Skip to main content

Hacking Art or Science

By Mark Hinge (Thu, 29 Sep 2005 21:40:00 +0100) 1. Introduction

The argument regarding the principal nature of hacking - be it an art or a science is not a new one. This paper hopes to discuss both the meaning of the term “hack” and the underlying arguments for it being defined as an art or a science in reference to the base principles and basic methodologies of the discipline.

Ultimately the question is this: Does the creative thinking required to be a successful “hacker” outweigh the necessity for scientific process?

The dictionary [www.dictionary.com] defines the term “hacking” in a computer security context as:


1. Informal.
a. To write or refine computer programs skilfully.
b. To use one's skill in computer programming to gain illegal or unauthorized access to a file or network: hacked into the company's intranet.
The origin of the term however is a far more relevant issue than the “dictionary” definition itself – as is the subsequent media bastardisation of the exact definition of the term, all of which needs to be discussed before moving on to the main topic of this paper.


2. The Definition Of A Hacker

The term “hacking” in a computer science context was first coined in the 1960’s – and its continuing extended usage widely attributed to localised Massachusetts Institute of Technology (MIT) slang at the time, where in the very beginning the term “hack” was synonymous with the word “prank”. An early indication of the darker side of future hacking perhaps but never the less in reference to this origin “hacking” could basically and simply be defined as;


“Making a system, program or piece of hardware do something that it was not designed to do.”


Perhaps a good term to some up the meaning of “hacking” is “tinkering”. Under this broad definition it’d be quite possible to “hack” the toaster into cooking hotter than it was designed to do, or anything else as mundane; the description of the hardware modification involved would fall well within the constraints of the term – a good hack. With the exception of the rather circumstantial, not to mention retrospectively amusing ‘seed’ in the “prank” origin of the term; hacking previous to perhaps the early to mid 1980’s had no real demonised undertones, no media generated air of menace – all of which such additions and confusions of the definition have emerged as commerce and relatively un tech savvy and uneducated parties have had by nature of the changes in day to day life become more involved with areas of computer science and information technology in general, areas which at the origin of the term hacking were quite alien to the man on the street.

As touched upon briefly above, the mass mainstream media have given the term “hacking” a rather hard time since it’s initial outing in 1983 when American media outlets Newsweek and CBS News first used the term to refer to “computer intruders”. Although at this point even those in the computer community referred to such activity as "hacking" they surely did not intend for its usage to intone the purely illegal areas of wider “hacking” – areas that would later to be coined widely as “cracking” by the same underground community.

The upshot of this initial ‘definition by fire’ is a simple misunderstanding of the wider meanings of the term “hacking” by the mass media which perpetuates to this very day. While the educated underground community largely still consider the term “hacking” to be representative of the initial meaning of the phrase (ie. “making a system, program or piece of hardware do something that it was not designed to do”) the media have steamrollered the definition into focusing, for the most part, on ‘illegal entry into computer systems’. A small part of the broad definition of “hacking” which generally (perhaps largely due to the media bastardisation of the term “hacking”) is now referred to as “cracking” by the underground community at large.

The differences between the terms could perhaps be defined as:


Hacking: Making a system, program or piece of hardware do something that it was not designed to do.

Cracking: Gaining access to a system, program, server or piece of hardware via methods which bypass any security in place or give the ‘cracker’ inflated privileges within the targeted system, program, server or hardware.


The arguments about definition and scope of the term “hacking” aside, the important fact (in terms of this paper) remains that as far as the wider population are concerned “cracking” is either synonymous with the term “hacking”, or irrelevant in the face of the term “hacking”. To the man on the street “the hacker” has become an evil figure lurking in dark cellars surrounded by computer screens ready to steal credit card details online or deface websites – the media bastardisation is at this time complete and this is something the underground community now have to live with; not to mention a prime candidate for future more careful use of language both by specialised communities and the media who always eventually pick up on the slang used by such specialised communities.

Despite this, and as a historical lead on to the rest of this paper it is very interesting to note that the original definition of the term could also be applied to another group of individuals within society who have not been so demonised. Think carefully:

What are scientists doing if not making a system, program or piece of hardware do something that it was not designed to do? Where system, program or piece of hardware equals any area of science brought into question. This concept will be explored further later.

It is this comparison – between hackers and early scientists - which inspired this paper. Is original science just a retrospective redefinition of “hacking” – that is to say could the 1960’s term hacking be used to describe the thinking process behind the scientific revolution? Were the goals and methodologies of the original scientists similar in essence to those of the original “hackers” and does this suggest that “hacking” as we know it (be it art or science) is the first step along the road of discovery in terms of newly discovered disciplines?

