Pin It

The dA-Zed guide to hacking

Hacking in 2013, letter by letter, from Aaron's Army to Zero Day Attacks, torrents to RATs

A is for Aarons Army, the acolytes of (tragically deceased) Aaron Schwartz

Aaron Schwartz was made an example of. For the crime of making government funded research papers open access the DOJ sought to imprison him for upwards of 20 years. Earlier this year the Reddit co-founder committed suicide. Aaron's Army are a disparate and distributed group of hacktvists committed to continuing Aaron's labour of ensuring information wants to be free. 

B is for Blue Box

Back in the pre - PC age the ethos of hacking went by a different name: phreaking. Intrepid engineers worked out a way to game the way telephone handset worked, a technology called dual tone modulation frequency (DTMF). The long and short of it was the same technology that allowed touch tone phones also contained an in-house call termination signal tone of 2600 hertz. If someone played that tone into the receiver of a telephone handset they could access an open line for international calls. Future Apple founders Steve Wozniak and Steve Jobs were among the subculture that availed of blue boxed free international calls.

C is for Crytpo-Anarchism

Cryto-anarchists and cypherpunks are united by the rallying cry of Encrypt Everything. The latter group, not to be confused with cyberpunks, bravely laboured to make declassified USA encryption technologies open source and available to all through Pretty Good Privacy (PGP) encryption. Today crytpo-anarchists advocate everything from encryption tools (such as CryptoCat) to cryptocurrencies (like Bitcoin and its rapidly proliferating rivals) as tools essential to online freedom and, for some, as building blocks of a new internet that rails against the policed web we are accustomed to. Read the original Cryto-Anarchist Manifesto

D is for DDoS and Digital Dissidence

DDoS stands for a distributed denial of service attack, a favoured tool of hacktivists that strangles a websites functionality by swamping its servers with access requests (it visits a comparable strain to that which accompanies any given ticket website on the morning of an in demand gig). The PayPal 14 utilised the service in protest of Paypals complicity in starving WikiLeaks of funds, and that incident shows how close DdOS is to digital civil disobedience. See also Doxing, as visited on the EDL by Anonymous 

E is for  Exploit

In hacker parlance exploit is an encompassing term that refers to any vulnerability or glitch in a system which can be leveraged to gain privileged access to said systems inner workings.

F is for Finfisher

Finfisher rose to public notoriety when company records of creators Gamma Group surfaced in the wake of the Egyptian Arab spring. Finfisher is a veritable master suite for aspirant Totalitarians: one element of the software, FinSpy, enables Skype calls to be wiretapped. Investigations by Citizen Lab unearthed that the surveillance software is employed in 25 countries globally.

G is for GNU/LINUX & RMS

GNU/Linux is the life's labour of Richard M. Stallman, the famously cantankerous advocate for free software, and the legion coders sympathetic to his position. Stallman believes that all software's source code should be free to view, in order that the rights of the user are not compromised by profiteering developers. The supplanting of free software with the more corporate friendly “open source” saw free software recede from public debate, with some commentators linking the hollowing out of hacker ethics with this trend.

H is for hats: specifically the black and white varieties.

Black hat and white hat denote the sympathies of anyone self identifying as a hacker. White Hat's claim ethical purposes for exploiting systems, such as stress testing the security measures in a given enterprise, but always hacking within the law. The binary inversion inevitably positions black hats as the bogeymen of the internet, hacking for credit card numbers or selling a computer exploit to the highest criminal bidder (no better journalism on the rise and fall of black hats exist than this testament on WeirderWeb). There is a third hat – the grey hat, those hackers who aren't so naïve as to imagine that hacking outside legal parameters is always an evil act and who are most likely to frequent the Chaos Computer Club festival.

I for  itsoknoproblembro and Internet Corporation for Assigned Names and Numbers (ICANN)

Some may find (as I did) it amusing to note that bro culture has been immortalised in hacker parlance. Itsoknoproblembro referred to a pretty complex DdOS software suite which raised cybersecurity hackles late last year

ICANN oversees the domain name services (DNS). Without getting bogged down in detail the DNS is physically instantiated in 13 core servers that are the bedrock of the web. ICANN administers these servers, but can do so only by maintaining its base within the USA and within US policies. This situation has long been a problem for those advocating a more open and accountable internet and their cries certainly ring more loudly after last weekends disclosures. 

J is for jargon.txt and Java 

jargon.txt was a glossary of hacking terms from the heyday of garage computing. Maintained on the MIT-AI BBS the list eventually found itself published under the title 'The New Hackers Dictionary'. It's a wonderfully bizarre collection of nomenclature featuring surprising lexical conventions like cockney rhyming slang and concatenating words in opaque fashion to produce novel adverbs e.g. mysteriosity. ferrous => ferocity. Other examples: winnitude, disgustitude, hackification.

Java is a curiously colonial programming language – its rise to ubiquity is indebted to its 'virtual machine' ability. It can run on any computer, and boy does it – it runs on three billion devices globally! Befitting its popularity it's one of the commonly targeted by black hat hackers: most security experts recommended disabling your Java browser plugins for good 

K is for Kevin Mitnick

At the time of his arrest in 1995 Kevin Mitnick was the United States most wanted  computer criminal. His exploits are detailed in The Art Of Deception, aptly titled given how gifted Mitnick was at social engineering. Social engineering, the art of manipulating people into divulging key information, is an oft used tactic by black hat hackers because it's easiest to break the weakest link in any system, and in most systems that link is the human users.  

L is for Logic Bomb

Logic Bomb refers to malware that requires certain conditions to be met before it delivers its damaging payload. South Korea was recently hit with a Linux targeting logic bomb in a highly coordinated cyberwar attack. 

