Computer Science Canada

What is the CS definition of hacking?

Author:  Sniper4Life [ Sat May 09, 2009 5:58 pm ]
Post subject:  What is the CS definition of hacking?

I have a question that seems very dumb to me, but I'd like to ask the CompSci community anyways. What is the CS definition of hacking? For example, when one hacks a video game. What is the hacker doing to make this new "hack?" How is he breaking the system and making it so that a character can fly in a game where there is only walking?

* I don't plan on hacking any games, as hacking ruins the fun for other players. Also...its not challenging if you hack. Very Happy

edit:
From what I know the hacker must decompile the code, and then recreate so that the character can now fly. This doesnt seem like enough for me.

Author:  saltpro15 [ Sat May 09, 2009 6:58 pm ]
Post subject:  RE:What is the CS definition of hacking?

Decompiling code into a source readable by humans is impossible...

if you can get the source somehow you can write mods for it, but you can't completely change the entire structure of a game

and don't even get into hacking....
it's not so much fun when you have to sit in a corner every time your class goes to the comp lab >.>

Author:  Sniper4Life [ Sat May 09, 2009 6:59 pm ]
Post subject:  RE:What is the CS definition of hacking?

I also understand the difference between a hacker and a cracker... a cracker is one who breaks the work of a hacker. He makes unethical decisions and uses his higher intelligence to break down modern society, rather than help it. Excluding the intelligence, a hacker is quite the opposite.

just wanted to make it clear i understand the difference so i dont have peoples telling me what a hacker IS

i
want to become a hacker
i hate
crackers

Author:  saltpro15 [ Sat May 09, 2009 7:06 pm ]
Post subject:  RE:What is the CS definition of hacking?

well then, join blackhat-forums, just google that

start reading, enjoy prison

Author:  Sniper4Life [ Sat May 09, 2009 7:09 pm ]
Post subject:  RE:What is the CS definition of hacking?

god saltpro...dont be so skeptical...like seriously...are you even reading what im writing?
I
WOULDNT
EVER
HACK*
not even a little RPG game on the internet

*i wouldnt hack according to what YOU and the general public think is hacking

Author:  Sniper4Life [ Sat May 09, 2009 7:10 pm ]
Post subject:  RE:What is the CS definition of hacking?

i dont plan on doing anything illegal

now if i dont do anything illegal...why would i go to jail?

Author:  Tony [ Sat May 09, 2009 7:14 pm ]
Post subject:  Re: RE:What is the CS definition of hacking?

saltpro15 @ Sat May 09, 2009 6:58 pm wrote:
Decompiling code into a source readable by humans is impossible...

Maybe you simply haven't tried hard enough? Wink

also, what about whitehat? More commonly known as "Security Researches", such as the guys profiling the latest worm threatening to wreak havoc on the internet. Those are important positions to fill.

For the most part, the only difference between blackhat and whitehat is who signs your paycheque. The concept of morals and ethics mentioned is often what influences the decision as to who to take that paycheque from.

Author:  saltpro15 [ Sat May 09, 2009 7:28 pm ]
Post subject:  RE:What is the CS definition of hacking?

trust me, doing ANYTHING, ANYTHING at all that could involve hacking or circumventing security in any way is enough to get you imprisoned. I'm banned from my school network because I broke the admin, logged into netSupport and started remote-controlling screens. hilarious yes. stupid yes.

If you really are interested... pm me. but I caution you, it's a slippery slope.

and Tony, that was you who told me decompiling code into the source was impossible :p maybe I misunderstood

and yes, white-hat security researching is an option, it's somewhat boring though. I found this great site once that was set up simply for you to hack it, and it got more and more difficult every tine you did it. I lost the url through Sad I believe there is actually a university course that teaches security researching and hacking techniques, I think it was at the University of Arizona, or maybe Arkansas, something like that :p
It's been a while since I was involved with this...

Author:  Sniper4Life [ Sat May 09, 2009 7:32 pm ]
Post subject:  RE:What is the CS definition of hacking?

im sure ive got a decent level of self control to stop myself from doing that Very Happy

and yes Very Happy
hilarious Very Happy

Author:  Prabhakar Ragde [ Sat May 09, 2009 7:37 pm ]
Post subject:  RE:What is the CS definition of hacking?

The good kind of hacking:

http://www.catb.org/~esr/faqs/hacker-howto.html

Author:  Sniper4Life [ Sat May 09, 2009 7:41 pm ]
Post subject:  RE:What is the CS definition of hacking?

lol haha ragde i read that article ^^

yes
the good kind of hacking

Author:  Tony [ Sat May 09, 2009 8:00 pm ]
Post subject:  RE:What is the CS definition of hacking?

