Forgot your password?
typodupeerror
Security

The Seven Types of Hackers 178

Posted by CmdrTaco
from the partridge-in-a-pair-tree dept.
Bruce Schneier's blog links to a nifty article listing the seven types of malicious hackers. The list is: Cyber criminals; Spammers and adware spreaders; Advanced persistent threat (APT) agents; Corporate spies; Hactivists; Cyber warriors; and Rogue hackers.
This discussion has been archived. No new comments can be posted.

The Seven Types of Hackers

Comments Filter:
  • Missed some (Score:5, Insightful)

    by Capt.DrumkenBum (1173011) on Tuesday February 15, 2011 @03:17PM (#35214108)
    Script kiddies. (They believe they are hackers)\
    The real pros. (The ones you never hear about)
    Probably some others.
    • Probably some others.

      Insert name of government agency here ...

    • Yeah but you need a catchy name like 'hacktivists' or else no one will publish your oversimplified crappy little classification rant that ends with you saying 'know thine enemy' and making ROGER GRIMES look like a badass hacker hunter.

      Here are your suggested nicknames:

      Script kiddies.

      The Can't-Somebody-Else-Code-It? Hacker

      The real pros.

      The Gingerbread Men

      • by wmbetts (1306001)

        The term as been around over a decade now. If I remember correctly it was first used to describe the milw0rm attacks on the Indian nuclear program.

      • by blair1q (305137)

        Script kiddies.

        The Can't-Somebody-Else-Code-It? Hacker

        "There's a hack for that."

      • by skids (119237) on Tuesday February 15, 2011 @04:51PM (#35215154) Homepage

        The seven types of useless speculation-based throwaway tech articles:

        1) Those that try to classify things
        2) Those that list traits of things or people
        3) Those that troll-bait old tech holy wars
        4) Those that recycle old ideas as new and revolutionary
        5) Dups from this-day-last-year because the byline didn't display the year
        6) Shameless FUD
        7) Those that ego-stroke the intended audience by telling them how unique they are.

    • by iammani (1392285)

      Probably some others.

      You mean He-Who-Must-Not-Be-Named.

      • Probably some others.

        You mean He-Who-Must-Not-Be-Named.

        Hastur is a hacker?
        Hastur never really came across as a hacker type.
        Hastur is... (oh shit!)
        *** Transmission terminated at the source ***

        • by Alex Belits (437) *

          He actually meant Candlejack. ...what? Of course, I am here. I just gave him some Microsoft marketing people from this site, they are dime a dozen.

    • by DarthVain (724186)

      Security Experts.

    • Don't forget: those who won't be named.

      You know, the people that $^#!***LOST CARRIER

    • Script kiddies. (They believe they are hackers)

      Doesn't that fall under #7 (put by itself on the second page, so it's easy to miss):
      "Malicious hacker No. 7: Rogue hackers There are hundreds of thousands of hackers who simply want to prove their skills, brag to friends, and are thrilled to engage in unauthorized activities. They may participate in other types of hacking (crimeware), but it isn't their only objective and motivation. These are the traditional stereotyped figures popularized by the 1983 film "War Games," hacking late at night, while drinki

      • by ShakaUVM (157947)

        >>These are the petty criminals of the cyber world. They're a nuisance, but they aren't about to disrupt the Internet

        TFA that wrote that was amazingly stupid. Robert Morris took down the internet, and he was basically the stereotypical rogue hacker described in the article. Ditto the guys that wrote Melissa (David Smith), Sasser (Sven Jaschan), and so forth.

        Over the years, there have been multiple ways found to "disrupt the internet" and some have been exploited (negative routing table entries being a

        • I'd assume he's actually just oversimplifying things for his target audience. I got the impression that this was a list to be forwarded to someone's CEO or boss who didn't understand that norton antivirus wasn't protecting against corporate espionage. A primer for getting people used to thinking about there being different types of dangerous types online. Such people hopefully wouldn't have much reason to be concerned with script kiddies shutting down more than their own website. If this list is meant f
    • by c0lo (1497653)

      Script kiddies. (They believe they are hackers)

      TFA

      Malicious hacker No. 7: Rogue hackers
      There are hundreds of thousands of hackers who simply want to prove their skills, brag to friends, and are thrilled to engage in unauthorized activities.

