It is a matter of fact that the rapid development of the Internet has brought many useful and much appreciated things such as electronic commerce, easy access to numerous stores of material, collaborative computing, e-mail, and new places for advertising and information distribution - Computer Hackers introduction. However, like many technological advances, there is also a negative side: growing number of hackers. Governments, companies, and individuals are trying to join internet-users. However, they can’t make the final decision about their using of the Internet because they suspect that some hacker will penetrate their Web server and change their logo to pornography, steel information from their e-mail, get to know their credit card number from an on-line shopping site, or put in software that will quietly transmit their secret organization’s data to the Internet. (Casabona 1998)
More Essay Examples on Computer Rubric
It is interesting to note that nowadays there are two types of computer hackers: criminal hackers who are willing to penetrate and to break the system without authorization; and there are ethical hackers who are asked to test new hardware and software through hacking identifying in such a way its weak and strong moment. Therefore, hacking may be both legal and illegal. And, thus, question appears: what is the difference between these two kinds and whether hacking is able to become legal job?
Today the term “hacker” has a double usage in the computer industry. Formerly, the term was defined as:
1. A person who learns the particular details of computer systems and the possible ways to extend their abilities—unlike the most users of computers, who are learning only the minimum amount.
2. A person who programs devotedly or who enjoys programming instead of only theorizing about programming. (Casabona, 1998).
This flattering description was frequently extended to the verb form “hacking,” aimed at explaining the fast creating of a new program or the changing of the existing, typically complicated software.
As computers became more and more available at universities, user communities start extending beyond researchers in engineering or computer science to other people who think that computer is a very useful instrument. Whether they use the computers to play games, create small movies and/or to help them with the more worldly aspects of their everyday work. In other words when people become acquainted with a computer they become dependent from them in a certain way. (Casabona, 1998)
Due to the increasing popularity of computers and their high cost, access to them was normally restricted. With refused way in the computers, some people would challenge the access controls that were put in place. They would steal account numbers or passwords by looking over people’s shoulders, check the system for bugs, or really take control of the whole system. Actually they would do these things in order to run the programs they choose, or just to change the limitations of program running. (Casabona, 1998)
Initially these computer intrusions were quite benign, with the most damage being the stealing of computer time. In other cases, these intrusions would be like practical jokes. Nevertheless, these intrusions did not stay benevolent for long. Sometimes the less gifted, or less careful, crackers would unintentionally bring down a system and even would “kill” its files. In the result the system administrators have to restart it again and/or to make repairs. In other case, when these intruders failed and their activities were revealed, they could take destructive measures. (Garfinkel 2000)
When the number of these destroying computer intrusions became visible, due to the visibility of the system or the extent of the harm afflicted, it became “well-know through the media. Instead of using the more exact term “computer criminal,” the media started using the term “hacker” to name individuals who break into computers for fun, vengeance, or income. As calling someone a “hacker” was initially meant as a compliment, computer security people prefer to use the term “intruder” or “cracker” for those hackers who turn to the dark side of hacking. Here the explicit terms “ethical hacker” and “criminal hacker” will be used for the rest of this paper. (Kuehn 1992)
With the growth of Internet popularity, computer security became a main problem to solve for businesses and governments. They want to benefit from the Internet for electronic commerce, advertising and access to information, and other pursuits, but they are anxious of being “hacked.” It is necessary to mention that the prospective clients of these services are concerned about maintaining control of private information varying from numbers of credit cards to home addresses and even social security numbers. (Kuehn 1992)
Nevertheless, it is necessary to outline that nowadays new type of hackers appeared – ethical hackers. In order to find proper way to resolve the problem, organizations now understand that one of the possible ways how to assess the cracker threat to their interests will be having independent computer programming professionals attempt to break and/or to damage computer systems. Such scheme is similar to the scheme whose auditors are coming into an organization to check its bookkeeping accounts and written records. If a computer is secure, these “tiger teams” or “ethical hackers” would apply the same ways and techniques as the crackers, but they would neither harm the target systems nor steal information. On the contrary, they would assess the target systems’ security and inform the owners about the vulnerabilities they found and instructions for how to heal them.
