Wed 2 Oct, 2002 10:41 pm
Some random definitions:
Daisy Chaining - This is what every good hacker does to avoid getting caught. Basically, you gain entry to a computer or network and use it to gain access to another, then to another. Hackers who get away with database theft usually do this then backtrack (this means they go backward after doing what they intended nd cover their tracks by destroying logs etc).
would-be cracker (a Black Hat hacker) or script-kiddie - This term denotes those who do not know how to hack systems but use malicious code written by others to do their damage.
back door - In the security of a system, a hole deliberately left in place by designers or maintainers. May be intended for use by service technicians. Syn. trap door.
bit bucket 1. The universal data sink. Discarded, lost or destroyed data is said to have gone to the bit bucket. Sometimes amplified as The Great Bit Bucket in the Sky.
crackerOne who breaks security on a system. Coined by hackers in defense against journalistic misuse of the term "hacker." The term "cracker" reflects a strong revulsion at the theft and vandalism perpetrated by cracking rings. There is far less overlap between hackerdom and crackerdom than most would suspect.
deep magic An awesomely arcane technique central to a program or system, esp. one that could only have been composed by a true wizard. Many techniques in cryptography, signal processing, graphics and artificial intelligence are deep magic.
foo1. interj. Term of disgust. 2. Used very generally as a sample name for absolutely anything, esp. programs and files. ... etymology is obscure.
hacker 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities. 2. One who programs enthusiastically. 3. A person who is good at programming quickly. 4. An expert at a particular program, as in 'a Unix hacker'. 5. [deprecated] A malicious meddler who tries to discover sensitive information by poking around. The correct term for this sense is "cracker."
KISS Principle "Keep It Simple, Stupid." Often invoked when discussing design to fend off creeping featurism and control development complexity. Possibly related to the marketroid maxim, "Keep It Short and Simple."
kluge 1. A Rube Goldberg (or Heath Robinson) device, whether in hardware or software. 2. A clever programming trick intended to solve a particularly nasty case in an expedient, if not clear, manner. 3. Something that works for the wrong reason.
lots of MIPS but no I/O adj. A person who is technically brilliant but who can't seem to communicate with human beings effectively. Technically it describes a machine that has lots of processing power but is bottlenecked on input-output.
munge vt. 1. [derogatory] To imperfectly transform information. 2. A comprehensive rewrite of a routine, data structure or whole program. 3. To modify data in some way that the speaker doesn't need to go into right now.
netiquette n. The conventions of politeness recognized on Usenet, such as avoidance of cross-pointing to inappropriate groups and refraining from commercial pluggery outside the biz groups.
phreaking 1. The art and science of cracking the phone network (so as, for example, to make free long-distance calls). 2. By extension, security-cracking in any other context (especially, but not exclusively, on communications networks).
raster burn n. Eyestrain brought on by too many hours of looking at low-res, poorly tuned or glare-ridden monitors, esp. graphics monitors.
RTFM imp. [Acronym for 'Read The F------ Manual.'] 1. Used by gurus to brush off questions they consider trivial or annoying. 2. Used when reporting a problem to indicate that you aren't just asking out of randomness: "Yes, I RTFM first."
security through obscurity (alt. security by obscurity) A hacker term for vendors' favorite way of coping with security holes -- namely, ignoring them; documenting neither any known holes nor the underlying security algorithms; or trusting that nobody will find out about them, and that people who did find about them won't exploit them. This "strategy" never works for long.
sneaker n. An individual hired to break into places in order to test their security; analogous to "tiger team."
spaghetti code n. Code with a complex and tangled control structure, esp. one using many GOTOs, exceptions or other 'unstructured' branching constructs. Pejorative. The synonym kangaroo code has also been reported, doubtless because such code has so many jumps in it.
time bomb n. A subspecies of logic bomb that is triggered by reaching some preset time; set to go off if the programmer is fired or laid off and is not present to perform the appropriate suppressing action periodically.
Trojan horse n. A malicious, security-breaking program that is disguised as something benign, such as a directory lister, archiver, game or (in one notorious 1990 case on the Mac) a program to find and destroy viruses.
vaporware n. Products announced far in advance of any release.
voodoo programming n. The use by guess or cookbook of an obscure or hairy system, feature or algorithm that one does not truly understand. The implication is that the technique may not work, and if it doesn't, one will never know why.
Vulcan nerve pinch n. The keyboard combination that forces a soft-boot or jump to ROM monitor (on machines that support such a feature). On many micros this is Ctrl-Alt-Del; on Suns, L1-A; on some Macintoshes, it is ! Also called the "three-finger salute."
wedged adj. 1. To be stuck, incapable of proceeding without help. This is different from having crashed. If the system has crashed, it has become totally nonfunctioning. If the system is wedged, it is trying to do something but cannot make progress. 2. Often refers to humans suffering misconceptions.
wetware n. 1. The human nervous system, as opposed to computer hardware or software. 2. Human beings (programmers, operators, administrators) attached to a computer system, as opposed to that system's hardware or software.
wizard n. A person who knows how a complex piece of software or hardware works; esp. someone who can find and fix bugs quickly in an emergency. Someone is a hacker if he or she has general hacking ability, but is a wizard only if he or she has detailed knowledge.
zipperhead n. A person with a closed mind.
Some definitions (when I got too lazy to type) taken from The New Hacker's Dictionary (MIT Press) Eric S. Raymond.
Hmmm, I had heard "3-finger salute" before, but not "Vulcan neck pinch" used to refer to Ctrl-Alt-Del.
Moved from the computer security forum to the computer forum.
White Hat - re hackers who work entirely within the law
they are also motivated to explore systems for intellectual curiosity, rather than for malicious or criminal intent. White hat hackers oppose doing damage to systems, stealing data, or interrupting service to a Web site. But their activities may be illegal if they explore systems they aren't authorized to enter. White hats can also unintentionally damage or delete data. Many white hat hackers work as well-paid security consultants, programmers, and network administrators.
Black Hat - is the other way around , they are malicious. Well hmm lets see If you think of www as the wild, wild west, then you can guess on which side of the law the black hat hacker operates. Black hat hackers (aka "crackers") steal data or damage systems. The most dangerous black hats are able to remain undetected for years, secretly monitoring a victim's PC for whatever nefarious purpose they have in mind
Grey Hat - is just in between white hat and black hat
Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners. Unlike a black hat, a gray hat acts without malicious intent. The goal of a gray hat is to improve system and network security. However, by publicizing a vulnerability, the gray hat may give other crackers the opportunity to exploit it. This differs from the white hat who alerts system owners and vendors of a vulnerability without actually exploiting it in public