
How to Become a Hacker - g-garron
https://zalberico.com/essay/2020/04/19/how-to-become-a-hacker.html
======
fossuser
Thanks for sharing my blog post! :)

I think something I would have included that I thought about later is being
curiosity driven. It's more personal, but I've found a lot of what I've really
enjoyed (and where I've learned the most) has been from allowing myself to go
down random rabbit holes to play with different things.

There's some risk to this if you never go deep enough, but I think the
benefits are worth it.

I think there's also something to PG's essay about liking debugging
specifically too.

~~~
Robelius
Reading your blog post brought back memories. The first Hacker News article
that got me to make an account was How To Become A Hacker[1]. That led me down
a rabbit hole as a high schooler that got me into software and later hardware.
There's definitely a direct line from me reading that article to me becoming a
hardware engineer.

I hope your article helps create the same effect on an unknowing high
schooler. Thanks for putting it out there!

[http://www.catb.org/~esr/faqs/hacker-
howto.html#nerd_connect...](http://www.catb.org/~esr/faqs/hacker-
howto.html#nerd_connection)

~~~
fossuser
Thanks! There's a pretty direct line for me too. I'd be happy if my post helps
others in a similar position.

------
kebman
A lot of hacking is done simply because public and private databases and
systems just aren't good enough to serve those that they were made to serve.
This made me a "hacker," in that I created programs, crawlers and spiders to
find and put together the information I needed for my everyday work as a
teacher (all legal, of course, though highly unconventional).

I once told my boss about one such idea I had, that I thought would be
beneficial to the rest of my collegues. He told me, "Go to the principal, and
word your idea so it sounds like it's his idea, and I'm sure he'll give you
the go-ahead for it." I told him straight up, that, "Nah, then I'll rather
keep it to myself."

~~~
ghostpepper
In this article the word "hacker" is actually used in the original meaning -
nothing to do with breaking into systems.

~~~
kebman
I didn't break into any system. I merely streamlined the gathering of
restricted data that I was entitled to anyway through my work. Then I made
graphical representations of those data for my own use, in order to do a
better job. I figured, if this works for me, it would work for my collegues as
well, but I wouldn't want to divulge how I did that for free, and certainly
not by letting someone else take all the credit for it. And thus I became a
"hacker"...

~~~
ghostpepper
sorry, I re-read your original comment and now I'm not sure how I assumed it
was about criminal hacking

------
arexxbifs
My best advice to any budding hacker would be for them to find a job as
unrelated to computers as possible, but which leaves them with enough free
time to tinker with whatever currently tickles their fancy.

~~~
qzw
I’m sure this works for some people in the right context, but so many great OG
hackers were career computer scientists and engineers. I mean, people like the
original Xerox PARC guys, Woz, Cerf, Diffie, the RSA guys, TBL, and too many
more to name. They were all working in jobs or started companies that allowed
them to devote the bulk of their time and energy to hacking and building.
There are only so many hours in the day. If you’re devoting a third of it to
something completely unrelated to your passion, it’s pretty hard to get the
best out of yourself. And forget it if you want to have any other kind of
“life” besides.

Edit: readability

~~~
arexxbifs
Most of those guys operated under circumstances vastly different from today.

If you can land a job like those at PARC or Bell Labs, then yes, "carreer
hacking" is certainly possible. Considering how many IT professionals there
are now and how few there were back then, I'd say those kinds of jobs are even
more scarce now than they used to be.

It's not impossible, but it's not a realistic expectation.

> If you’re devoting a third of it to something completely unrelated to your
> passion

A programming job is likely to be as far from any kind of hacking passion as
any other, with the added disadvantage of possibly poisoning the well, so to
speak.