This way of the system security evaluating has been in use from the very beginning of computers’ development. In one of the first ethical hacks, the United States Air Force organized a “security assessment” of the Multics operating systems for “possible use as a two-level (secret/top secret) system”. Their analysis revealed that while Multics was “notably better than other usual systems, it also had vulnerabilities in hardware protection, software protection, and procedural protection that could be uncovered with a comparatively low level of effort.” (Kuehn 1992) The authors fulfilled their tests under a principle of realism, in order for their results to precisely represent the kinds of access that a cracker could potentially attain. They performed tests that were just information-gathering exercises, as well as other tests showing that systems were clear attacked and their integrity could be damaged. It is known that their audience would like to find out the information about both results. One can find more than a few other now unspecified reports that show ethical hacking activities within the U.S. military. (Kuehn 1992)
It is known that all hackers normally have good programming and computer networking knowledge and have been in the computer and networking business for some years. They are also adept at establishing and maintaining systems that use the more well-known operating systems (e.g., UNIX** or Windows NT**) applied on target systems. These base skills are complemented with thorough knowledge of the software and hardware. Such knowledge is provided by the more well-known computer and networking hardware vendors. It should be said that an extra specialization in security is not always needed, as good skills in the other areas means a perfect understanding of how the security on different systems is maintained. The systems management skills are essential for the actual susceptibility testing, but are equally vital when preparing the report for the customer after the test.
Lastly, good candidates for hacking must have more patience, tolerance and actually drive compared with other people. Criminal hackers are usually very patient and willing to check systems for weeks or months in order to find the only chance. A usual evaluation may need several days of monotonous work that is difficult to automate. Some parts of the evaluations must be done outside of normal working hours lest they should interfere with production at “live” targets or to reproduce the timing of a real attack. While working with a system that is not familiar enough to them, hackers will spend the time get clear information about the system and then they try to figure out its weakest points. Finally, keeping up with the quickly developing world of computer and network security needs continuous education and review.
One may observe that the skills we have talked about could “just as easily belong to a criminal hacker as to an ethical hacker”. (Kuehn 1992) Just as in sports or fighting, knowledge of the skills and performance of your opponent is the bet for success. In the sphere of computer technologies, the ethical hacker’s task is the harder one. With usual crime anyone can become a thief, graffiti artist, or a robber. Their potential goals are frequently easy to recognize for the security. The local law enforcement agents must be aware of how the criminals are acting and how to stop them. On the Internet anyone can download tools for hackers and apply them to try to break into computers anywhere in the whole world. It is admitted that ethical hackers must be aware of the most important principles, values and methods of the criminal hackers, how their actions might be revealed, and how to stop them. (Casabona 1998)
While some will state that only a “real hacker” is able too do the work perfectly, it seems that the need of absolute trust eliminated such candidates. It is possible to compare the decision with the decision to hire a fire marshal for a school while a gifted ex- incendiary might actually know a lot about fires; would the parents of the students truly feel good with such a choice? This choice was further justified when the service was originally offered: the customers asked for such a limit to be observed. From the time when ethical hacking groups are created, there have been many ex-crackers who have become security consultants and speakers for the news media. Nevertheless, it is obvious that people still can’t absolutely trust them. Ethical hackers can assist their clients in better understanding of their security needs, it is the clients who decide whether address them or not (Farmer & Venema, 1996).
Casabona, P., & Yu, S. (1998). Computer Fraud: Financial and Ethical Implications. Review of Business, 20, 1, 22.
Garfinkel S. and Spafford E. Practical Unix Security, First Edition, O’Reilly & Associates, Cambridge, MA
Farmer and W. Z. Venema, (1996). “Improving the Security of Your Site by Breaking into It”. Retrieved July 10, 2007, from ftp://ftp.porcupine.org/pub/security/index.html#documents.
Kuehn, R. A. (1992, June). Step Up to the Toll Fraud Challenge. Business Communications Review, 22, 82-85.
Linnhoff, S., & Langenderfer, J. (2004). Identity Theft Legislation: The Fair and Accurate Credit Transactions Act of 2003 and the Road Not Taken.