Did those original hackers at MIT just design a slang term for the process of early developmental science? Personally, I think they probably did.

Conversely and moving onto the fundamental topic for this paper, despite it’s apparent similarities with the early stages of science is “hacking” in fact more of an art form than a true science; does the experimental and non-linear nature of “hacking” have more in common with artistic exploration than scientific process?


3. Basic “Hacking” Methodologies

From here on in, and having discussed at length the fate of the word “hacking” at the hands of the mass media, the phrase will now be used on that same media’s terms; “hacking” will now essentially become “cracking” also – this to save on later confusion and arguments as regard the meaning of the word in the context of this paper.

In essence the basic method for a “hack” can be defined fairly simply. The process, although never defined definitively, can be quite linear in it’s execution:


1. Approach a target.
2. Define possible attack vectors for acquired target.
3. Select most efficient attack vector.
4. Execute attack.

Although being mainly in reference to “Cracking” the above method can equally be applied to most if not all forms of ‘traditional’ hacking. Find a problem, find ways around the problem, choose the most efficient way around the problem; execute the hack. The nature of the “hack” makes no difference.

And although on occasion “hackers” may stray from this process, perhaps into the realms of what can be defined as “Voodoo Hacking” – a fun system which has no real process and is basically executed at random with the hope of producing at least some result, that result being the one you were striving to achieve or, in most cases, not.

As with the initial argument this very examination of the process has presented us with two sides of the coin; a very scientific approach and a random perhaps more artistic approach – both methodologies which all “hackers” have used at one stage or another during their own personal learning process I am sure.

But which is most representative of the overall tone of the discipline?


4. The Argument For Science


The mentality of curiosity necessary to succeed in scientific research is certainly equitable to that which is needed to succeed as “a hacker”, and although on the face of it making something “do that which it was not intended to do” is essentially unscientific - as mentioned earlier on in this paper some comparison can be drawn between that very foundation of “hacking” and scientific endeavour.

When the Wright brothers set out to create a flying machine, they were essentially setting out to make a solid object incapable of natural flight, fly; what real difference between that and our defined terms are there?

History is littered with such examples.

The existence of various patterns and the factor of, all be it non definitive, ‘set rules’ in the realms of “hacking” also makes it similar to conventional sciences on a fundamental level; no matter how many vulnerabilities and exploits we may find on, for example a Linux server, ultimately it is still a Linux server and still operates upon the set of rules that Linux servers operate upon; there are exceptions and later additions to these rules in terms of perhaps patches and discovered vulnerabilities’, but this process of discovery and amendment is no different to the process of scientific theory which are, from time to time, discredited, rethought or amended as we better our understanding of the subject matter.

Going as far as to put all of the above aside for a moment, the main argument for hacking being a scientific endeavour is as simple as a set basis from which to work. No matter what is being “hacked” it will without exception have a fundamental set of rules from which you can initially begin to work down “the hacking process” (as discussed earlier in the ‘Basic “Hacking” Methodologies’ section). You cannot “hack” thin air – you can create art from thin air.


5. The Argument For Art

A love of “hacking” (not to be confused with a love of the scene, which is something else entirely) is commonplace amongst self proclaimed hackers and professional Infosec workers alike. It’s true to say that unlike any other topic known to me the area of computer security requires a certain passion; one that many “hackers” would argue outweighs the passion required to participate successfully in any other technical activity – indeed a required passion is a trait “hacking” shares with many of the arts in stark contrast to the sciences.

Second to this is the indisputable fact that despite the existence of any rudimentary scientific process, creativity is without a doubt the key to success in hacking; more so than with any other conventional science. Thinking “outside the box” is the norm when discussing “hacking” issues; not a convoluted buzzword designed to inspire artificially fostered creative thinking.

Equally and again despite the theoretical existence of rudimentary scientific processes, patterns and rules within the realms of hacking it is often the case that these rules, more so than with only scientific discipline can be bent or even flat out broken. “Hacking” is a very mobile art in which definitions and rules change on a constant basis – so much so that it is still possible to achieve some levels of success without even being aware of said theoretical processes, patterns and rules in the first place (the afore mentioned ‘passion’ in some cases being enough) – a simple fact that makes “hacking” instantly very different from conventional sciences in which a base knowledge of the subject is crucial.