      They may be "hacking stupid", but they are legion... just as the populace bearing arms...
      Because we are yet to see them being persistent, it doesn't mean it cannot happen to make a mass transition from the "rogue" category to the "low-tech hacktivists" one.

    • by microbee (682094)

      The legendary hot female hackers.

      They only exist in fairy tales, and dreams of /. readers.

    • by baegucb (18706)

      As of when I post this, noone has mentioned http://www.catb.org/~esr/faqs/hacker-howto.html [catb.org] and I rather doubt the author at infoworld has ever read it.

    • by syousef (465911)

      Script kiddies. (They believe they are hackers)\

      The real pros. (The ones you never hear about)

      Probably some others.

      No, no, no! It's Grumpy, Sleazy, Scammer, Pedant, NoLife, Recluse, and Doc aka The 7 Dwarves.

  • by GodfatherofSoul (174979) on Tuesday February 15, 2011 @03:18PM (#35214122)

    They all think they're the "good" kind.

  • by Anonymous Coward

    What about "Curious kids"?

  • Wait A Second (Score:5, Insightful)

    by mattwrock (1630159) <mattwrock@gmail.com> on Tuesday February 15, 2011 @03:24PM (#35214194)
    I always considered myself a hacker in its original sense. Someone who modded an existing piece of hardware or software to suit their needs, or to work around an existing issue. My latest and most simplest "hack" is getting Froyo on my phone, since my carrier wouldn't send the update. Where am I on the list? Certainly not Hackivist. I guess I am now a "modder" or "homebrewer". I am afraid that the previous terms will be added to the hacker list, with the word criminal added in front.
    • Re: (Score:2, Informative)

      by Anonymous Coward

      He lists malicious hackers!

      • by Khashishi (775369)

        Then hactivist doesn't belong in there either., since activists are not motivated by malice.

    • Re:Wait A Second (Score:5, Insightful)

      by jgrahn (181062) on Tuesday February 15, 2011 @03:49PM (#35214466)

      I always considered myself a hacker in its original sense. Someone who modded an existing piece of hardware or software to suit their needs, or to work around an existing issue. My latest and most simplest "hack" is getting Froyo on my phone, since my carrier wouldn't send the update. Where am I on the list? Certainly not Hackivist. I guess I am now a "modder" or "homebrewer". I am afraid that the previous terms will be added to the hacker list, with the word criminal added in front.

      You're a hacker in my book. Those others are not. And I'm surprised that Slashdot has started using the word *exclusively* to mean criminals.

      • Re: (Score:3, Insightful)

        by Mister Whirly (964219)
        You can't fight city hall indefinitely without just throwing in the towel at some point. I get sick of having a 5 minute conversation every time the subject comes up (sometimes the same conversation multiple times with the same person), so i just let it go now. Language evolves and once a phrase is out there publicly, used correctly or not, you can't put the toothpaste back in the tube. Coincidentally, the folks misusing "hacker" also seem to be the ones that call their desktop towers "CPU" or "hard drive"
        • by turing_m (1030530)
          It's true - we are in the position of the French government trying to legislate language when it's beyond our control at this point. And still, words descended from the original meaning of "hacker" and maintaining that connotation of "tinkering" do not have a corrupted meaning, e.g. "an ugly hack", "hack something together". Though I'll have to train myself not to use the old term lest people think I am breaking into banks or something.
        • (...) or refer to any brand of MP3 player as an "iPod".

