Follow

So now, opening Developer Tools and peeking at the HTML code is "hacking":
krebsonsecurity.com/2021/10/mi

> “The state is committed to bringing to justice anyone who hacked our systems or anyone who aided them to do so,” Parson continued. “A hacker is someone who gains unauthorized access to information or content. This individual did not have permission to do what they did. They had no authorization to convert or decode, so this was clearly a hack.”

We need to take that term back for the community.

This toot got several "the war over the word '' is lost" replies, so I need to respond to it more generally.

Thankfully, I have a FAQ about it, since I encounter it so often:
rys.io/en/155.html#isnt-the-fi

tl;dr:
1. Whichever other word we choose and fail to defend, is going to be abused; see: "hacktivist". I draw the line on "hacker".
2. LGBTQ+ community reclaimed the f-word, African-American community -- the n-word; it *can* be done.
3. Nobody gets to tell me what I can call myself, and what that means.

Also, I've been having conversations about the (mis-)use tof the word for a decade or so. And guess what?

Journalists I spoke to said "huh, interesting", and often *modified* their use of it at least somewhat. In fact, I had a piece about that published in a Polish mainstream news portal.

I even have a letter from the former Polish minister of defense acknowledging that "hackers are not cybercriminals".

You know who pushes back the most? Other hackers.

It's not "the mainstream". It's us. 🤦‍♀️

So please, don't give me this "the war about the word is lost" bullshit. It's not. We just keep surrendering and undermining our own position.

So, stop using the word "hacker" to mean "cybercriminal". Stop using the word "hack" to mean "breach" or "compromise".

There are better words.

Like "cybercriminal", "breach", "compromise".

Thanks for coming to my TED talk.
/rant

@rysiek ignorance is violent act. attacked by the state for their own incompetence.

@rysiek So if someone hands you someone else's social when you ask them for their name, you committed a crime and not the other person?

@rysiek Remember that Chelsea Manning using wget was considered to be an advanced hacking tool.

@rysiek amen to that. I try to educate people on the true meaning of the term. Sadly, it's an uphill battle.

@davidpetersonharvey absolutely.

Got a longer explanation together in a single place so that it can be easily linked: rys.io/en/155.html

Perhaps useful.

@rysiek
it used to really bother me a decade or so ago, but... the damage is done. The mass media seized upon the word and redefined it. It's pointless trying to correct people now.
@trebach

@Gemlog It's three stages of redefinition, though:

1. Narrowing the definition to mean only malicious access to gain unauthorized access to things. Actual hacking, but blackhat only.
2. Widening that subset of hacking to include not only playful, clever and exploratory action but also the industrial application of cracking tools, however clever the initial creation of those tools might be.
3. What we are seeing here, the further widening to remove any requirement of cleverness at all, just trivial actions that ideally any computer user would be able to perform.

@trebach @rysiek

@clacke
I think I first encountered the words hack/hacker in a geek meaning reading about a model railroad club in a university or something.
@rysiek @trebach

@rysiek @Gemlog @clacke @trebach

the other issue is what is "criminal" is often relative.

Folk don't mind if a "hacker" gets them "free" stuff like movies or copyrighted music that might not even be legitimately available in their country, or helps them fix their car using ODB2 scanner tools that have been reverse engineered from proprietary data, in spite of both these activities being in a legal grey area...

@vfrmedia
"stuff like movies or copyrighted music that might not even be legitimately available in their country"
So... the copyright holders have explicitly stated they do not want any revenue from that thing from that country. Then we can oblige! :-)

@rysiek @clacke @trebach

@rysiek
Not for me it isn't. I'm 60 and tired of it and have more important battles.
You...(gasp)....please!....(gasp) .... take up the, the....(torch) and carry on!!!
<dies>
:-)
@clacke @trebach

@Gemlog @clacke @trebach nobody is saying "start convincing others about it".

All I'm saying is: please be mindful when you yourself are using these terms.

That's not "picking up the torch", but being a bit careful not to put out a torch somebody else is carrying already.

@Gemlog @clacke @trebach and to be honest, it's amazing to me how much energy people do put into convincing me and others who do carry this torch that it's a lost cause.

If only a fraction of that energy went into just being a bit more careful with words, we'd all be in a better place. :-)

@rysiek
You're welcome - I type swiftly and enjoy it - no bother at all :-)
@clacke @trebach

@rysiek
Of course I'll say cracker or blackhat, but if you use the word hacker then you have to give a sidebar to explain you do NOT mean what the person you are talking to thinks a hacker is, so... exhausting bullshit :-)
@clacke @trebach

@Gemlog @clacke @trebach so don't use words that need such explanation? 🤷‍♀️

"Cybercriminals", "attackers", "malicious actors", "bad guys", "spies", "internet pranksters", etc., are all there, ready to be used.

Honestly no clue why people insist on using the h-word in such contexts, where literally any other word is more clear and more informative.

@rysiek
That's what I just said! I simply avoid using it with people I'd have to explain it to.
@clacke @trebach

@Gemlog @clacke @trebach ah sorry, misinterpreted your toot.

Well, pleasure agreeing with you, then! :blobcoffee:

@rysiek Wow, that senator is incredibly stupid… Probably to please some stupid-ass conservatrice fucks, who enjoy authoritarianism… Especially toward any random stuff they can't understand because "It must evil, everyone except cops, the military, us and the politicians we support, are criminals" 🤮

@rysiek

Basically, "hacking" means "being smarter than me" for these guys, so it's clearly fitting here...

