Here at Motherboard, we use the word “hacker” every single day. With each story we write, we help shape, or perhaps, reshape, the meaning of the word.
If you ask Google, or look up the definition of the word in the dictionary, you're likely to get the idea that a hacker is a bad person because they use computers in an "unauthorized" manner. Marten Mickos, the CEO of HackerOne, a company that helps other companies pay friendly researchers for reporting bugs, doesn't like that. He recently asked the Cambridge Dictionary to change the definition of the word arguing that most infosec professionals, according to a recent survey, don’t see it as a negative term.
Got a tip? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at email@example.com, or email firstname.lastname@example.org
As some of you may know, the word hacker was born outside the context of information security. Heck, it was born before information security (or cybersecurity if you will) was even a thing. In the 1960s, a hacker was simply a benevolent way to refer to the first computer enthusiasts and geeks, according to MIT’s New Hacker Dictionary.
Fast forward 50 years and—despite a failed effort to change the common perception—most news publications, dictionaries, and the general populace, understand hacker to be someone malicious, someone who breaks into computers or systems with the intent of stealing data or doing some other illegal or unauthorized activity.
Here’s how the Oxford dictionary defines hacker:
A person who uses computers to gain unauthorized access to data.
The Cambridge Dictionary uses a similar definition.
A person who is skilled in the use of computer systems, often one who illegally obtains access to private computer systems.
Dictionary.com acknowledges a non malicious definition but also includes the common, negative, connotation:
A person who has a high level of skill in computer technology or programming; a computer expert or enthusiast.
A person who circumvents security and breaks into a network, computer, file, etc., usually with malicious intent.
In my experience, these definitions are totally inaccurate. I've heard seasoned professionals, academics, as well as newcomers, describe themselves as hackers. They were using the word in a neutral sense, as someone who is passionate about exploring and breaking stuff, but not necessarily with the intention of doing evil.
Here at Motherboard, we consider hacker a neutral term. As we wrote in our e-Glossary of Cyber Terms and Hacking Lingo:
Hackers can now be used to refer to both the good guys, also known as white hat hackers, who play and tinker with systems with no malicious intent (and actually often with the intent of finding flaws so they can be fixed), and cybercriminals, or "black hat" hackers, or "crackers."
The Cambridge University Press, which publishes the dictionary, did not respond to a request for comment. But in a response to Mickos’ tweet, Cambridge seemed to indicate it’s looking into it. It may be too late anyway, but a rebranding of the word would be crucial to encouraging more young professionals to get into cybersecurity, and help fill the huge gap of jobs that will be required to secure an increasingly connected world.
Get six of our favorite Motherboard stories every day by signing up for our newsletter.