This is a short compilation of terms and definitions referring to script kiddies, hackers and crackers.

A script kiddie is a term related to a person who is normally not technologically sophisticated, who randomly seeks out a specific weakness over the Internet in order to gain administrative access to a system without really understanding what it is s/he is exploiting, because someone else discovered the weakness. A script kiddie is not looking to target specific information or a specific company, but rather uses knowledge of a vulnerability to scan the entire Internet for a victim that possesses that vulnerability.

However, an alternative definition states that a script kiddie is a derogative term. It was originated by the more sophisticated crackers of computer security systems for the more immature, but unfortunately often just as dangerous exploiter of security lapses on the Internet. The typical script kiddie uses existing and frequently well-known, easy-to-find techniques and programmes or scripts to search for and exploit weaknesses in other computers on the Internet. This is often done randomly and with little regard, or perhaps even understanding, of the potentially harmful consequences. Hackers tend to view script kiddies with alarm and contempt since they do nothing to advance the ‘art’ of hacking, and sometimes unleash the wrath of law enforcement establishments on the entire hacker community.

The term hacker is a term used by some to mean ‘a clever programmer’ and by others, especially journalists or their editors, to mean ‘someone who tries to break into computer systems’.

While a hacker will generally take pride in the quality of an attack – leaving no trace of an intrusion, for example – a script kiddie may aim at quantity, seeing the number of attacks that can be mounted as a way to obtain attention and notoriety. Script kiddies are sometimes portrayed in media as bored, lonely teenagers seeking recognition from their peers.

Eric Raymond, compiler of The New Hacker’s Dictionary, defines a hacker as a clever programmer. Raymond lists five possible characteristics that qualify one as a hacker, which have been paraphrased here:

• A person who enjoys learning details of a software programming language or system
• A person who enjoys actually doing the programming rather than just theorising about it
• A person capable of appreciating someone else’s hacking
• A person who picks up software programming quickly
• A person who is an expert at a particular software programming language or system, as in ‘Unix hacker’

Raymond deprecates the use of this term for someone who attempts to crack someone else’s system or otherwise uses programming or expert knowledge to act maliciously. He prefers the term ‘cracker’ for this meaning
A cracker has also been defined as one who breaks security on a system. Coined by hackers in defence against journalistic misuse of the term ‘hacker’, the term ‘cracker’ reflects a strong revulsion at the theft and vandalism perpetrated by cracking rings.

A cracker is generally someone who breaks into someone else’s computer system, often on a network, bypasses passwords or licenses in computer programs or in other ways intentionally breaches computer security. A cracker can be doing this for profit, maliciously, for some altruistic purpose or cause, or because the challenge is there. Some breaking-and-entering has been done ostensibly to point out weaknesses in a site’s security system.

The term ‘cracker’ is not to be confused with ‘hacker’. Hackers generally deplore cracking. However, as Eric Raymond, compiler of The New Hacker’s Dictionary notes, some journalists ascribe break-ins to ‘hackers.’

A classic story of the tracking down of a cracker on the Internet who was breaking into U.S. military and other computers is told in Clifford Stoll’s The Cuckoo’s Egg, which is a very good read. Try this link for further details:

http://mostlyfiction.com/adventure/stoll.htm

What drives these people?

Some interesting research has been conducted within an article called “Hacker Psych 101” by Jeremy Quittner, where the researchers point out that not all hackers are criminals.

http://tlc.discovery.com/convergence/hackers/articles/psych.html

References:

The New Hacker’s Dictionary – 3rd Edition by Eric S. Raymond available from: http://www.amazon.com/exec/obidos/tg/detail/-/0262181789/103-0630957-9888652?v=glance
http://tlc.discovery.com/convergence/hackers/articles/psych.html
http://tlc.discovery.com/convergence/hackers/glossary/glossary.html