~~~
seiferteric
Imagine how different being a programmer was before the distractions of the
internet. You might not even be in front of a screen all the time. I am sure a
lot of time was spent preparing punch cards and in front of chalk boards.
Overall I bet it was much better for mental health.

~~~
ff317
Yes, this is a major factor that's often overlooked. I grew up doing child-
level hacking in the 80s and then got into real hacking in the 90s as the
commercial internet was first starting to blossom. While the reality I inhabit
now as a programmer is dominated by the Internet, my habits are more like pre-
Internet programmers.

If I were to make an accurate account of all the time and energy that goes
into my most successful and well-engineered software products, the majority of
the productive time happens "offline" from the Internet and/or even my
laptop's screen.

I spend a ton of time turning the abstract parts of the problem over in my
head while doing "nothing" (or during the mundane tasks of everyday life), and
even when I do get in front of a screen, I still spend a ton of time just
sketching out notes in a text editor - basically arguing with myself until
I've managed to jot down some good conclusions on how the design of a Thing
should be done. Most of those notes get thrown away eventually, as they
materialize into resultant source code. I have sometimes spent weeks or months
turning an idea over in my head or in these textual debates with myself before
a line of code is ever written.

------
ldeangelis
Interestingly, the initial article [0] is still alive and updated. The most
recent addition was about Go. I'm always impressed by how many people do
things with this language. It seems to really hit a sweet spot for small to
big tools.

[0]: [http://www.catb.org/esr/faqs/hacker-
howto.html](http://www.catb.org/esr/faqs/hacker-howto.html)

------
UweSchmidt
A hacker might be the modern independent scholar. You can follow your tech
curiosity, self-study and work on your own little projects and be
intellectually and creatively rewarded.

Start anywhere, any programming tutorial, or any arduino project recipe. Get
immersed and always figure out how the stuff really works. You are most likely
smart enough to do it.

If employment is an issue, well, what you learned from the above should take
you at least halfway to a job and probably make your career better.

~~~
vsareto
Interestingly, John Carmack talked about doing a “gentleman scientist”
approach with AI

------
cutler
Sometime last year I was taking a short bus ride home from a local supermarket
in Leytonstone (London) when a passenger boarded with a slightly louder
American voice. I thought he looked familiar then it hit me - Richard
Stallman. I didn't have much time to decide what to do as he was about to get
off at the next stop so I left the bus at the same stop and caught up with
him. After an introduction and short conversation about Emacs and the Free
Software Foundation he drew his sword upon which I kneeled and was dubbed a
hacker. That's how it's done.

Aw, alright - the sword bit is fictitious but the rest is true. Contact with a
deity can confer status.

~~~
zitterbewegung
Does this make me a hacker?

Donald Knuth was giving a presentation to celebrate someones birthday by
debugging his old FORTRAN code. He was having trouble giving it since his PDF
of his presentation was autoforwarding using Adobe Acrobat. I figured out that
Preview would avoid this outcome. I think this is the largest contribution I
will have to Computer Science.

~~~
techopoly
Nice. Mine's not so impressive, but when I was green and in college, I was
casually job shadowing an older friend for a day at a major tech company, and
was asked to take a look at some code that had an issue.

I spotted the bug in 30 seconds.

It was then I realized that even at the top of our profession, everyone is
still human beings with their own sets of strengths and weaknesses, and I have
just as much potential as anyone else.

~~~
swinglock
New eyes help a lot. Haven't you glossed over something that once found is
obvious, both yourself and with the help of others?

This power is only multiplied when having to answer good questions about the
system and even explain it in ways that may be different from your usual model
but that clicks better with the other person.

------
Mandatum
And don't forget the synchronous communities! All hackers have at some stage
had a collection of friends in MSN, IRC, ICQ, XMPP, Slack, Discord, Mattermost
-- something where they can regularly collaborate and talk among individuals
with relevant interests.

Check out your local subreddits, find links to invites and start forming
relationships with people you may never meet. Because more often than not,
these are the people that will introduce you to concepts, jobs and cool shit
you'd never find out on HN, Reddit or blogs.

------
alexashka
For me, there is a checklist of ideas one has to grok and then computers
connected over a network and talking to one another is comprehensible.

I think a lot of the complexity of modern software development is powers that
be, entrenching their powerful positions by layering more and more complexity,
so that no team of a dozen people can ever hope to compete.

There is no attempt to re-factor our current way of doing things to reduce the
complexity 10x. We're stuck with multiple OSes, multiple languages, multiple
tools for each language, a plethora of frameworks that do the same thing but
slightly differently and none of them do anything uniquely excellent, they're
different for historical reasons, not pragmatic.

Half the web developer jobs are a matter of manually solving SQL <-> user
interface problem, specific to a business domain.

Why we don't sit down and create protocols/specs for each business domain that
span across SQL, UI, security and permissions levels so that each bank doesn't
have to hire a team of IT people to do the same thing slightly differently is
beyond me - I can only guess it is because nobody in government understands
how computers work.

We're seeing some reduction in complexity with cloud providers, but it is of
the worst kind - it is consolidation combined with vendor lock-in, proprietary
software and pay-as-you-go pricing, yikes!

------
mettamage
I'm reposting part of a comment I wrote (and adding to it).

My version on how to become a hacker. It's just another reference point.

Step 1: Go to [http://www.catb.org/esr/faqs/hacker-
howto.html](http://www.catb.org/esr/faqs/hacker-howto.html)

Step 1b (bonus): read Hacker News (it actually helped, it also really
distracted, the latter part is why it's labeled as _bonus_ )

Step 2: Complete Binary and Malware Analysis at the Vrije Universiteit

Step 3: Complete Computer and Network Security at the Vrije Universiteit

Step 4: Complete Hardware Security at the Vrije Universiteit

Step 4b (bonus, I mean, you're there now anyway): Complete Kernel Programming
at the Vrije Universiteit

Step 5: Go to [https://hackthebox.eu](https://hackthebox.eu), hack at least 1
easy, 1 medium, 1 hard and -- for good measure -- 1 insane box

Congratulations, you are now a hacker in every sense of the word:

1\. You broke into computer systems.

2\. You needed to be curious in order to do it.

This took me 8 months, personally (60 hours per week). I found it a lot of
fun. It could take you a lot less time or more time.

\-----

I'm assuming you already know how to program, if you don't then get the
following prerequisite knowledge.

Step 1: do CS50 in order to learn programming and learn how to learn
programming languages. What I've seen in students is that the first 6 weeks
are experienced as more difficult than the last 6 weeks (hint: it's because
you start off with C). So don't get discouraged. If this is not you and it is
the other way around, I've seen that too (though, I've seen it less. It
depends on the default mode of thinking that a person uses).

Step 2: do [https://www.nand2tetris.org/](https://www.nand2tetris.org/) to
understand computer systems and get some assembly under your belt.

Step 3: if you feel like this road is too rigid, do a project that you're
interested in here. Get it out of your system now, because the above mentioned
stuff took me 10 months, personally. Create a computer graphics engine with
OpenGL and Java. Yes, you could do C++ but that's complicating things for now.
If you really want to though, go ahead, C++ is a fine choice if you're burning
with passion.

These 3 steps probably take between 4 to 8 months. Some people with a hacker
mindset could do this within 2 months, or 1 month even (email me if you did!).
Some people that have other stuff going on in their lives will do this in 8+
months. It's all fine.

