About 15 years ago, hardly anyone knew about the terms “hacker” or “cracker,” but since the internet has become more popular—so have these two terms. However, the exact meaning of these terms, especially the term “hacker,” has been controversial. Concerning this controversy, some ethical questions arise. For example, is it ethical to be a “hacker” to earn a living?
In discussing these terms, the following points will be explored:
Hacking and cracking will be discussed in detail including a consideration of the ethical issues.
The importance of knowing there is a major difference or not, could make the difference as to whether a person is sent to jail or not. The article from St. Edward’s University’s website asks the question, “so if there are non-criminal (hackers) and criminal hackers (crackers), is it fair to label both hackers and crackers as hackers?” (2000). The University’s article goes on to answer that question, “it is important to address this question because the identity of a culture in our society--the hacker culture--is being challenged.”
In other words, an ethical hacker could be labeled as a bad guy simply because people do not know the difference between ethical hacking and unethical hacking (or cracking). For example, a situation could arise where the jury in a court room did not know that there was a difference and sadly convicted an innocent person who was actually doing ethical hacking. That is why the debate between the meanings of the terms, “hacker” and “cracker,” is so important and cannot be just written off as a “stupid” debate as the author of an article on silicon.com clearly states, “…let's forget this stupid hacker versus cracker debate - if you break into computer systems you're a hacker, end of story” (2004).
1. “Hacker:” In a book on information systems, Stair and Reynolds define a “hacker” as “a person who enjoys computer technology and spends time learning and using computer systems” (2003). For example, “white hat” is a name for an occupation hackers take up. White hats have “the knowledge needed to gain authorized entry into computer systems or sabotage them, but instead choose to help computer users and organizations identify and close holes” in networks, so that unauthorized people will not be able to gain access to private information (Pfaffenberger, 2003). The controversial aspect of the meaning of “hacker” will be discussed after the term “cracker” is defined.
2. “Cracker:” Stair and Reynolds define a cracker (“criminal hacker”) as “a computer-savvy person who attempts to gain unauthorized or illegal access to computer systems” (2003). A thief would not be a good way to describe crackers, simply because a lot of crackers do not crack to get private information. Instead, “many crackers consider it a game in which the object is to defeat even the most secure computer system” (Pfaffenberger, 2003). This is why white hats are important, as they can help prevent a computer system from being compromised.
The problem is that most people consider all hackers as criminals; this problem is really the media’s fault, because as a lot of newspapers show, the reporters do not distinguish between “crackers” and “hackers”, and they use the term “hackers” whether it’s actually a “cracker” or a “hacker.” Even Pfaffenberger says that “in the press, the term ‘cracker’ is used synonymously with ‘hacker,’ but has a completely different meaning” (2003). Even the word “hack” does not necessarily mean to break into a computer system, because it can just mean an attempt to improve a computer’s performance.
As well as this controversy between the terms “hacker” and “cracker”, there is also a controversy in regard to the meaning of “ethical hacking”. Before one can discuss the topic of “ethical hacking”, one has to determine the foundation for one’s ethics. I will be basing my views on this subject in this article on a biblical foundation.
The Bible is the basis for the Christian worldview as it is the Word of our Creator to whom we are accountable. He is the absolute authority in all matters, and therefore has a right to determine “right” and “wrong” and “good” and “bad.”
According to Pfaffenberger, some people believe that “all technical information should, in principle, be freely available to all. Therefore, gaining entry to a system to explore data and increase knowledge is never unethical” (2003). The first problem that comes up with this belief is that the basis they have for their “ethics” is that their opinion determines truth. They cannot logically argue their “ethical principles” since they are just built on opinion. Everyone could have different “ethical principles.” The Bible therefore determines which “ethical principles” are “right” and “wrong.”
However, using the Bible as a framework to base ethical principles on recognizes there because God is the absolute authority, His principles are the one that should be the foundation for how one develops a correct way of thinking on these issues.
Of course the Bible does not specifically mention hacking, but the Bible does mention stealing. In Exodus 20:15 the Bible says, “You shall not steal.” If a person enters a computer system unauthorized and obtains information that is not that person’s property, then this would be considered stealing. On this basis, one would call this “cracking” (stealing) and not “hacking.”
With “ethical hacking,” a person can enjoy using computers and only hack into systems that the person is authorized to hack (i.e. “white hat”). A person could even enjoy working on their own computer and that also would be considered “ethical hacking.” When a person hacks, it depends on the circumstances as to whether or not this should be considered ethical or unethical. From a Biblical perspective, this should be easy to determine.
The simple answer for the response to “ethical hacking” (provided it really is ethical from a biblical standpoint) should be to let them do their work. Unethical hackers should be stopped using any ethical means possible.
One of the most obvious ways to try to stop crackers is by using white hats or ethical hackers, in other words, hackers using technology to stop crackers from misusing technology. However, technology is not the only answer for stopping crackers; As Branigan says, “It should be clear that the problem of defending against hacker attacks cannot be solved by technology alone” (2004). Branigan continues to say that “new technologies are an important part of the solution, but they should not be viewed as the solution”, because the harder the technology is to crack the harder the crackers will try to crack the systems (2004). Crackers will not stop just because of different technology, as their “ethical” base will determine what they will do.
A big part of the solution is trying to understand the hacker’s intentions and using that information to stop the hacker. What Branigan says about this part of the solution is “we cannot yet predict who will hack and how they will do it, but we can use the position of a potential hacker relative to his or her target to determine the most likely intent of any attack”, so a person working for a company would “target” differently than someone not working for that company (2004). When this has been determined, “we can now adjust our security to respond more appropriately to the threats” (Branigan, 2004).
What has been found out is that knowing the difference between a “hacker” and “cracker,” and knowing what these differences are, is important in order to properly respond to unethical hacking. As a Christian, the Bible of course provides the right foundation to determine whether a situation is ethical or unethical.