@saltpro15 -- your bad experience came from a bad decision. Whitehat does have some limitations (ad hoc "security probing" is a very gray area), but there is so much to the field; I wouldn't say it's boring.

Re: decompiling code -- it's a topic for a separate discussion. You could start a new topic if you are interested.

Author:  Sniper4Life [ Sat May 09, 2009 8:02 pm ]
Post subject:  RE:What is the CS definition of hacking?

could you explain black hat to me?
from what i read its somewhat the same as whitehat except its unauthorized
i knew whitehat excisted but nvr black hat...so could you explain it a bit?

Author:  Tony [ Sat May 09, 2009 8:10 pm ]
Post subject:  RE:What is the CS definition of hacking?

I think you got it. The idea behind hats is that the skills required are the same, and a hacker can choose to wear one "hat" or another, to decide what side of the game they will play on.

Blackhat is typically associated with "evil" -- breaking systems for personal gain.

Whitehat is typically associated with "good" -- breaking system to make them stronger.

Author:  saltpro15 [ Sat May 09, 2009 8:13 pm ]
Post subject:  RE:What is the CS definition of hacking?

blackhat is pretty much anything that could get you in trouble
like accessing secure information (passwords,credit card #'s, nuclear launch codes (if you're really l33t >.>)
or stuff like packet injection
DoS'ing

you don't want to to do those

btw! found that link, enjoy
not really hacking, but it does get challenging after a while
p.s. look at the source if you're stuck Wink

http://www.hackertest.net

Author:  Dan [ Sun May 10, 2009 1:22 am ]
Post subject:  RE:What is the CS definition of hacking?

The traditional deftiontion of "hacker" and "hacking" in terms of computers was some of who codes, learns or expolores computer systems for fun.

It can also mean a curd style of coding or making a work around of some sort.


The meida has made the word "hacker" into a label they throw at anything computer securtiy realted and has mostly deluited the meaning so it can fit anything from black hat to programmer.


There are also some subdivions that are commonly used:

Script Kiddy: Some one who just uses know expolites or permade security tools to do blackhat things. An example would be most DDoS attacks.

Cracker: Some one who breaks security, encryption or DRM. Noramly for blackhat reasons. An example would be the teams that make cracks for software or key gens.

Phreaks: Phreaking, an old form of "hacking" invloing the playing of sounds in to phones to get free calls and did other things invloing public telephone networks. An example would be Kevin Mitnick and Blue boxes.

Social engineering: This would be attacks that are more on the person/user then the software and tick them into giving you personal information, passwords and other information. An examples would be phishing.

Hacktivist: Some one who uses tehcnogly to push a point of view or ideal. Noramly this is threw blackhat means and invloes defacing sites and DDoS.

In addtion to black and white hats whitch tony talked about there are also peoleop who identify them selves as grey hats witch is some where inbetween. Noramly they don't cause real haram but are not above harmless mayhem for the fun of it.


There are alot of other terms and subdvisions but they could all be called hacking in one way or another. Personaly i would say hacking is either the traditional deftiontion or finding new securty expolites.

I also don't think any one is realy just a white or black hat and only invdual actiontions are moral or immoral (witch is also realtive to your point of view).


In any case if your goal is to be a "hacker" i recomend picking up some programming books and statying away from the "hacker tests" and black hat sites. The best way to learn about security topics is by studying programming, networks and cryptogrphy. Not by memorizing tricks posted on black hat fourms and using script kiddy tools.

Author:  Tony [ Sun May 10, 2009 1:40 am ]
Post subject:  Re: RE:What is the CS definition of hacking?

Dan @ Sun May 10, 2009 1:22 am wrote:
Social engineering

This reminds me... this talk: DefCon 15 -- No-Tech Hacking

http://video.google.com/videoplay?docid=-2160824376898701015

58:53, kind of low quality (can someone find a better version?), but super interesting to watch.

Author:  Dan [ Sun May 10, 2009 2:05 am ]
Post subject:  Re: What is the CS definition of hacking?

Sniper4Life @ 9th May 2009, 5:58 pm wrote:
What is the hacker doing to make this new "hack?" How is he breaking the system and making it so that a character can fly in a game where there is only walking?


This is noramly done threw using other peoleop's tools and scripts, so i would say they are using a hack and are a script kiddy. It gets a bit more blury when they made the tool or expolite them self.