~~~
dsiah
Serious Question, why is there such a heavy infatuation / prerequisite to
running Linux to become a hacker?

Is it for folks who are focused on going below the application layer (working
on OS/Kernal etc) or just general. I find my MacOS to be such a comfortable
system to hack and wonder if I actually need to move to Linux natively to get
more involved in projects below the application layer.

~~~
saagarjha
Linux is open. It's a lot more conducive in letting you know more about what's
going on underneath.

------
ProAm
Being a programmer is not being a hacker. This article is about how to become
a decent programmer .

~~~
sillysaurusx
I think any decent programmer is also a decent hacker. Because it's hard to
imagine someone being a decent programmer if they can't get the computer to do
what they want. Which is the classic definition of a hack: to force the
computer to do what you want, whether the computer wants to or not.

------
systems
I dont understand what he means when he said

"(a good example book for this currently is Designing Data Intensive
Applications)."

I got this book recently and was planning to read it soon, does he thinks the
tools and techniques mentioned in the book are a waste of time, or the
opposite?

~~~
fossuser
Ah sorry that's unclear, I meant I thought that book was really good for,
"just learning more about the craft of programming in general".

------
HugoDaniel
Somehow reminded me of the original Hacker Test
[https://www.elfqrin.com/hackertest.php](https://www.elfqrin.com/hackertest.php)

------
dec0dedab0de
looking at the ESR version the updates only go back to 2007, but I thought I
originally read it in 1996. Whatever it was, it was very similar. I miss that
feeling of finding mysterious text files from the elders of the internet. I
used to think the changes in technology killed that feeling, but now I have a
hunch that I just got older.

------
endgame
Warms my heart to see the old ways kept alive.

------
rashthedude
Brought a smile to my face. The original article by Eric Raymond had a huge
impact on my life.

------
jasoneckert
Great post. It's equally refreshing to read an article that uses the word
"hacker" appropriately, and not like mass media does (i.e. kid in hoodie with
a stickered laptop trying to steal your credit card number).

------
platz
Kevin Mitnick destroyed any faith I had in what being a hacker was about.

~~~
aortega
He's a corporate man now, but in his youth he was legit.

~~~
platz
I felt his story was spun in a way that accredited far more moral weight than
I learned was actually warranted

------
luord
The author's experience mirrors mine almost exactly, down to being inspired to
study computer science by that how-to.

And, maybe not coincidentally, I agree with everything in that post.

------
n0there
I appreciate this blog post very much. Glad I read it 4 years into my
programming journey rather than 14 years.

------
jtth
We would be a lot better off if this term went away.

------
Siddharth_joshi
Interesting!

------
m1117
This is confusing. "Hacker" is a person who uses computers to gain
unauthorized access to data. "Software Engineer" is the right approach.
"Hacker Spirit" lol

~~~
TrueDuality
The term "hacker" predates electronic computers. It is originally used to
refer to someone that creatively uses systems in unexpected, unconventional,
and generally creative ways. Media portrayal in the mid 90s grabbed on to this
term without understanding its actual context. One potential source of the
term is the MIT model train club, but that is up for dispute as some claim it
existed before that.