@mmu_man

@rysiek

Well said. I'm pretty personally lax my usage and using both definitions contextually. I should probably take more care not to perpetuate the misconception.

@rysiek You know the first 'hackers' were a bunch of white male students into model trains and phone phreaking? Then worked on computer systems funded by the military during veitnam war? I think you're over-romanticising a what has often been a toxic culture

@yaxu if you clicked the link in one of the parent toots you'd perhaps notice that in fact I have some idea of the history of the hacker community, thanks.

I do not appreciate your erasure of women from that community, by the way. Ada Lovelace was a hacker(ess) way before any white dude at MIT even existed.

@rysiek I don't believe Lovelace called herself a hacker.

@yaxu I don't believe Bassianus called himself "gay". 🤷‍♀️

@rysiek Err.. I think the topic of the conversation is the word hacker?
The MIT hackers were a bunch of misogynistic jerks.
'Hackers' have always engaged in the kind of activity that you call misuse of the word.
Nowadays the word has been co-opted by the likes of Paul Graham, to describe people who work at venture-capital funded startups.
Your 'hacker' identity is really nothing like racialisation or sexuality. You are not being oppressed. Pretending to be a comparable victim is in poor taste.

@yaxu the topic of conversation is language, with the focus on the word "hacker".

Your argument boiled down to: "somebody cannot be X if they did not call themselves X", I provided a counter-example -- it is very clear Bassianus was, in fact, gay (in the LGBTQ+ sense of the word), even though he did not call that himself.

It is very clear to me there were hackers in the "technically inclined people who think outside the box and do amazing stuff" well before the term "hacker" existed.

@yaxu no clue where you're getting the notion I am pretending to be oppressed. I am not pretending or saying that I am a "victing", I am engaging in a debate about a term.

In fact, in this thread I focused mostly on the hacker community itself giving up on defending a term they often do apply to themselves.

I agree the word has been "co-opted". Your reaction to this seems to be: "and that's that". My response is: "I believe we can and should get that word back for the fun, creative, techie folk."

@yaxu hacker community is a complicated beast, and there's plenty of things that should be fixed about it. But that's not the topic of this conversation.

The topic of this conversation is that I believe that deserve to have a term they can use to refer to themselves, and that that term should not be, as you so aptly put it, "co-opted" by anyone else.

@yaxu so I am really at a loss trying to understand what you're position is?

That the hacker community should abandon that term because techbro startuppers "co-opted" it? That it was never a good term because there were some misogynistic jerks who used that term back in the day? Something else?

Finally, "my hacker identity" is none of your damn business. You know nothing about me and about the wonderful, inclusive, creative hacker communities I have the privilege of being a part of.

@rysiek My position is that it's a broad term, 'hackers' have always broken into computers, and it has a dark history. This mythology around ethics etc comes from that history, via particularly nasty characters like ESR (editor of the 'hackers dictionary'). Sure there are some lovely communities of people who call themselves hackers.. But lets not romanticise.

@yaxu why can't we romanticize and take that term back *for those lovely communities*?

Why do people like ESR or Sillicon Valley techbros get to decide what words mean and what terms communities can and cannot use?

Language is malleable. Humans create and change language.

I see no reason why the word "hacker" cannot be made to mean "a creative person thinking outside the box", and not mean "state-sponsored malicious agents compromising hospital networks".

In fact, I see a lot of reasons for that.

@rysiek My dad still thinks that "programming a VCR" and "programming (software engineering)" are related activities.

Language can be confusing, if we let it.

@emacsomancer @rysiek What I meant with "Programming VCRs" is the activity of scheduling a recording of a TV show.
This use of the word "programming" was very common in Germany and I have heard in English, as well, although I don't know how popular it is/was.

@rysiek

> Stop using the word "hack" to mean "breach" or "compromise".
> There are better words.

My preferred one is "pwn".
But here's the thing: many pwns are also hacks, especially the interesting ones.

When praising someone for pwning a game console, is it wrong to call it a hack?

@wolf480pl @rysiek Gotta love when it’s not even a breach.

Such as if a company is stupid and leaves an S3 bucket open without authentication. Then they’re “hacked” when someone manages to find it

@quad @rysiek
well in that case it's neither a breach (there was no barrier to break) nor a hack (there was no thinking required). It's not even a steal (because nothing is removed from the original possessor). A leak is the sanest word for that I can think of.

@wolf480pl @quad exactly. And the whole point is to start using words that actually make sense in the context, instead of a abused overused cliché.

@wolf480pl you know perfectly well what I meant. Toots are short, context is king. No need to be disingenuous here.

@rysiek even if I knew what you meant, someone else reading this thread might not.

I only described an example that it's not as simple as "never call compromises hacks". If this is what you meant from the start, then I don't see what's wrong with my reply...

@rysiek this exactly. I educate people all the time about "hackers" not being interchangeable with "criminals", and people get it just fine. There's reputable companies with "hacker" in their name (HackerOne, for example) and they do fine.

Never cede theft of a term of identity by idiots with an agenda.

@rysiek its like opening a box that arrives at your house only to find out its actually for the neighbours and now the cops come to lock you up. stupidy stupid.

@rysiek and I'll gladly take the promised $50 million, to deploy a 2 line fix in whatever shitty HTML templating software they're using, and change a couple of ACLs/permissions on databases etc.

@rysiek I’m going to commit ad hominem - but that governor is ass backwards to begin with. I’m not surprised the posturing is happening 🤦‍♂️

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!