Quote:

From what I know the hacker must decompile the code, and then recreate so that the character can now fly. This doesnt seem like enough for me.


Decompling code is done some times to reverse engenring things but it is almost never done on the fly and it is rarely recreated. What is done on the fly for games is RAM editing or packet editing/sniffing.

RAM editing is where the attacker edits the values of the game's memoery live. This can either be done by having the addresses of the values allready or searching for them and editing them live. This is more comanly done on consoles but there are tools for doing it on PC games as well.

Packet edditing/sniffing is where the attacker intercpects the packets the game is sending threw the network and then sending fake packets or editing packets. This is offten done with a tool called Winsock Packet Editor (WPE) Pro on windows.

After the attacker finds an expolite using those tools they may next make a script or tool that automates the attack witch is more comenly used by most "hackers" you find in games.

There are lots of other attacks that are common with games like save file editing, and editing the client it's self but theses are not done live.

Sniper4Life wrote:

I also understand the difference between a hacker and a cracker... a cracker is one who breaks the work of a hacker. He makes unethical decisions and uses his higher intelligence to break down modern society, rather than help it. Excluding the intelligence, a hacker is quite the opposite.

just wanted to make it clear i understand the difference so i dont have peoples telling me what a hacker IS

i
want to become a hacker
i hate
crackers


Thats not normaly the deffion of cracker, you can see my last post and this link: http://en.wikipedia.org/wiki/Crackers

saltpro15 wrote:

well then, join blackhat-forums, just google that


Not all hacks are blackhat and as i mentioned in my last post i don't realy buy into the idea that a person is binary in being a white or black hacker.

Tony wrote:

For the most part, the only difference between blackhat and whitehat is who signs your paycheque.


I would say the only difference is perspection of others in the socuity, unless it is one of the cases of some one just wanting to break things. I find the diffrence between script kiddy and "hacker" more intresting then if it was black hat or white hat (or some where inbtween). For example Conficker is largey adgreed to be on the black hat side of things but i find it extermaly intresting in how it was designed and the self updating nature (tho the expolite it used was allready known) where as the DDoS attacks agsinted some sites know to distrubuit virus and try to infect users that view them, well more on the gray or white hat side of things are rather boring.



saltpro15 wrote:

trust me, doing ANYTHING, ANYTHING at all that could involve hacking or circumventing security in any way is enough to get you imprisoned.


I know at least one CS prof that teaches a cryptogrphy and internet securtiy class here that would disagree.

Like all thecnogly "hacking" and finding expolites are neither good or bad but it's there use by peoleop and the perception of socity that means jail time of famus securtiy export giving interviews on CNN.


Quote:

I'm banned from my school network because I broke the admin, logged into netSupport and started remote-controlling screens. hilarious yes. stupid yes.


Well that is illgeal. It's the schools computer and network. Now if you did the same thing on your own network with the same software and reported it to the school and software devloper then i would find it unlikey that you could get into any legeal truble. When i was in high school i found serveral security issues with the schools network and software and rather then use them i reported them to staff and there reaction was mostly postive or they just did not care.


Quote:

and Tony, that was you who told me decompiling code into the source was impossible p maybe I misunderstood


It's noramly impossible to decomplie it to 100% the same source. Some langues don't complie directly to mashen code and make it easyer to do like byte code (java) and flash. However you still can't get back the names, labels, the order and structer of the code and comments noramly. With langues like C, C++ and ones that complie to mashen code it's unlikey that you will be able to get back to anything but assembly and the optmizations the complier applies make even that rather obfusicated.

Quote:

I found this great site once that was set up simply for you to hack it, and it got more and more difficult every tine you did it. I lost the url through


They can be fun but they generaly do a poor job at teaching anything seucrity realted and are more like puzles to solve and will almost never come up in real life.

Quote:

believe there is actually a university course that teaches security researching and hacking techniques, I think it was at the University of Arizona, or maybe Arkansas, something like that p
It's been a while since I was involved with this...


Most universites that have CS have courses in crytogrphy for sure as well networking witch would give you the theroy behind how moder computer security works but don't nessarly teach you how to "hack". Personaly i don't think universites should be teaching a "hacking" course, not becues i think it's worng to teach about but becues it dose not fit in with the theroy fouces of a university and should be a collage course.

