Today, mainstream usage mostly refers to computer criminals, due to the mass media usage of the word since the 1980s. This includes script kiddies, people breaking into computers using programs written by others, with very little knowledge about the way they work. This usage is so much predominant in the general public that a large segment of it is unaware that different meanings also exist.
This article compares and contrasts the three meanings defined above. There are specific articles about each one of them at Hacker (computer security), Hacker (programmer subculture), and Hacker (hobbyist), respectively. While the use of the word by hobbyist hackers is acknowledged by all three subcultures, and the computer security hackers accept all uses of the word, free software hackers consider the computer intrusion related usage incorrect, and refer to security breakers as “crackers”.
Currently, "hacker" is used in two main ways, one pejorative and one complimentary. In popular usage and in the media, it most often refers to computer intruders or criminals, with associated pejorative connotations. (For example, "An Internet 'hacker' broke through state government security systems in March.") In the computing community, the primary meaning is a complimentary description for a particularly brilliant programmer or technical expert. (For example, "Linus Torvalds, the creator of Linux, is considered by some to be a genius hacker.") A large segment of the technical community insist the latter is the "correct" usage of the word (see the Jargon File definition below).
The mainstream media's current usage of the term may be traced back to the early 1980s (see History). When the term was introduced to wider society by the mainstream media in 1983, even those in the computer community referred to computer intrusion as "hacking", although not as the exclusive use of that word. In reaction to the increasing media use of the term exclusively with the criminal connotation, the computer community began to differentiate their terminology. Several alternative terms such as "black hat" and "cracker" were coined in an effort to distinguish between those performing criminal activities, and those whose activities were the legal ones referred to more frequently in the historical use of the term "hack". Analogous terms such as "white hats" and "gray hats" developed as a result. However, since network news use of the term pertained primarily to the criminal activities despite this attempt by the technical community to preserve and distinguish the original meaning, the mainstream media and general public continue to describe computer criminals with all levels of technical sophistication as "hackers" and does not generally make use of the word in any of its non-criminal connotations.
As a result of this difference, the definition is the subject of heated controversy. The wider dominance of the pejorative connotation is resented by many who object to the term being taken from their cultural jargon and used negatively, including those who have historically preferred to self-identify as hackers. Many advocate using the more recent and nuanced alternate terms when describing criminals and others who negatively take advantage of security flaws in software and hardware. Others prefer to follow common popular usage, arguing that the positive form is confusing and unlikely to become widespread in the general public. A minority still stubbornly use the term in both original senses despite the controversy, leaving context to clarify (or leave ambiguous) which meaning is intended. It is noteworthy, however, that the positive definition of hacker was widely used as the predominant form for many years before the negative definition was popularized.
"Hacker" can therefore be seen as a shibboleth, identifying those who use the technically-oriented sense (as opposed to the exclusively intrusion-oriented sense) as members of the computing community.
A possible middle ground position has been suggested, based on the observation that "hacking" describes a collection of skills which are used by hackers of both descriptions for differing reasons. The analogy is made to locksmithing, specifically picking locks, which — aside from its being a skill with a fairly high tropism to 'classic' hacking — is a skill which can be used for good or evil. The primary weakness of this analogy is the inclusion of script kiddies in the popular usage of "hacker", despite the lack of an underlying skill and knowledge base.
A timeline of the noun "hack" and etymologically related terms as they evolved in historical English:
The earliest known use of the term in this manner is from the 20 November 1963 issue of The Tech, the student paper of MIT:
Many telephone services have been curtailed because of so-called hackers, according to Prof. Carlton Tucker, administrator of the Institute phone system. […] The hackers have accomplished such things as tying up all the tie-lines between Harvard and MIT, or making long-distance calls by charging them to a local radar installation. One method involved connecting the PDP-1 computer to the phone system to search the lines until a dial tone, indicating an outside line, was found. […] Because of the 'hacking', the majority of the MIT phones are 'trapped'.
