Once upon a time, the word "hacker" was benevolent. Peaceful, law-abiding coders who built things called themselves hackers (including yours truly). Hackers built things, we said, and crackers broke things. Never mind that the media insisted on applying the "hacker" label to digital burglars and vandals. We knew what we were, and we called ourselves hackers with pride. It was those crackers causing all the trouble.
Well that was a losing battle, wasn't it?
"'Cracker' never caught on," agreed Jesse Sheidlower, a former editor of the Oxford English Dictionary, past president of the American Dialect Society, and a programmer himself. "It's a useful distinction, but it doesn't matter, because no one really follows it."
The problem is that, in an age of exponentially increasing innovation, information technology is disrupting and reshaping the social and political landscape, often in surprising and—dare I say it—unpleasant ways. Public discourse requires using new words with precision so that we can adapt to these changes. But since the majority of journalists and politicians lack the technical background to understand the technology, the end result is HACKERS HACKED A HACK: SCARY HACKER HOODIES!
And the result? Now anyone tinkering with a computer is, by word association, tarnished as a criminal.
The first use of the word "cracker" in a computer context is credited to Richard Stallman, president of the Free Software Foundation and creator of the GNU operating system. "I coined the term 'cracker' in the early 80s when I saw journalists were equating 'hacker' with 'security breaker,'" he wrote in his essay "On Hacking." He went on to write:
Yet when I say I am a hacker, people often think I am making a naughty admission, presenting myself specifically as a security breaker. How did this confusion develop?
Around 1980, when the news media took notice of hackers, they fixated on one narrow aspect of real hacking: the security breaking which some hackers occasionally did. They ignored all the rest of hacking, and took the term to mean breaking security, no more and no less. The media have since spread that definition, disregarding our attempts to correct them. As a result, most people have a mistaken idea of what we hackers actually do and what we think.
That would fine, if this misunderstanding were merely a linguistic concern. But when people go to jail for "hacking" that isn't security breaking, then holy whistling ICBM launch codes do we have a problem.
As Biella Coleman, a professor at McGill University in Montreal who's well-known for her study of hackers, hacktivism, and Anonymous, pointed out in The Johns Hopkins Encyclopedia of Digital Textuality, "Since the mid 1980s, the US government has tended to criminalize hacking under all circumstances, unwilling to differentiate between criminal activities, playful pursuits, and political causes."
This scares real hackers. In current usage the word is so ambiguous that it includes Russian mobsters who steal credit card data, hacktivists with a political agenda, government spies and secret police, digital pranksters and trolls like weev, Silicon Valley startups, Open Source developers, and tinkerers and makers and hobbyists of all stripes.
"Being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer"
Some hackers rejected the "cracker" label and preferred to think of themselves as movie star cowboys. "Both 'black hat' and 'white hat' in computer-security contexts arose by 1990," Sheidlower told us. "They stem from the earlier (1950s) use in the senses 'a villain or criminal' and 'a hero'; a 'good guy', in reference to characters in Western films."
Hacking in 90s films completely changed the perception of hacking and hackers in popular consciousness—largely through entirely misleading portrayals.
There is another group of people who loudly call themselves hackers, but aren't. These are people (mainly adolescent males) who get a kick out of breaking into computers and phreaking the phone system. Real hackers call these people "crackers" and want nothing to do with them. Real hackers mostly think crackers are lazy, irresponsible, and not very bright, and object that being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word "hacker" to describe crackers; this irritates real hackers no end.
Raymond is half-right. Journalists have not been fooled, of course, but rather failed to understand the difference. Indeed, when crackers themselves seem intent on co-opting the hacker label, you can hardly blame non-technical people for being confused. That suggests that the language itself contains a core ambiguity.
To hack is to experiment, often in broad strokes and leaving an unfinished or imperfect work. Echoes of "hack writer" and "hacking with an axe" can be heard by those who listen carefully. What software is ever truly completed? What code exists without bugs—and without security vulnerabilities?
To write code shares this with writing words: The author gropes his or her way forward, often blind, trying puzzle pieces, rejecting them, trying others, putting them together, often in ways that do not perfectly fit. A design document will point the destination, but writing code is a messy business, hacking through a digital jungle with only a rusty machete and your wits to guide you.