The question of style is always likely to float to the surface sooner or later when discussing hacking and it’s artistic or scientific definition. A hacker’s style and indeed the very substance of his work is almost always different from his peers. Two targeted hacks (not to be confused with script kiddie adventures) are rarely ever identical, and even less likely embarked upon with the same motive; it has been suggested that tracking repeat hackers (in particular those who deface websites) by their style (ie. choice of attack vector, time of execution, style of defacement and apparent motive) could prove an efficient way to ascertain a black hat’s future targets and even gather incriminating evidence against them. This is perhaps the most damning argument for hacking having become more of an art form than a science, could you claim the above for any conventional scientific discipline?

Or is it simply the case that in conventional science the rules are too rigid to allow for any real “style” in process?


6. Conclusion

All of the above is of course, just my opinion. The beauty of this argument is not only the depth at which you can draw comparison, especially historically – but the fact that ultimately it does not really matter.

From it’s origins in the 1960’s (and perhaps as discussed earlier in this paper, beyond) to this very day hacking has become an evolving activity. Hacking and “what constitutes hacking” changes, and by doing so incorporates both new levels of scientific method and artistic creativity.

The conclusion to this paper is simply a couple of questions which must be answered by the individual:


• Can a scientist be artistic with his chosen discipline?

• Are you an artist or a scientist?


Personally I’d like to think that a hacker can be artistic in his work while being more of a scientist than anything else. But, it’s all just opinion, what’s yours?

Comments

Popular posts from this blog

How to Hack a Website in Four Easy Steps

Every wondered how Anonymous and other hacktivists manage to steal the data or crash the servers of websites belonging to some of the world biggest organisations? Thanks to freely available online tools, hacking is no long the  preserve of geeks , so we've decided to show you how easy it is to do, in just four easy steps. Step 1: Identify your target While  Anonymous  and other online hacktivists may choose their targets in order to protest against perceived wrong-doing, for a beginner wanting to get the taste of success with their first hack, the best thing to do is to identify a any website which has a vulnerability. Recently a hacker posted a list of 5,000 websites online which were vulnerable to attack. How did he/she identify these websites? Well, the key to creating a list of websites which are likely to be more open to attack, is to carry out a search for what is called a Google Dork. Google Dorking , also known as Google Hacking, enables yo...

How to Hack Facebook Password in 5 Ways

Check out the following post from  fonelovetz blog  on facebook account hacking. This is one of the most popular questions which I'm asked via my email.And today I'm going to solve this problem one it for all.Even though i have already written a few ways of hacking a facebook password.Looks like i got to tidy up the the stuff here.The first thing i want to tell is.You can not hack or crack a facebook password by a click of a button.That's totally impossible and if you find such tools on the internet then please don't waste your time by looking at them! They are all fake.Ok now let me tell you how to hack a facebook account. I'll be telling you 5 of the basic ways in which a beginner hacker would hack.They are: 1.Social Engineering 2.Keylogging 3.Reverting Password / Password Recovery Through Primary Email 4.Facebook Phishing Page/ Softwares 5.Stealers/RATS/Trojans I'll explain each of these one by one in brief.If you want to know more about them just ...

How to Hack Someone's Cell Phone to Steal Their Pictures

Do you ever wonder how all these celebrities continue to have their private photos spread all over the internet? While celebrities' phones and computers are forever vulnerable to attacks, the common folk must also be wary. No matter how careful you think you were went you sent those "candid" photos to your ex, with a little effort and access to public information, your pictures can be snagged, too. Here's how. Cloud Storage Apple's iCloud service provides a hassle free way to store and transfer photos and other media across multiple devices. While the commercial exemplifies the G-rated community of iPhone users, there are a bunch of non-soccer moms that use their iPhones in a more..."free spirited" mindset. With Photo Stream enabled (requires OS X Lion or later, iOS 5 or later), pictures taken on your iPhone go to directly to your computer and/or tablet, all while being stored in the cloud. If you think the cloud is safe, just ask Gizmodo ...

How to Hack Samsung Phone Screen Lock

I have discovered  another  security flaw in Samsung Android phones. It is possible to completely disable the lock screen and get access to any app - even when the phone is "securely" locked with a pattern, PIN, password, or face detection. Unlike another recently released flaw, this doesn't rely quite so heavily on ultra-precise timing. Video . Of course, if you are unable to download a screen unlocker, this security vulnerability still allows you to  dial any phone number and run any app ! HOWTO From the lock screen, hit the emergency call button. Dial a non-existent emergency services number - e.g. 0. Press the green dial icon. Dismiss the error message. Press the phone's back button. The app's screen will be briefly displayed. This is just about long enough to interact with the app. Using this, you can run and interact with any app / widget / settings menu. You can also use this to launch the dialler. From there, you can dial any phone...