Originally, the term "hack" was applied almost exclusively to programming or electrical engineering, but it has come to be used in some circles for almost any type of clever circumvention, in phrases such as "hack the media", "hack your brain" and "hack your reputation".
Another meaning of the term "hack", similar to kludge and distinct from both the positive and security-related meanings discussed above, derives from the everyday English sense "to cut or shape by or as if by crude or ruthless strokes" [Merriam-Webster]. In other words to "hack" at an original creation, as if with an axe, is to force-fit it into being usable for a task not intended by the original creator, and a "hacker" would be someone who does this habitually. (The original creator and the hacker may be the same person.)
This usage is common in both programming (as demonstrated by a Google code search for "HACK" ) and engineering. In programming, hacking in this sense appears to be tolerated and seen as a necessary compromise in many situations. In non-software engineering, the culture is less tolerant of unmaintainable solutions, even when intended to be temporary, and describing someone as a "hacker" might imply that they lack professionalism. In this sense, the term has no real positive connotations, except for the idea that the hacker is capable of doing modifications that allow a system to work in the short term, and so has some sort of marketable skills. There is always, however, the understanding that a more skillful, or technical, logician could have produced successful modifications that would not be considered a "hack-job".
The definition is similar to other, non-computer based, uses of the term "hack-job". For instance, a professional modification of a production sports car into a racing machine would not be considered a hack-job, but a cobbled together backyard mechanic's result could be. Even though the outcome of a race of the two machines could not be assumed, a quick inspection would instantly reveal the difference in the level of professionalism of the designers.
In computer security, a hacker is someone who focuses on security mechanisms of computer and network systems. While including those who endeavor to strengthen such mechanisms, it is more often used by the mass media and popular culture to refer to those who seek access despite these security measures. That is, the media portrays the 'hacker' as a villain. Nevertheless, parts of the subculture see their aim in correcting security problems and use the word in a positive sense. They operate under a code, which acknowledges that breaking into other people's computers is bad, but that discovering and exploiting security mechanisms and breaking into computers is still an interesting activity that can be done ethically and legally. Accordingly, the term bears strong connotations that are favorable or pejorative, depending on the context.
The subculture around such hackers is termed network hacker subculture, hacker scene or computer underground. It initially developed in the context of phreaking during the 1960s and the microcomputer BBS scene of the 1980s. It is implicated with 2600: The Hacker Quarterly and the alt.2600 newsgroup.
By 1983, hacking in the sense of breaking computer security had already been in use as computer jargon, but there was no public awareness about such activities. However, the release of the movie WarGames that year raised the public belief that computer security hackers (especially teenagers) could be a threat to national security. This concern became real when a gang of teenage hackers in Milwaukee, Wisconsin known as The 414s broke into computer systems throughout the United States and Canada, including those of Los Alamos National Laboratory, Sloan-Kettering Cancer Center and Security Pacific Bank. The case quickly grew media attention, and 17-year-old Neal Patrick emerged as the spokesman for the gang, including a cover story in Newsweek entitled "Beware: Hackers at play", with Patrick's photograph on the cover. The Newsweek article appears to be the first use of the word hacker by the mainstream media in the pejorative sense.
As a result of news coverage, congressman Dan Glickman called for an investigation and new laws about computer hacking. Neal Patrick testified before the U.S. House of Representatives on September 26, 1983 about the dangers of computer hacking, and six bills concerning computer crime were introduced in the House that year. As a result of these laws against computer criminality, white hat, grey hat and black hat hackers try to distinguish themselves from each other, depending on the legality of their activities.
The computer security use is contrasted by the different understanding of hacker as a person who follows a spirit of playful cleverness and loves programming. It is found in an originally academic movement unrelated to computer security and most visibly associated with free software and open source. It also has a hacker ethic, based on the idea that writing software and sharing the result on a voluntary basis is a good idea, and that information should be free, but that it's not up to the hacker to make it free by breaking into private computer systems. Academic hackers disassociate from the mass media's pejorative use of the word 'hacker' referring to computer security, and usually prefer the term 'cracker' for that meaning.