The processes of building and breaking therefore have much in common. "What happens if I do… this?" is the same mentality as "What happens if I leave a 65,000-character Wordpress comment?" A testing framework and fuzzing for vulnerabilities are automated versions of the same mindset.
…hackers are invariably smart-alecks. If we had a national holiday, it would be April 1st. It says a great deal about our work that we use the same word for a brilliant or a horribly cheesy solution. When we cook one up we're not always 100% sure which kind it is. But as long as it has the right sort of wrongness, that's a promising sign. It's odd that people think of programming as precise and methodical. Computers are precise and methodical. Hacking is something you do with a gleeful laugh.
This sense of "hacker as smart aleck" has been with us since the beginning. The first recorded use of the word to mean "tinkering with computers" comes from the MIT Model Railroad Club in the 1950s.
According to Tech Model Railroad Club of M.I.T.: The First Fifty Years, the club's April 5, 1955 meeting minutes contain this then-humdrum enjoinder: "Mr. Eccles requests that anyone working or hacking on the electrical system turn the power off to avoid fuse blowing." But even then, playful tinkering had its dark side.
"The notion that 'hacker' has always had a positive connotation is simply not true," Sheidlower pointed out. "Even 50 years ago it referred to improper use of technology."
So how do we solve this problem? How do we use language to talk about technology—and its uses and misuses—in a more precise and effective way?
"I think the easiest solution to this problem," Coleman said in a telephone interview, "is to refer to criminal hacking as 'criminal hacking.' Is a profit being made? Are we talking organized crime? Then emphasize what is and is not criminal."
Sheidlower disagreed. "Focusing on the particular word is always going to be problematic," he argued. "At this point people use 'hack' to mean doing anything on a computer or the internet. You can't say, 'here's what it means, and anyone who doesn't use it this way is wrong.' That would be useful, but it's never going to happen."
The problem, he argues, isn't a linguistic one. "People will blame language rather than the underlying issues," he said. "People like to think, 'oh, if only we used a different word, the problem would go away.'"
"Language does not work that way," he added. "Politicians who have a lot of authority over the internet haven't the faintest clue how it works, but them understanding the word 'hacker' is the smallest of our problems."
The best we can do, Sheidlower and Coleman agree, is provide context when discussing "hacking" and "hackers." In no world does the Cardinals' "hack" of the Astros demonstrate mastery of a computer. It was, rather, a skill-less and illegal crack by people who do not merit the h-word.
Despite the inherent ambiguity, Coleman pointed out that perceptions are slowly changing. "'Hacker,'" she said, "does not just have negative associations anymore. That's in part precisely because of the growth of hacktivism, Wikileaks, and Anonymous."
Coleman emphasized that the proliferation of hackers in TV and film has played a large role in changing the general public's perception of hackers. "Popular cultural representations from House of Cards to Mr. Robot have a big impact educating people that hacking isn't simply tied to criminal activity," she said.
But the growing awareness of the dual sense of the word "hacker" causes its own set of problems. "The thing with hacking that is difficult for people to wrap their heads around is that there's aspects of it that have such negative associations, and others such positive associations," Coleman said. "It causes a kind of cognitive dissonance, like how can you have both, you know?"
The underlying problem isn't going away, though. How we deal with smart alecks who use computers for non-illegal purposes may well be our modern crucible. As Paul Graham pointed out in "The Word 'Hacker,'" you cannot keep the "good hackers" and throw out the bad:
Hackers are unruly. That is the essence of hacking. And it is also the essence of Americanness. It is no accident that Silicon Valley is in America, and not France, or Germany, or England, or Japan. In those countries, people color inside the lines.
Persecuting intellectually curious hackers for playful experimentation—that, yes, thumbs its nose at authority—and enforcing a narrow, conformist view of what is and is not an acceptable use of a computer, he argued, will destroy what makes America great.
"It is the people who break rules that are the source of America's wealth and power," Graham wrote. "Those in a position to impose rules naturally want them obeyed. But be careful what you ask for. You might get it."