In the past few days/weeks in Slovenian media there was a big boom about three Slovenian citisens who allegedly cooperated in the Mariposa botnet. If you don't know what this is about read this press release from the FBI. The media has repeatedly called these alleged cybercriminals "hackers".
Since this is a wrong use of this term and a lot of us refer to ourselves and others amongst our midst as "hackers", in the Fellowship group Slovenia we felt that something had to be done.
So we wrote and sent an open letter to the media explaining the difference between "hackers" and "crackers" and kindly asking the media to use this words correctly in the future. This action was backed up by several other groups and institutions.
The whole text of the open letter and its translation follow bellow.
Dear Sir/Madam,
in the past weeks, especially in connection with the story about FBI's action against a cybercrime which led to the arrest of a suspect in Slovenia, the word "hacker" has been used several times in the media in the wrong context and the wrong way. Since this term is differently understood by the experts than by the lay public, we feel it appropriate to warn about it in this open letter[1].
"Hacker" comes from the verb "to hack", which is an expression that originated in the 50's of the previous century at MIT[2] and means solving a technical problem in an unique way. In the computer jargon it is still used to label inventive and original modifications of a program or system, based on a deep understanding and in a way that was originally not intended.
Many authorities in the field of computers and security understand the term hacking as a state of mind, thinking outside of boundaries, established ways and methods and trying to overcome these obstacles. In many examples hackers are putting their skills and inventiveness into good causes and the public good by making their programm available to everybody to use and modify. Examples of such free software[3] are: GNU/Linux, Mozilla Firefox, Mozilla Thunderbird, Google Chromium, OpenOffice.org, SpamAssassin, GIMP, Scribus etc.
It was the media and movie industry which later (falsely) used the word hacker to describe cybercriminals; which of course caused confusion. This mess is increased by the still evolving terminology and translations in the Slovene language.
A more appropriate term for a person, who with criminal intent breaks into computer systems is "cracker". People who abuse security systems without authorization and/or use ICT (usually computers, telephones or networks) for breaking into systems and performing illegal or criminal activities – vandalism, credit card abuse, identity theft, piracy and other types of illegal activities[4].
Also, the Slovene dictionary of informatics[5] distinguishes between "hacker" as "technically versed computer enthusiast" and "cracker" as "who breaks into computer systems with intent to use data or programs without authorization".
This is why we should call the current suspects of computer-based crimes, "crackers."
In the past decades many technological advances were also a result of the hacker phenomenon – personal computers, the Internet, free software – therefore it would be wrong to equate hackers with criminals. An analogy to this could be if chemists or pharmacists were all called poisoners and murderers.
We understand that the current confusion has been in existence for quite some time and this is exactly why we think it is high time that we clarify it together. So we ask of you to, please, in the future use the right term.
best regards,
Matija Šuklje
coordinator
FSFE Fellowship group Slovenia[6]
co-signatories:
Andrej Kositer,
president
[COKS] Center odprte kode Slovenije[7]
mag. Simon Delakorda,
direktor
[INePA] Inštitut za elektronsko participacijo[8]
Andrej Vernekar,
predsednik
[LUGOS] Linux user group of Slovenia[9]
Klemen Robnik,
vodja
Kiberpipa/Cyberpipe[10]
Ljudmila[11]
[1] This open letter is available also on the website: https://wiki.fsfe.org/FellowshipSloveniaOdprtoPismoHeker
[2] Massachusetts Institute of Technology
[3] Definition of free software on the Free Software Foundation Europe's website: http://fsfe.org/about/basics/freesoftware.en.html
[4] http://en.wikipedia.org/wiki/Hacker_(computer_security)#Black_hat
[5] http://www.islovar.org/
[6] FSFE Fellowship Group Slovenija – http://wiki.fsfe.org/groups/Slovenia – is a group of supporers of Free Software Foundation Europe and free and open source software in general, organised in a civil initiative. We stand for free software, open standards and open formats.
[7] Open Source Center Slovenia [COKS] – http://www.coks.si – is Slovene national supporter of development, usage and knowledge of open source technologies and OS solutions. We provide aid and support to OS users in public and private sector and cooperation with EU bodies concerning open source and e-governance policy.
[8] Institute for Electronic Participation [INePA] – http://www.inepa.si – is a non-profit NGO on the field of e-democracy. INePA carries out applicative and development projects as well as advocative and connecting activites for NGO's, institutions and individuals who are standing for strenghtening of the democracy and political participation using ICT. The institute is a member of the Pan-European eParticipation Network and the Central and Eastern European Citizens Network.
[9] LUGOS – http://www.lugos.si – is an association of users of the free and open source operating system GNU/Linux. Amongst other activities, it offers user support and translates free software. Other activities are also the open wireless network of Ljubljana (wlan-lj) and weekly lectures Pipe's Open Terms (in cooperation with Cyberpipe).
[10] Kiberpipa/Cyberpipe – http://kiberpipa.org – is a collective of open source and digital freedom advocates. In the centre of Ljubljana it creates digital culture, educates expert and lay public by means of presentations, lectures and workshops.
[11] Ljudmila – http://www.ljudmila.org – Ljubljana lab for digital media and culture (1994) is the first non-profit laboratory in Slovenia which supports inventive and creative research through project work in the field of internet, digital video, electronic art, digital radio, communication, open source software development and connects all of these in an interdisciplinary way. It also enables autonomous as well as workshop-based group education and is the founder of the network of multimedia centres of Slovenia "M3C".
…and the Slovene original, which was sent to the media:
Spoštovani,
v zadnjih tednih se je predvsem v povezavi z novico o akciji FBI proti spletnemu kriminalu, ki je privedla do aretacije osumljenca v Sloveniji, v medijih večkrat pojavila beseda „heker“ in sicer v napačnem kontekstu ter uporabljena na napačen način. Ker se v strokovnem jeziku ta termin povsem drugače uporablja kot ga razume laična javnost, se nam zdi primerno na to opozoriti v tem odprtem pismu[1].
Heker (ang. „hacker“) izvira iz glagola „hekanje“ (ang. „to hack“), kar je izraz, ki se je sprva prijel v 50ih letih prejšnjega stoletja na MIT[2] in pomeni reševanje tehničnega problema na samosvoj način. V računalniškem žargonu se še vedno uporablja za na poglobljenem znanju temelječe, inovativne in izvirne modifikacije programa ali sistema na način, ki sprva ni bil predviden.
Mnoge avtoritete na področju računalništva ter varnosti pojmujejo hekerstvo kot stanje duha, razmišljanje zunaj okovov, ustaljenih pristopov in načinov ter poskušanje premostiti te ovire. V veliko primerih hekerji svoje veščine in inovativnost uporabijo v dobre namene in v dobro vseh, dajo program na voljo vsem v uporabo in nadaljnjo modifikacijo. Primeri takih prostih programov[3] so GNU/Linux, Mozilla Firefox, Mozilla Thunderbird, Google Chromium, OpenOffice.org, SpamAssassin, GIMP, Scribus idr.
Za poimenovanje kiberkriminalcev so besedo heker kasneje (napačno) popularizirali mediji ter filmska industrija, zaradi česar je seveda prišlo do zmešnjave. To zmešnjavo dodatno povečuje nedorečenost prevodov in prevzemanje terminologije v slovenskem jeziku.
Pravilnejši termin za osebo, ki kriminalno vdira v računalniške sisteme je „vdiralec“ ali „kreker“ (poslovenjeno iz ang. „cracker“). Osebe, ki izrabijo varnostne sistem brez pooblastil in/ali uporabljajo informacijsko komunikacijsko tehnologijo (običajno računalnike, telefone ali omrežja) za vlamljanje in izvajanje nelegalnih ali kriminalnih dejavnosti – vandalizma, zlorab kreditnih kartic, kraje identitete, piratstva ali drugih tipov ilegalnih dejavnosti[4].
Takšno razliko pozna tudi slovenski slovar informatike[5], ki navaja pojem „heker“ kot „tehnično dobro podkovan računalniški zanesenjak“ in pojem „kreker“ kot „kdor vdira v tuje računalniške sisteme z namenom nepooblaščeno uporabljati podatke ali programe“.
Zato je potrebno imenovati trenutno aktualne osumljence računalniškega kaznivega dejanja kot vdiralce oz. krekerje.
V zadnjih desetletjih je mnogo tehnoloških pridobitev tudi rezultat fenomena hekerstva – osebni računalniki, internet, prosta programska oprema – zato je napačno, da se hekerja enači s kriminalci. Podobno, kot bi kemika ali farmacevta enačili z zastrupljevalci in morilci.
Zavedamo se, da terminološka zmešnjava obstaja že dlje časa in ravno zato menimo, da je skrajni čas, da jo skupaj odpravimo. Zato vas lepo prosimo, da vsaj v prihodnje uporabljate pravilni izraz.
lep pozdrav,
Matija Šuklje,
koordinator
FSFE Fellowship skupina Slovenija[6]
sopodpisnice:
Andrej Kositer,
predsednik
[COKS] Center odprte kode Slovenije[7]
mag. Simon Delakorda,
direktor
[INePA] Inštitut za elektronsko participacijo[8]
Andrej Vernekar,
predsednik
[LUGOS] Linux user group of Slovenia[9]
Klemen Robnik,
vodja
Kiberpipa[10]
Ljudmila[11]
-.-.-
[1] Odprto pismo je na volju tudi na strani https://wiki.fsfe.org/FellowshipSloveniaOdprtoPismoHeker
[2] Massachusetts Institute of Technology
[3] Definicija prostega programja na strani Free Software Foundation Europe: http://fsfe.org/about/basics/freesoftware.en.html
[4] http://en.wikipedia.org/wiki/Hacker_(computer_security)#Black_hat
[5] http://www.islovar.org/
[6] FSFE Fellowship skupina Slovenija – http://wiki.fsfe.org/groups/Slovenia – je skupina podpornikov Free Software Foundation Europe[] ter prostega in odprto-kodnega programja nasploh, organizirano v civilno iniciativo. Zavzemamo se za prosto programje, odprte standarde in odprte formate.
[7] Center odprte kode Slovenije [COKS] – http://www.coks.si – je nacionalni spodbujevalec razvoja, uporabe in znanja o odprtokodnih tehnologijah in rešitvah. Razvojno podporni Center Odprte Kode Slovenije nudi uporabnikom centraliziran sistem storitve pomoči in podpore ter zagotavlja rešitve za potrebe javnega in zasebnega sektorja.
[8] Inštitut za elektronsko participacijo [INePA] – http://www.inepa.si – je nepridobitna nevladna organizacija na področju e-demokracije. INePA izvaja aplikativne in razvojne projekte ter strokovne, zagovorniške in povezovalne dejavnosti za nevladne organizacije, institucije in posameznike, ki si prizadevajo za krepitev demokracije in politične participacije s pomočjo informacijsko-komunikacijskih tehnologij. Inštitut je član Evropske mreže za elektronsko participacijo in Državljanske mreže za srednjo in vzhodno Evropo.
[9] LUGOS – http://www.lugos.si – je društvo, ki združuje uporabnike prostega in odprto-kodnega operacijskega sistema GNU/Linux. Pod okriljem društva med drugim poteka pomoč uporabnikom operacijskega sistema in prevajanje proste programske opreme. Med projekti sta tudi odprto brezžično omrežje Ljubljane (wlan-lj) in tedenska predavanja Pipini odprti termini (v sodelovanju s Kiberpipo).
[10] Kiberpipa – http://kiberpipa.org je kolektiv zagovornikov odprte kode in digitalnih svoboščin. V središču Ljubljane stvarja digitalno kulturo, osvešča strokovno ter laično javnost s pomočjo predstavitev, predavanj in delavnic.
[11] Ljudmila – http://www.ljudmila.org – Ljubljanski laboratorij za digitalne medije in kulturo (1994) je prvi nepridobitni laboratorij na Slovenskem, ki podpira inovativno in ustvarjalno raziskovanje skozi projektno delo na področjih interneta, digitalnega videa, elektronskih umetnosti, digitalnega radia, komunikacij, razvoja odprtokodne programske računalniške opreme ter interdisciplinarno združevanje vseh naštetih. Omogoča tudi samostojno in v okviru delavnic skupinsko izobraževanje in je ustanoviteljica mreže multimedijskih centrov Slovenije „M3C“
hook out → now that that's done, finally sipping some milk tea and studying :3