “gaining unauthorized access to another computer.” While your intentions may be honorable in reporting bugs later, if you manipulated your way into a system without others authorizing you to do so, you have broken the law.
It’s like a stranger throwing a brick through a store window, walking inside, walking out, and then coming back the next morning and telling the store owner that he should have used laminated glass.
But I am somewhat mixed about this because I don’t think the people that expose these vulnerabilities responsibly should be repremanded (Like telling the business before going public, and waiting a reasonable amount of time for them to have a fix). But there are others that find the hole and immediately take to the internet to get their 15 mins of fame, and put the users of the service at real risk.
Re: Re:
The problem with that is that Andrew Auernheimer didn’t gain unauthorised access to another computer. There was no authorisation at all! He just incremented the ID he was passing to the public API, and got device owners’ email addresses by doing so.
It’s not really analogous to throwing the brick. It’s more analogous to discovering the lack of glass in the store’s windows.
Re: Re: Re:
By the logic applied in this case, a person sitting in a car using an open WIFI can be charged with a felony if the do not have the WIFI owners permission to use it.
Re: Re: Re: Re:
That’s called Wardrving, and Warc Chalking… its technically illegal.
Re: Re:
Your definition is incorrect.
Re: Re: Re:
But that’s kinda my point, Hacking has different meaning to different people…
To me, a DDOS isn’t ‘hacking’ to mainstream media it is.
To me, sending different GET data to a web server isn’t ‘hacking’ its just a poorly designed website… to law enforcement it is.
To me, sending specialized packets designed to trick an SQL server to give you access without the proper username and password… is hacking… you have now gained elevated user access to someone else’s system without their authorization…
But this is my perspective. Without a standard definition of ‘hacking’ you can’t have the conversation of whether ‘hacking’ is criminal or not.
Re: Re: Re: Re:
People do have a lot of different definitions for the word “hacking.” the problem is that all but one of those definitions (including yours, apparently) are wrong. Use the correct definition and there is no misunderstanding.
Re: Re: Re: Re:
“Without a standard definition of ‘hacking’ you can’t have the conversation of whether ‘hacking’ is criminal or not.”
Indeed. So perhaps the first thing to do is to allow people who know what they’re talking about to define it, rather than tabloids?
Re: Re: Re:2 Re:
Oddly enough, the hacker community has a term that covers this kind of thing – it’s called cracking. White hats hack, black hats crack.
Re: Re: Re: Re:
“Hacking has different meaning to different people…”
When it comes to law enforcement there should be one clear and accurate definition. Any other meanings would be irrelevant.
Re: Re:
So, what you’re saying that if you redefine words to mean something other than they were originally intended, you can accuse them of all sorts of crimes! Brilliant. I will now redefine “locksmith” to mean “burglar”, “mechanic” as “car thief” and “soldier” as “assassin”. After all, they can all use those skills in those ways, right?
I know what you’re saying, but your definition is so far off the mark from its intended meaning, it’s barely usable.
Re: Re:
“without others authorizing you to do so, you have broken the law.”
I can see no compelling reason what-so-ever that this would be a crime in and of itself. Tort? Maybe you could argue that. Crime? Not seeing it. For an actual crime I think you’d need to be hacking in connection with an actual crime.
If you are doing your hacking from your basement in your underwear – Criminal
If you are being paid handsomely by law enforcement agencies to do your hacking – Not criminal
Re: Re:
Dang it, I knew I should have just done my hacking in the buff.
Re: Re:
What if I put on pants?
We already lost that battle
Us hackers started fighting this semantic battle at least 25 years ago, and although it’s not completely lost, we’ve not fared well. Remember the attempt to replace using “hacker” in the sense of “someone who breaks into computer systems” with the word “cracker”?
The fact is that, as the article points out, hacking is a mindset and activity that is not correlated with criminal activity. It’s not even correlated with computers. A “hacker” is a person who is interested in how things work, any things, and spends time figuring them out.
Every scientist, for example, is a hacker.
Re: We already lost that battle
Yes, and unfortunately, even technically capable people are using “hacker” in a derisive way these days. A few weeks ago I overheard a colleague call a horrible software patch a “hack.” That would be a “kludge.” A “hack” is an artful piece of code.
Re: Re: We already lost that battle
It’s funny you bring this up — I had this exact discussion with a coworker just yesterday.
Modern Tinkerers
Hackers are the tinkerers of the modern age. The inventors, the builders, the creative yet practical thinkers in a technological world. Watt, Savery, Fulton, and Whitney were all hackers of an earlier era. Were would we be if we had considered them criminals. Were are we going now if we consider hackers, the ones that don’t actually break the law, to be criminals nonetheless.
Re: Modern Tinkerers
Yes. Hackers are indeed the inventors and builders of the modern age.
That is why Hollywood wants the word that describes them to be a negative and undesirable slur.