          I agree with everything you said before (I actually had a hard laugh the first time I heard someone call their computer a CPU), but — and even though I hate it when people call any portable music player an iPod — I see that from a different angle. It's just like people using the term "kleenex" when they mean "tissue." (I got other examples in mind, but they only apply to my country.)

          I guess it all revolves around the eternal debate between descriptive and prescriptive grammar. Who's right? Who'

        • [...] or refer to any brand of MP3 player as an "iPod".

          I think you just used "MP3" to mean any digital audio file and compression format. It's easy to fall into those traps. Language is full of similar misconceptions or alterations that have built up through the years. Sometimes the meaning differs depending on what area you are in, like the word "theory" which means different things in science and otherwise, or "hacker" for that matter, which means different things in engineering and otherwise.

        • by Thing 1 (178996)

          Language evolves and once a phrase is out there publicly, used correctly or not, you can't put the toothpaste back in the tube.

          Exactly. I just tried to help someone understand the origin of the phrase that has devolved into finding proof in a dessert. He maintained that "language evolves and math does not" but saying something that is patently ridiculous as a way of heightening one's credibility just doesn't seem to make sense. "The proof of the pudding is in the eating" makes sense. "The proof is in the pudding" does not; perhaps during a marriage proposal, I suppose, but not in general, and I agree, sometimes you just throw i

      • by Gr8Apes (679165)

        I always considered myself a hacker in its original sense. Someone who modded an existing piece of hardware or software to suit their needs, or to work around an existing issue. My latest and most simplest "hack" is getting Froyo on my phone, since my carrier wouldn't send the update.

        You're a hacker in my book.
        Those others are not.
        And I'm surprised that Slashdot has started using the word *exclusively* to mean criminals.

        Whatever happened to the word "cracker" (the original word describing a hacker with criminal intent)?

    • Re:Wait A Second (Score:4, Interesting)

      by trollertron3000 (1940942) on Tuesday February 15, 2011 @03:53PM (#35214506)

      Do you code? If not then how do you hack anything? You just load ROMs. So you're a modder. Now you may love the lifestyle, but in my not so humble opinion if you don't write code you really can only "hack" mechanical things because you can't alter the software of anything controlled by code. You can get other people to write it for you and run it. But does that really meet the definition? If so then I'm a mechanic. If that's the bar then half the world can be listed as hackers for jail breaking their phone. No sir you are a scenester. Which is okay I guess If you just want to look like you're a bad ass. Like those guys with all the Celtic tattoos on 50k "motorcycles". It's okay I guess. But it ain't no 1%er.

      • Someone who modded an existing piece of hardware or software...

        I guess you missed that part of his post? Either way, good job at coming off like an arrogant douche in the fine /. tradition of not reading something in detail. =P

      • by Nyder (754090)

        Do you code? If not then how do you hack anything? You just load ROMs. So you're a modder. Now you may love the lifestyle, but in my not so humble opinion if you don't write code you really can only "hack" mechanical things because you can't alter the software of anything controlled by code. You can get other people to write it for you and run it. But does that really meet the definition? If so then I'm a mechanic. If that's the bar then half the world can be listed as hackers for jail breaking their phone. No sir you are a scenester. Which is okay I guess If you just want to look like you're a bad ass. Like those guys with all the Celtic tattoos on 50k "motorcycles". It's okay I guess. But it ain't no 1%er.

        Wow, you've proven yourself to be Mr. Badass. Why don't you regal us with tales of your hacking adventures?

    • Hacker in its original sense is "one who hacks," esp. with a knife or axe. The definition you are talking about is little-used. The definition Bruce is talking about is by far the most common definition used in the infosec world. Since he is an infosec expert writing for an infosec blog it's fairly obvious which of the multiple definitions he intended. It's so obvious, in fact, that anyone who complains about the terminology here is just being intentionally thick. Kinda funny, really.

