What Measures You Should Take | Jeff Duntemanns Drive-By Wi-Fi Guide

The Hacker Pyramid

The hacker community (like a lot of communities) is a pyramid. At the tip are the real hackers: Guys (almost always male) who know a tremendous amount about computers and networks and expend a great deal of effort staying ahead of the technological curve. Below the tip, as the skill levels decrease, the numbers increase. Toward the bottom are the wannabe hackers who like the glamour and the gritty reputation but don't know enough to be dangerous. They are legion. Real hackers dismiss them as 'script kiddies,' usually teens who use the most primitive tools to work minor (and easily blocked) exploits. The term 'script kiddies' comes from the fact that these people rip off pre-written scripts hackers have previously developed to do their hacking. This is why they often go after the weakest fish who are still susceptible to older hacking attacks.

There was a time when the term 'hacker' was a badge of honor, of sorts, worn by people who really knew their stuff and could work miracles with it. (The term was originally applied a century ago to expert horsemen who could make a horse do whatever they wanted, and do it with grace and style.) When every machine was an island (as they were before the days of pervasive networking), there wasn't a great deal that a hacker could do to get into other machines. But as networking became possible for personal computers in the early to mid-1980s, the ethics challenged in the hacker community began to create what are now called 'hacker exploits.' The most common of these are worms and Trojan horses that were distributed on disk or by way of computer bulletin board downloads.

Black Hats and White Hats

The opening of the Internet to the general public (instead of the privileged few at universities and large corporations) in the early 1990s coincided with the blackening of the term 'hacker.' Without any added security technology, breaking into machines connected to the Internet is almost absurdly easy, and the 'black hat' hackers grew in numbers and skill with the expansion of the Internet.

There are people who think of themselves as 'white hats' (usually without the appended-but assumed-term 'hacker') who study networking and hacker exploits to guard against the black hats. Most of the network security technology we have today would not have happened without the work of the white hats, some of whom (admittedly) got their start as black hats.

And there are always a few hats hanging around whose color seems to be a shade of dirty gray.

The Network Mafia

The genuine black hat hackers are a little like the Mafia. Just as the Mafia don't go around shooting up randomly selected people for the sheer hell of it, the most skillful hackers are the ones with the clearest agendas. These agendas are either criminal or political. Unless you piss them off or have something they want, hackers are unlikely to come after you personally. (You may, however, get caught up in an automated mass exploit like a denial of service attack; more on that later.)

The criminal agendas involve stealing data or information: credit card numbers and phone card numbers, or (more rarely) corporate information, trade secrets, and human resources information for purposes of identity theft.

Political agendas are more common: On August 28, 2002, the Recording Industry of America's Web site was creatively defaced by a crew of hackers who objected to the RIAA's hamhanded and overly broad efforts to protect music CDs. The RIAA home page was edited in various ways. Among other things, a link was added, with the text 'Where can I find information on giant monkeys?' and the URL of RIAA chief Hilary Rosen's biography page. (I hate to say it, but I consider that really funny.)