What industry would you suppose might be most responsible for the word Hacker having lost its original positive meaning to have the currently well known negative meaning?
“Expose” and “exploit” both start with “exp”, so they must be equally criminal!
And come to think of it, “explode” starts with “exp” too! The hackers must be planning to blow up the White House! Terrorists!
Quick, we need to give the TSA another billion in tax dollars so they can keep terror hackers from using their terror smartphones (terrorphones?) to crash planes into the White House! Otherwise it’ll be cyber-9/11! WON’T SOMEONE THINK OF THE CHILDREN???
Meaning of the term "hacker"
A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary. RFC1392, the Internet Users’ Glossary, usefully amplifies this as: A person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular.
See more meanings in:
http://www.catb.org/jargon/html/H/hacker.html
Crimes should have sharp, bright lines
The boundaries of what is crime should not have fuzzy borders. The boundary of what is and is not a crime should be a sharp, bright line that is easily recognized.
Re: Crimes should have sharp, bright lines
But then it is so much harder to make examples of people the government doesn’t like.
Re: Crimes should have sharp, bright lines
…but not rounded corners.
Part of the problem is that corporate interests have gotten laws with draconian punishments passed that criminalise mistakes. These have been coupled to a prosecution system that values headline punishments. This is coupled to a management attitude that any data leaks from their system must be due to criminal activity.
The problem is that badly written laws have blurred the line between legal and illegal behaviour by definitions so broad that reasonable actions can be viewed as illegal.
Why everything is becoming a crime
The owners of the government need everything to be a crime, or everyone to be a criminal so that they have an effective workable mechanism to rant “Off with their heads!” whenever any of the little people offend them with some slight.
It’s part of the same underlying problem as High Court vs Low Court.
Re: Why everything is becoming a crime
The new arrogance same as the old arrogance with more ability to spy on people and cut off the heads of their own kind. Its now a sport, especially since foxhunts were deemed inhumane and the cost of speaking out or up could cause one’s picture on their driver’s licence to disappear. I’m KIDDING!! X:-0
Re: Re: Why everything is becoming a crime
The tools of the new political aristocracy. Just like the old aristocracy only “term-limited.”
Well, people call me a hacker because I can deal with simple visual basic coding.. I’d say the entire thing is fuzzy for the mainstream…
“Hacker” the 21st century equivalent of “Witch”.
The problem is there is a fuzzy line between ‘Alive’ and ‘Criminal’. Do not worry though, work is being done every day to resolve that line into being synonymous terms.
Hacking is a method and philosophy of interacting with technology.
Lockpicks are a way to interact with locks. The fact that some people who know how to use lockpicks use them to break the law does not mean that all professional locksmiths are criminals.
I remember a time in the mid-70’s when one of our clients locked his keys into his late ’60’s Toyota. It took me maybe 5 seconds to pick the door lock and provide him entry. From that day forth, my boss regarded me as a potential thief, simply because I knew how to pick locks. Technical “geeks” of all flavors are in the same boat because, like my boss, if the general public doesn’t understand it, it must be witchcraft and/or illegal.
The term “hacker” has lost all of its original meaning on 15th September 1995. For more information look at http://www.imdb.com/title/tt0113243/
Re: Re:
…and we all know how realistic that film is! It certainly fits with the fantasy version of the term presented by tabloids, but I think laws should be based on something more associated with real life.
Are we letting movie titles define words now? This film must make family life uncomfortable if that’s the definition you have to give your mother and father – http://www.imdb.com/title/tt0098068/
Re: Re: Re:
Society defines, what a word means, by using it in a certain way. You can’t reverse these processes by using it in a different way. You can try, but people will always hear, what they want to hear, and what fits with their perspective of the universe. It’s a lost cause. Same happened to “Kung-Fu” and “Parkour” and many other terms…
Peaceful Protest, Hacking & Cookies
A lot of it seems more like peaceful protest than hacking to harm..
Hell, every corporation and cowboy(girl) and JoeBlow wants to sneakily place cookies in our PCs(Personal Computers in case you forgot) all over the planet. For exactly what, seems more nefarious to me.
Hacking Vs. Cracking
basically what I learned in a basic computer course (I believe it was intro to various OS’s?) is that hacking is pretty much anyone who writes code, of any kind. cracking is what most think of as hacking, typically malicious, writing virus’s, stealing sensitive information, etc. though even cracking, if done in a security type situation, can be perfectly harmless and legal.
HACKING
For me, probably the most nontechnologically oriented person on the planet, hacking is very costly. I’m on social security (I know, your thinking boo-hoo), but hacking is very costly to fix. So far it has cost me hundreds of dollars and not sure if it is fixed or not. Have to hire the next crook in line — who claims to be a computer wizard– find out he isn’t, pay him for screwing things up worse, and then deal with the next one in hopes they are honest.