M is for McAfee and the Michaelangelo Virus

Before John McAfee was a tax exile (run this past your libel team, it's been published elsewhere) and a fugitive from the Belizean government he was CEO of the McAfee antivirus company. Whether intentional or not, McAfee benefited greatly from the hysteria that followed the Michaelangelo virus. The Michaelangelo Virus was also a logic bomb of sorts – it's payload dropped on the great artists birthday, March 6th. The virus left a far greater mark on computer users than computers: henceforth antivirus programs made great weather of the national publicity that had attended the media furore. 

N is for NMAP 

A legit hacking tool which attained pop culture infamy following its cameo in The Matrix Reloaded. By sending carefully crafted packets through a network NMAP builds up a map which can discover open ports amenable to exploits. Creator Gordon Fyodor chronicles the softwares subsequent cinematic proliferation here 

O is for Onionland and the Onion router

Onionland is the name given to the collection of websites accessible via The Onion Router (aka TOR). This network of sites is built atop anonymisation software which originated within the US Navy. Whilst properly (and taking all the advocated steps before getting online is essential) accessing the network nobody can see whom you (more accurately, your computer) is communicating with or which sites you are visiting. The network is principally designed for countries suffering under the rule of totalitarian rulers (as exemplified by Parazite, but the anonymity it provides has seen a subculture of darknets and black markets (like Silk Road) develop. A list of the sites which can be accessed is available here

P is for Plug In Activism 

Firefox has several plug ins essential to letting users become more engaged citizens of the internet. Timely plug ins like Collusion, visualise all the companies tracking your web behaviour (Lifehackers list of privacy boosting plug-ins is recommended follow up to Collusion!). Special mentions to China Channel, which delivers the censored Chinese internet experience direct to your browser, and to MAICgregator which lays bare all the academic bodies taking dirty money from the Military Industrial Complex. 

Q if for

With repressive government flipping the communications kill switch at the first sign of dissidence the need for mature mesh network technology is glaringly apparent. is one piece of software that utilises the WiFi abilities of phones, routers and computers to build a shared network where information can be digitally shared independent of ISPs and traditional internet infrastructure. 

R is for RAT (remote access tool/trojan)

Remote Access Trojans grant hackers control over your computer. It has many uses but one of the most common is transforming your computer into a zombie agent of a botnet – hundreds of thousands of infected machines that are rented to the highest bidder for spamming, DdOS attacks and identify theft through phishing scams.

S is for Steganography 

Steganography has been the preserve of spies and other covert agents for centuries: at its simplest it's a hidden message where the sender and recipient have the cipher necessary for decoding the message. It's advantages over encryption is that by hiding in plain sight the exchange arouses no suspicion. With the arrival of digital technologies and media an incredibly inventive discipline of subterfuge has ascended to even greater artistry: messages can be hidden in digital photo file formats or even within the silences that punctuate Skype conversations. Moreover cultural steganography, such as speaking in code during email or the inventive use of memes highlighted by An Xiao Mina is free to make use of shared content which evades governmental data mining. 

T is for Torrent 

Torrents need no introduction but certainly merit mention as an instance of the industry savaging side of the 'information wants to be free' refrain so popular among hackers. The corporates who have felt the brunt of BitTorrent's effect are still shell shocked, persisting with making user experience miserably mired in ineffective DRM technologies. 

U is for Unabomber 

Today activists who wish to unshackle us from the disempowering relationship we have to technology aspire to build tools and alternatives to the norm. In the 1970's one radical took an entirely different approach – terrorising the United States with a series of bombings spanning two decades. Among Ted Kaczynski's beliefs was that technology possessed an insidious agency that empowered society to exponentially restrict personal freedoms. He also believed no checks and balances could be brought to bear on technology, leading him to advocate a return to pre-technological societies. 

V is for Virus 

Viruses have evolved from objects of amusement (from way before lulz were a thing) into srs business and weapons of warfare. Erring on the lighter side of their history DanOoct1 has collected a bestiary of malware on his youtube channel.

W is for War Dialing 

War Dialing (its name indebted to classic flick War Games) is a technique from the days of dial up internet (which is admittedly alive and well is huge portions of America). The technique employs various technologies to dial massive quantities of telephone numbers in the hope of locating a weak spot. InfoSec experts predict a resurgence in the method, with popular hacking tool Metasploit baking it into their latest software. But this time the technique could be applied to search engines like Shodan  and the Every Routable IP Project , which can locate internet connected devices neglected by regular search engines. Worringly Shodan can locate everything from gas stations to crematoriums.

X is for Xanadu

Mesh networks, darknets, torrent technology and free software all (in their own ways) offer the possibilities of an internet different from the Web we've grown accustomed to. The last week has shown up the hollowness of the current internet sovereigns (elsewhere called 'the Stacks' by Bruce Sterling) commitment to protecting the users of the web. The Xanadu project is a vision of the internet that never came to pass and you can read all about it in this feature. 

Y is for The Yes Men 

If Kevin Mitnick was a black hat social engineer then the Yes Men are his gray hat successors with an appetite for the lulz commensurate with Anonymous hacktivists. The culture jammers have used textbook social engineering techniques to orchestrate extremely high profile pranks: most successfully wiping value off the stock of Dow Chemical. 

Z is for Zero Day Attack 

Zero Day Attacks are the bane of every programmers existence. On the day of software release some hacker somewhere unearths a vulnerability and publishes the exploit. The developer has no time to release a software patch to remedy the vulnerability and so cue a nightmare next morning at the office for the programmers in question.