In this hacker culture, a computer hacker is a person who enjoys designing software and building programs with a sense for aesthetics and playful cleverness. The term hack in this sense can be traced back to "describe the elaborate college pranks that...students would regularly devise" (Levy, 1984 p.10). To be considered a 'hack' was an honour among like-minded peers as "to qualify as a hack, the feat must be imbued with innovation, style and technical virtuosity" (levy, 1984 p.10)
According to Eric S. Raymond, the Open source and Free Software hacker subculture developed in the 1960s among ‘academic hackers’ working on early minicomputers in computer science environments in the United States. After 1969 it fused with the technical culture of the pioneers of the Arpanet. The PDP-10 machine AI at MIT, which was running the ITS operating system and was connected to the Arpanet, provided an early hacker meeting point. After 1980 the subculture coalesced with the culture of Unix, and after 1987 with elements of the early microcomputer hobbyists that themselves had connections to radio amateurs in the 1920s. Since the mid-1990s, it has been largely coincident with what is now called the free software and open source movement.
Many programmers have been labeled "great hackers, but the specifics of who that label applies to is a matter of opinion. Certainly major contributors to computer science such as Edsger Dijkstra and Donald Knuth, as well as the inventors of popular software such as Linus Torvalds (Linux), and Dennis Ritchie and Ken Thompson (the C programming language) are likely to be included in any such list; see also List of programmers. People primarily known for their contributions to the consciousness of the academic hacker culture include Richard Stallman, the founder of the free software movement and the GNU project, president of the Free Software Foundation and author of the famous Emacs text editor as well as the GNU Compiler Collection (GCC), and Eric S. Raymond, one of the founders of the Open Source Initiative and writer of the famous text The Cathedral and the Bazaar and many other essays, maintainer of the Jargon File (which was previously maintained by Guy L. Steele, Jr.).
Within the academic hacker culture, the term hacker is also used for a programmer who reaches a goal by employing a series of modifications to extend existing code or resources. In this sense, it can have a negative connotation of using kludges to accomplish programming tasks that are ugly, inelegant, and inefficient. This derogatory form of the noun "hack" is even used among users of the positive sense of "hacker" (some argue that it should not be, due to this negative meaning; others argue that some kludges can, for all their ugliness and imperfection, still have "hack value"). In a very universal sense, hacker also means someone who makes things work beyond perceived limits in a clever way in general. That is, people who apply the creative attitude of software hackers in fields other than computing. This includes even activities that predate computer hacking, for example reality hackers. More recent examples of this usage are wetware hackers and media hackers. According to the Jargon File the word hacker was used in a similar meaning among radio amateurs already in the 1950s.
The culture sometimes uses jargon which is "incomprehensible to outsiders". Examples are 'losing' "when a piece of equipment is not working" and 'munged' "when a piece of equipment is ruined".
In a third meaning, hacker refers to computer hobbyists who push the limits of their software or hardware. The home computer hacking subculture relates to the hobbyist home computing of the late 1970s, beginning with the availability of MITS Altair. An influential organization was the Homebrew Computer Club.
The areas that did not fit together with the academic hacker subculture focus mainly on commercial computer and video games, software cracking and exceptional computer programming (demo scene). Also of interest to some members of this group is the modification of computer hardware and other electronic devices, see modding.
According to Raymond, academic hackers usually work openly and use their real name, while computer security hackers prefer secretive groups and identity-concealing aliases. Also, their activities in practice are largely distinct. The former focus on creating new and improving existing infrastructure (especially the software environment they work with), while the latter primarily and strongly emphasize the general act of circumvention of security measures, with the effective use of the knowledge (which can be to report and help fixing the security bugs, or exploitation for criminal purpose) being only rather secondary. The most visible difference in these views was in the design of the MIT hackers' Incompatible Timesharing System, which deliberately didn't have any security measures.