Prabhakar Ragde wrote:

The good kind of hacking

http//www.catb.org/~esr/faqs/hacker-howto.html


I lost all respect for Eric when if first saw this way back when and read that he sugested that reading science fiction, going to science fiction conventions, martial-arts, meditation, music, puns and wordplay, your screen name, and spelling errors some how counted or where important in being a "hacker" under any use of the word. It's realy more of a guide on how to pose as a "hacker" and that reputation means more then skill, ablity, knowalge or even the code and software you have produced.

If you want to learn how to be a hacker, you should study CS, cryptogthery, networking and learn to be a good programmer and software devloper. If you want to look like a hacker and are all about style and respect over knowagle and real contrubtions then you can worry about Eric's guide.

saltpro15 wrote:

blackhat is pretty much anything that could get you in trouble
like accessing secure information (passwords,credit card #'s, nuclear launch codes (if you're really l33t >.>)
or stuff like packet injection
DoS'ing


Packet sniffing and injection is not black or white in of it's self. DoS is less likey to be used for anything good but it still can be used for security auditing and benchmarking. The real thing is if you have permsion to DoS the server/network and who's packets your sniffing.

Author:  Sniper4Life [ Sun May 10, 2009 10:43 am ]
Post subject:  RE:What is the CS definition of hacking?

The good kind of hacking

http//www.catb.org/~esr/faqs/hacker-howto.html

ya....i didnt like how it told you to have a hacker image....like...you dont need to like puns and go to science fiction conventions...to become a hacker...

Dan thanks for your reply Very Happy

Author:  Prabhakar Ragde [ Sun May 10, 2009 10:47 am ]
Post subject:  Re: RE:What is the CS definition of hacking?

Sniper4Life @ Sun May 10, 2009 10:43 am wrote:
you dont need to like puns and go to science fiction conventions...to become a hacker...


Well, science fiction conventions are a waste of time, but puns are essential.

Eric's point is that hacking goes beyond mere technical knowledge. And even on the technical side, there is an aesthetic component.

Edit: fixed tags (I think it's my Emacs reflexes being interpreted by phpBB)

Author:  Dan [ Sun May 10, 2009 12:07 pm ]
Post subject:  Re: RE:What is the CS definition of hacking?

Prabhakar Ragde @ 10th May 2009, 10:47 am wrote:


Well, science fiction conventions are a waste of time, but puns are essential.


That seems like a style over substance fallacy to me.

Quote:

Eric's point is that hacking goes beyond mere technical knowledge. And even on the technical side, there is an aesthetic component.


I would adgree with you in terms of the aesthetic of there code but beyond that it seems equilvent to saying all good profesor should weare sweater vests and have glases.

Author:  Prabhakar Ragde [ Sun May 10, 2009 12:30 pm ]
Post subject:  RE:What is the CS definition of hacking?

It's a question of appreciating things beyond narrow technical grounds, especially things with some playful or creative component. These things feed back into the technical side at some point.

Author:  Dan [ Sun May 10, 2009 2:26 pm ]
Post subject:  RE:What is the CS definition of hacking?

Creatovity and a life out side of CS and "hacking" is important but that's not what Eric's guide is talking about. I think it's prity cleary about reputation and apernces over anything else and he prity much admits it in it.

It's all about being acpected by other peoleop, being part of "hacker cluter" (how ever he defines that) and getting respect. None of witch i think realy matter compared to being your self and studying computer scinece for the enjoyment of it.

Also even if his point was not being narrow on technical grounds he just picked things sterotypical of a "geek" or "hacker" witch is not creative at all, it's more of trying to fit in to a narow steroytype created by some one else. If anything thats the opsite of being creative and broad.

Author:  Prabhakar Ragde [ Sun May 10, 2009 3:19 pm ]
Post subject:  RE:What is the CS definition of hacking?

Granted I don't want people fitting into narrow stereotypes. But I'd rather have them doing that in the name of "hacking" than breaking into or reverse-engineering systems.

Author:  Sniper4Life [ Sun May 10, 2009 6:50 pm ]
Post subject:  RE:What is the CS definition of hacking?

yes not very creative sterotypes...and yes i finally got my 120th post!! ^^
user lounge!! Very Happy

edit:

dang i need 125!! ><

Author:  ecookman [ Thu Jun 04, 2009 8:02 am ]
Post subject:  Re: What is the CS definition of hacking?

yea...my friend and I accidentally did something similar to slatpro...

except we kept it in calss

we found and modifyed a port script to connect to one of our friends computers across the class and then fetch sound files from the common folder on the network drive (loud animal noises or the infamous fart noise) every time he typed on the keyboard.

The CS teacher was like wow good work...delete it and don't do it again... (i don't have my copy bu i think my friend has one..)


: