A survey of attendees at Infosecurity Europe earlier this month showed 70 percent in favour of the dictionary definition (in this case the Cambridge Dictionary) of a hacker being amended. The amendment in question being to remove 'illegality' from the definition. The current definition of a hacker is "a person who is skilled in the use of computer systems, often one who illegally obtains access to private computer systems".

So what do you reckon, DaniWebbers? Is it time that hacker was reclaimed entirely (rather than relying upon black and white labels) and if so what word should replace it as the default for those who illegally access systems and data? Cybercriminal (bit of a mouthful, and covers a much broader group than just 'hackers') or maybe the much less used these days cracker (which has a different pejorative meaning in US slang of course) or, well, what?

Discuss :-)

The short answer is that it depends who I'm talking to. With other people who are interested in technology I use hacker in the traditional sense (white hat).

With muggles (many of my clients), it's easier to use the word to describe the black hat variety. It just means I don't have to explain the term to people who don't really care.

commented: Ha ha, muggles. +15

Seems to me that the essence of "hacking" is to gain access to some resource or capablility that the original software developer did not want you to access. As such it's always going to be crimially illegal and/or a violation of the original software's T.O.S.

As such I would leave it in its current default state.

There are a few ways to go here. But keeping the original definition WITHOUT the illegally word would be best IMO.

The legality would depends on the country, laws and permission. If the access was by the owner's request, legal If not, illegal.
I'm thinking of locksmiths. It would be legal or not for them to open a safe depending on permission.

So hacking doesn't mean it's illegal.

When I hear "hacker" I think of someone who is doing "seat of the pants" computer work, whether legal or not. I've had to do a fair bit of this in my years of being on call for our System Control Centre. At 3:00 when the system is in the toilet is not the time to be developing a permanent solution to the problem. That's the time for hacking a quick fix to buy time for the permanent solution.

So I'm fine with hacker, and the "black/white hat" qualifiication. I think it is also easier to explain to the lay public using those terms rather than getting technical.

Well, let's remember there are three types of hackers, white hat, black hat, and gray hat. Two of them are illegal. One is not. White hats work as penetration testers on corporate networks, they are essentially testing the security of the network in question, and are paid to break in and simultaneously maintain confidentiality. Most of the pen testing books out there claim that the term hacker has been hijacked by the media, and it used to mean little more than a computer afficionado. Let's also bear in mind that a lot of the 'hacker' tools out there are the byproduct of a software developer finding out there are vulnerabilities in thier code, and they needed a tool to test the security of such code. Hack tools are often a byproduct of legitimate needs, for instance packet sniffers. Packet sniffers are a legitimate tool used to determine things such as whether your network is currently under attack, or whether all is quiet on the watchtower. Simultaneously such a tool could be installed on a rouge AP to sniff credit card numbers while simultaneously using things such as ssl strip. It is in fact legal to buy and purchase hack tools most often. Make sure you have a legit vendor.

To think in terms of white/grey/black hats is, IMHO, way too simplistic. Perhaps there need to be multiple terms rather than multiple definitions of one term? Take a look at the definitions here http://www.catb.org/jargon/html/H/hacker.html which include everything from programmabkle system tweaking, obsessive coding, expert coders, enthusiasts/experts of any kind. The one definition missing, it has been deprecated from the list, is the malicious meddler/information thief - which it uses the older yet term of cracker for.

It's really has a kind of negative meaning to me. I think it's a person who is the best in cheating internet users and enjoys doing some harm. The difference between qualified programmer and hacker is like a difference between good and evil.

Unfortunately, movies and TV have co-opted the term to mean anyone who is capable of gaining unauthorized access to a system in under two minutes, even a completely unfamiliar system. The hacker is basically the movie/TV version of deus ex machina. Check out Die Hard 4 and just about any episode of How to Get Away With Murder.