How to catch a cracker in the US?

Geeks, man. Geeks. Nerds have pocket protectors.


I just thought it was Nerds didn't have social lives (not likely to be drinking)

They fail the blood alcohol test on sign up to the list here.



Alexander Neilson
Neilson Productions Ltd
021 329 681

That is the correct answer, if you want something less settle (and possibly
illegal), there were discussions on 'hacking back'. That is, basically
having malicious documents with fake (or not) bank/personal information. If
you can find who is using the info (some Comcast business IPs have the
address in whois) and go OSINT from there (though if you go this route, try
to contact LE before you post something and burn bridges).

A note on terminology - whether you know what you're doing, actually break
into a system, or obtain a thumb drive with data that you weren't supposed
to have - it has the same end so I'd refer to it by the same term -
hacking. Trying to differentiate terms based on skill, target, or data type
is kinda dumb.


Your goal should be to keep together and preserve all the
evidence/documentation you have: make sure you have and can verify the
authenticity and chain of custody for all relevant materials that you say
evidence attacks and their source, including your "trap" and how that
works, and how it proves the apparent source/origin, contact the local

By the way, without surveillance of the source network, it is really quite
impossible to 100% prove that a given IP address is not running a bot and
not being used as a proxy or traffic relay.

This does not necessarily preclude contacting Comcast as well, to request
they preserve records.

If one came up in this field with a mentor who was old school, or if one
is old school oneself, one tends use the original (as I understand it)
definitions--a "cracker" breaks security or obtains data unlawfully, a
"hacker" is someone who likes ethically playing (in the "joyful
exploration" sense) with complicated systems.

People who are culturally younger tend use "hacker", as you are doing, for
the former and as far as I can tell no specific term for the latter.

If you ask me, this is something of a cultural loss.


For the old-schoolers, a "cracker" would violate the CFAA to get into a system.

A hacker would produce a long list of ways to get in without violating the CFAA.

Unfortunately, we no longer have a well-established word for the latter
class of people.

You're all talkin' 1990s redefinitions here. 1980s crackers cracked
the copy protections on software (DRM in modern parlance) while
hackers broke in to online systems. Even that is a redefinition.
Before that, hackers were anyone who jovially pranked a system in a
manner typically unlawful which involved creativity and technical

For example, "hackers" might arrange for live cattle to appear on the
top of the great dome at MIT.

Bill Herrin

And Bill documents yet another redefinition. Prior to that time, at MIT a “hacker” produced a novel variation of technology using it in ways not previously envisioned but not necessarily unlawful.

Mating two different generations of telephone keysets or reducing a complex rack mount filter to a single small circuit board with an FET or two are just a couple of examples. One was just a “hack”, the other an “elegant hack”. We just called the moving of the rocket a “prank”.


Hi James,

Correct me if I'm wrong, but by the time "hacker" emerged as a word
distinct from "hack" it already carried implications of mischief and
disregard for the rules in addition to the original implication of
creatively solving a technical challenge. Is that mistaken?

Bill Herrin

Re: hackers vs crackers

I was at one of the early "Hackers Conferences" in the late 1980s,
organized by Stewart Brand (The Whole Earth Catalog, The Well.)

The attendees were quite impressive, not sure why I was invited :slight_smile:

Todd Rundgren, Jerry Pournelle, Ted Nelson, the founders of a number
of now big famous companies who probably would rather I didn't list
their names, etc were all just some of the attendees.

Although there were a lot of computer and network people they were
maybe a bare majority. There were also authors, social innovators,
artists, etc. Just "interesting people".

The press heard the word "HACKERS" and showed up convinced this was a
black hat conference.

Nothing would dissuade the reporters and wow people tried.

They kept churning out 6PM news reports and articles during the
conference about how this was a black hat conference where nefarious
no-goodniks had gotten together to create evil plots to (who knows
what?) Based on nothing, absolutely nothing. They were even given
access to the conference to see what was going on for themselves.

All because of the word "hackers" in the conference name.

And this was the late 1980s, few of them even knew what a hacker might

But it was good press (as in: got eyeballs)!

And then of course law enforcement saw the TV spots etc. and showed up
to ask some questions and infer some threats.

Fortunately not much bad really happened but it was more than a little
distracting from the intent of the conference which was just to bring
some really bright and creative people together with little structure
and let them interact.

Hmm, I vaguely rememember someone was in the midst of a criminal case
or on parole for something like political activism and was forced to
leave (not by the conference, by their parole officer or lawyer or
court or some such) because their status forbid "consorting with known
criminals" and they were "just asking for trouble".

A lot of us vowed to try to keep the "hackers" vs "crackers"
distinction alive in the public's mind but I can't say it worked.

Having lost that battle I guess the term "Makers" is used today.

To the contrary - there was a period of time when "hacker" included those who
were responsible for creative hacks that followed the rules *as they actually
were*, not as they were generally believed to be.

"It had the virtue of never having been tried before". James T Kirk was (will
be?e?) an old-school hacker of epic level. (Contemplate for a bit why Kirk
wasn't bounced out on his butt from the Academy)

A lot of us vowed to try to keep the "hackers" vs "crackers"
distinction alive in the public's mind but I can't say it worked.

Yeah, that battle had already been lost by the time I entered the field
(even though I tried to fight it for a while anyway.)

Having lost that battle I guess the term "Makers" is used today.

I will note that "hackerspace" seems to be somewhat more common parlance
than "makerspace" in the circles I operate in as a description of "area
where a bunch of people in various disciplines go to create things in a
shared environment", so that's some reclamation of what I would consider
the original meaning of "hacker".

(Contemplate for a bit why Kirk
wasn't bounced out on his butt from the Academy)

Apparently the thinking about hacking was a little more permissive in 1966.


Mistaken? Yes.

As of early 1960’s - See history of WTBS, Ralph Zaorski, Dick Gruen, Alan Kent, and many others - The then current usage of “hacker” was simply one who produced a “hack” - an unusual or unexpected design or configuration or action which either did the same old thing done more simply/elegantly or which did something new or unexpected altogether. Putting an Western Electric power plant on an Automatic Electric step-by-step for the East Campus telephone switch was one of my “hacks”.

James R. Cutler -
PGP keys at

Hi James,

I'm afraid my google-fu doesn't reach back to the 1960's. You don't
happen to have a handy reference do you?

Bill Herrin

Another use of 'hacking' has been around in software for awhile ...

Newsgroups: comp.lang.perl.misc

But when do I become Just another Perl hacker? Who are they? I've


the FAQ, but it doesn't answer my question. If I replace my email
signature with JAPH, do I break some kind of law?
Or is Just another Perl Hacker a person who just hacks Perl?

Well, this ol' JAPH thing started back in 88-ish when I was posting to
a bunch of different newsgroups, and would sign each message somewhat
individualized above the "-- " cut. For a while, it was stuff like:

To the contrary - there was a period of time when "hacker" included

those who

were responsible for creative hacks that followed the rules *as they


See also the seminal book by Steven Levy:

- - ferg

- --
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2

I carry that data in wet storage, interfaced via voice or eyes-on-screen/fingers-on-keyboard. I haven’t been on the MIT campus for more than a few minutes since late 1963.

Regarding the Wikipedia entry for “Hacker”:

The TMRC/MITAL history ignores the pioneering audio systems work that came out of WTBS (pre-sale to Ted). Ralph Zaorski and Barry Blesser were the best around at that.