There are some subtle overlaps, however, since basic knowledge about computer security is also common within the academic hacker community. For example, Ken Thompson noted during his 1983 Turing Award lecture that it is possible to add code to the UNIX "login" command that would accept either the intended encrypted password or a particular known password, allowing a back door into the system with the latter password. He named his invention the "Trojan horse." Furthermore, Thompson argued, the C compiler itself could be modified to automatically generate the rogue code, to make detecting the modification even harder. Because the compiler is itself a program generated from a compiler, the Trojan horse could also be automatically installed in a new compiler program, without any detectable modification to the source of the new compiler. However, Thompson disassociated himself strictly from the computer security hackers: "I would like to criticize the press in its handling of the 'hackers,' the 414 gang, the Dalton gang, etc. The acts performed by these kids are vandalism at best and probably trespass and theft at worst. ... I have watched kids testifying before Congress. It is clear that they are completely unaware of the seriousness of their acts."
The academic hacker community sees secondary circumvention of security mechanisms as legitimate if it is done to get practical barriers out of the way for doing actual work. In special forms, that can even be an expression of playful cleverness. However, the systematic and primary engagement in such activities is not one of the actual interests of the academic hacker subculture and it doesn't have significance in its actual activities, either. A further difference is that, historically, academic hackers were working at academic institutions and used the computing environment there. In contrast, the prototypical computer security hacker had access exclusively to a home computer and a modem. However since the mid-1990s, with home computers that could run Unix-like operating systems and with inexpensive internet home access being available for the first time, many people from outside of the academic world started to take part in the academic hacking subculture.
Since the mid-1980s, there are some overlaps in ideas and members with the computer security hacking community. The most prominent case is Robert T. Morris, who was a user of MIT-AI, yet wrote the Morris worm. The Jargon File hence calls him "a true hacker who blundered". Nevertheless, members of the academic subculture have a tendency to look down on and disassociate from these overlaps. They commonly refer disparagingly to people in the computer security subculture as crackers, and refuse to accept any definition of hacker that encompasses such activities. The computer security hacking subculture on the other hand tends not to distinguish between the two subcultures as harshly, instead acknowledging that they have much in common including many members, political and social goals, and a love of learning about technology. They restrict the use of the term cracker to their categories of script kiddies and black hat hackers instead.
All three subcultures have relations to hardware modifications. In the early days of network hacking, phreaks were building blue boxes and various variants. The academic hacker culture has stories about several hardware hacks in its folklore, such as a mysterious 'magic' switch attached to a PDP-10 computer in MIT's AI lab, that, when turned off, crashed the computer. The early hobbyist hackers built their home computers themselves, from construction kits. However, all these activities have died out during the 1980s, when the phone network switched to digitally controlled switchboards, causing network hacking to shift to dialing remote computers with modems, when pre-assembled inexpensive home computers were available, and when academic institutions started to give individual mass-produced workstation computers to scientists instead of using a central timesharing system. The only kind of widespread hardware modification nowadays is case modding.
An encounter of the academic and the computer security hacker subculture occurred at the end of the 1980s, when a group of computer security hackers, sympathizing with the Chaos Computer Club (who disclaimed any knowledge in these activities), broke into computers of American military organizations and academic institutions. They sold data from these machines to the Soviet secret service, one of them in order to fund his drug addiction. The case could be solved when Clifford Stoll, a scientist working as a system administrator, found ways to log the attacks and to trace them back (with the help of many others). 23, a German film adaption with fictional elements, shows the events from the attackers' perspective. Stoll described the case in his book The Cuckoo's Egg and in the TV documentary The KGB, the Computer, and Me from the other perspective. According to Eric S. Raymond, it "nicely illustrates the difference between 'hacker' and 'cracker'. Stoll's portrait of himself, his lady Martha, and his friends at Berkeley and on the Internet paints a marvelously vivid picture of how hackers and the people around them like to live and how they think.