      • by gnapster (1401889)
        I believe that the reason people complain about the semantics of hacking is this: they value the definition of 'hack' that first became popular at MIT and is codified in the Hacker HOWTO and the Jargon File. To wit, the application of ingenuity to a problem. This is a beautiful concept, and there is no other word which captures it. I would like to talk to people about this concept, but the vocabulary has been diluted, making my goal more difficult. At the end of the day, though, it is probably futile to
        • Anyone upset that the English language overloads terminology needs to find himself a new language. Whining about this is as silly as whining about water being wet.

    • Geohot says yes?
  • by blair1q (305137) on Tuesday February 15, 2011 @03:27PM (#35214222) Journal

    8) Website devs who force simple articles to split unnecessarily across multiple webpages. They're in it for clicks and ad revenue, essentially scamming multiple banner-ad buyers into paying for the same article read. Here's an example. [infoworld.com]

  • by smitty97 (995791) on Tuesday February 15, 2011 @03:33PM (#35214296)
    Does Rogue Hackers include all the roguelikes such as Net Hackers, Moria Hackers and Angband Hackers?
  • by Kell Bengal (711123) on Tuesday February 15, 2011 @03:35PM (#35214314)
    If they're conflating Wikileaks with hackers, then it's pretty clear to me that they either don't know what hackers are, don't know what Wikileaks is, or are riding the Wikileaks-hater bandwagon.
    • by blair1q (305137)

      If you include in Wikileaks the people who are stealing the secrets and giving them to the organization, then Wikileaks are hackers. They're quite a bit less technical about their acquisition of data, but they are the most famous representative of the hacktivists subset of (cr|h)ackers that includes those who are more technical. If you prefer, you can always think Sneakers.

    • by cbhacking (979169)

      I thought that was supposed to mean the people who are "defending" Wikileaks, Anonymous et. al.

      It's unfortunate that the writing isn't very good, because the point he's trying to make (the random troublemaker is different from the commercially motivated is different from the targeted attacker) is a pretty good one.

  • by Anonymous Coward on Tuesday February 15, 2011 @03:35PM (#35214318)

    from good to bad...

    white hat, gray hat, black hat, and asshat

    I don't remember where I originally heard this, known it for years, so sorry to the source.

    • I'd reverse the last two. Black hats are being deliberately malicious and evil, whereas the other is just being a jerk for the sake of being a jerk.
  • by Junior J. Junior III (192702) on Tuesday February 15, 2011 @03:37PM (#35214340) Homepage

    From the article:

    Malicious hacker No. 5: Hacktivists
    Lots of hackers are motivated by political, religious, environmental, or other personal beliefs. They are usually content with embarrassing their opponents or defacing their websites, although they can slip into corporate-espionage mode if it means they can weaken the opponent. Think WikiLeaks.

    I'll grant that Wikileaks are activists. I'll also grant that they have some great hackers working for them. But what the article describes as "hacktivism" is not what wikileaks does. Wikileaks employs hackers defensively, to provide a secure system that guarantees anonymity for the sources who leak information to them.

    Although there have been allegations made in the press by people who probably don't know anything about information security, I have seen no evidence that suggests that Wikileaks obtains information by cracking into systems. On the contrary, Wikileaks have always claimed to work by receiving information from sources who were privileged with access to the information, and who elected to leak it to Wikileaks out of duty to their conscience.

    There has been, to date, no evidence brought forward which suggests that Wikileaks has ever broken into a system to extract information out of it. That isn't the way they do things.

    There are "hacktivists" who do things like deface websites in order to publicize a cause, or DDoS attack some target that they disagree with. But that is not what Wikileaks does, either. Misguided sympathizers from "Anonymous" may have done some of these things in an attempt to aid Wikileaks, but that is still not something that Wikileaks does or endorses.

    • Re: (Score:2, Funny)

      by gearsmithy (1869466)
      Well we know Assange isn't a hacker... we have evidence to suggest that he's be laid at least twice.
    • Agreed, but when he said "think wikileaks" he could have meant the material on wikileaks. Although, that's kinda silly as the majority of wikileaks is stuff that's leaked by those entrusted with said information leaking it to the public. It's kinda build into the name.
  • Angelina Jolie is suspiciously absent...

