proper list for net abuse discussions?

Owen DeLong owen at dixon.DeLong.SJ.CA.US
Sat Apr 3 17:10:21 UTC 1999


> > On Fri, 2 Apr 1999, TTSG wrote:
> > > 	We were hoping that "Hack-Track" would be the forum.
> > > 	Check out http://www.hack-track.com for instructions.
> > 
> > Shouldnt that be cracker-tracker. It might be excusable for techology
> > illiterate journalists to misuse the term "hack" but its inexcusable for
> > computer professionals.
> > 
> 	I'd rather not get into a discussion about this, since as an
> "ex-hacker" from 1978.... To me "hacker" is computer, "cracker" is software.
> 
> 				Tuc/TTSG
> 
> 
A hack is a clever (albeit not necessarily clean or well-structured) piece
of code or a hardware modification which performs some function, usually
added into some piece of hardware or software never intended to perform
that function.

A crack is the use of or a method to achieve the use of a system in a way
not authorized by the systems owner.  A hack can be used as a crack, but
a hack is not necessarily abuse, a crack is.

If you look at most of the common usages, this pretty well fits.  Until
recently, very few crackers wer not hackers as well.  Until the advent
of the web, it was not so easy for crackers to share their warez and 
methods with other less-experienced crackers.  This lead to a situation
where crackers pretty much had to figure things out for themselves.  The
web has changed that.  Now any hacker who develops a crack can easily
make the crack available to any number of crackers who wish to use it.
This has lowered the barrier of entry for crackers substantially.
Unfortunately, the media has continued to use the therm hacker as
if it were synonymous with cracker.

A hack, such as an email message which makes use of some vulnerability
in sendmail to cause the system to notify the administrator that his
sendmail is vulnerable, for example, is not a crack.  However, if
someone were to run it against a number of systems that he was not
authorized to test for this vulnerability, that would then be a crack.
Also, software which allows one to violate license enforcement provisions
in other software is a crack.  Again, it creates an unauthorised use.

Owen




More information about the NANOG mailing list