    • by Stregano (1285764)
      That is because she was a crappy hacker. She needed the help of ZEROCOOL a.k.a. Crash Override a.k.a. Dade Murphy. Don't forget about Razor and Blade, they are elite.
    • by c0lo (1497653)

      Angelina Jolie is suspiciously absent...

      Currently on active assignment for a job requiring a "Cat4 hacker"... be patient.

    • by PPH (736903)
      OTOH, Keanu Reeves is blessedly absent.
  • When you're killed by the letter "k"

  • by Minwee (522556) <dcr@neverwhen.org> on Tuesday February 15, 2011 @03:55PM (#35214530) Homepage

    "If you think simply having a buffer overflow, fully patched systems, and antivirus will defend against all hackers no matter their objectives, you're wrong."

    Um, if you think that a buffer overflow is supposed to defend you, then you're even more wrong.

    • by game kid (805301)
      XD
    • by Spykk (823586)
      The buffer overflow is there to offset the adjacent buffer underrun. It is a very delicate system.
    • by rwv (1636355)
      What's wrong with the Buffer Overflow defense? Also, might I suggest that you try protecting your data from hackers with NULL pointers.
  • ...is a list of skill bonuses for each class, and we can start rolling up characters!

  • Although trained in different skill sets, they come together as a communal force to DOS sites.
  • There are only two types.

    Those that you know about.
    Those that you don't know about yet.

    Thankfully, idiots make up 98%+ of the ones out there, but there are some that you never see, never know about, and are usually doing it as part of their normal job for whatever agency or government that is hiring them.

    Of course, they aren't interested in us normal folk, so it's really us vs the idiots. And some days I wonder how they can be doing so well. Then I see my neighbor and it makes quite a lot of sense...

  • Yeah, I'm not really diggin the list.
    #1 "Criminal" is any law-breaker, which would be everyone on the list, except maybe "Cyber Warriors". Also maybe Hackticists, depending on if you consider "crime" to mean anything "socially detrimental".
    #1a Maybe you meant for-profit criminals, which would still include Spam, Adware, and Corporate Spies.
    #2 Spamming and adware spreading are two different activities. They may be of the similar low-hanging-fruit bulk-rate sort, but I don't know if they overlap.
    #3 APT, w
  • In the 80's (before the internet) and before jargon was mixed up by casual computer users...

    - A "hacker" meant someone who was proficent enough with computers (few people were at that time) that they typed really fast at their keyboard, usually writing code or scripts. Today a "hack" still means quickly written, not carefully thought out code.

    - A "cracker" was someone who broke copy protection. Today that would include breaking network security.

    I may be considered pedantic, but it would be good to retain

  • How can we even begin to discuss hackers without this video? http://www.youtube.com/watch?v=wQ_SE71N3Bc [youtube.com]
  • by halcyon1234 (834388) <halcyon1234@hotmail.com> on Wednesday February 16, 2011 @12:31AM (#35218168) Journal
    1. 1. Sleepy
    2. 2. Sneezy
    3. 3. Dopey
    4. 4. Grumpy
    5. 5. Happy
    6. 6. Bashful
    7. 7. Cowboy Neil

    Sidenote: Slashdot's css has fucked up OL. Another entry for my user style. Great job, Slashdot. Great job.

    ol li
    {
    list-style-type:decimal !important;
    }

  • i just clicked the server, then hit his firewall and crashed his computer.
  • by Gunstick (312804) on Wednesday February 16, 2011 @12:26PM (#35222542) Homepage

    It says "Your guide to the seven types of malicious hackers"
    Please note the word malicious

    There are many more types of hackers, which are not malicious at all.

The key elements in human thinking are not numbers but labels of fuzzy sets. -- L. Zadeh

Working...