There are more self-described hackers that do good and creative things, and
not just related to computer security than the malicious types. Fun fact, the
"maker" movement was a branded version of the "hackerspace" movement for
people. Any time you hear about a Maker they're also a Hacker just kind of a
subset of them.

Source: I'm senior staff of DEFCON, the largest hacker conference on the
planet.

~~~
jtaft
What's your stance on the term "cracker"?

I was super into reverse engineering and loved the challenge. It seemed at
some point "cracker" moved away from someone who can break software
protections through reversing to someone who uses tooling to break into
systems, without understanding how computers work. I still prefer "cracker" as
someone who can reverse and break software protections.

Also, Thanks for helping out with Defcon! Been there a couple times and plan
to go again. At the next live con i'm down to meet and talk about hacker lore!

~~~
TrueDuality
Thanks! FWIW I think the virtual con this year is going to be pretty cool.
There are a lot of challenges, and forms of interaction that aren't possible
in person we're going to try out. There sadly are a bunch of things we can't
do virtually that I'll definitely miss from the in person event as well. It'll
be different but still hopefully awesome.

I think the term cracker had the same media portrayal problem probably
starting with the movie Sneakers (of the top of my head, no fact checking
there) but it is a much more niche term in general and if you were to
generally use it around people, probably even in computer adjacent jobs,
they'd be more confused by what you're talking about then recognize it.

That being said yeah I'm 100% down with considering crackers being the DRM
busters. I personally kind of consider demo scene wizards to be part of the
"cracker" group even though it is completely unrelated. There just seems to be
a heavy amount of overlap.

------
crumbshot
Their first mistake was taking heed of anything ESR has to say, including his
archaic opinion on what hacking is.

If it's nothing to do with software or hardware security, then it's not
hacking.

And yes, this site is itself woefully misnamed.

~~~
feanaro
I don't know, this matches closely the meaning I was taught when I was first
introduced to the word. I've never found Hacker News to be misnamed.

------
pacomerh
I don't like this new definition of the word "hacker". I wish people would
call builders and tinkerers something else. We have all this strong history
with hackers who are the ones that infiltrate systems. And now someone makes
an app and he/she is a hacker. Somehow I feel like there's a necessity to feel
special and unique. This word is so soft now.

~~~
hvis
Curious to see this comment on "Hacker News".

Did you think this resource was about the infiltration profession?

~~~
pacomerh
Yup, on hacker news, that doesn't mean I like the name of this page, right?

~~~
hvis
It's clearly not "new", at least.

------
diablo1
I wrote a comment about a recent article that talks about _doing the
cybercrimes_ as non glamorous[0]. Here was my response:

(I bring it up because too many people see hacking as glamorous when it often
is not, except for the payoff at the end)

Like anything, it's usually the payoff that is exciting and glamorous. I know
the old hacker mantra: 'boredom and drudgery are evil' hence why we automate
everything, but I don't think the mantra holds true for most hackers. The best
hackers know that programming essentially works _against_ you when you do it,
because there's no instant gratification. You have to constantly bang your
head against the wall (even because of simple syntax mistakes that make you
feel like a n00b all over again).

The payoff is always fantastic though. Whitehat or blackhat, knowing that all
that hard work and grunt pays off is a wonderful feeling. I tend to veer
towards whitehat stuff though because of the old saying: 'If you can't do the
time, don't do the crime'.

[0]
[https://news.ycombinator.com/item?id=23355084](https://news.ycombinator.com/item?id=23355084)

------
hummel
If you need to ask How to Become a Hacker, you are not going to be one. It all
depends on your personal curiosity, either you have it or you don't.

PS: Found 0day on Paypal when I was 12 in the early '00s, never got paid or
recognized for it :(

~~~
elsjaako
There is a certain kind of person that will become some kind of hacker no
matter what, but with advice and guidance they will get a lot further than
without.

~~~
wiz21c
Definitely. I had an hacker's mind from age 0. Mind you, I felt in love with
hackers of my time when I was 12 years old. But unfortunately, I had to learn
by myself. I didn't have a mentor around me (and my parents could not keep up)
for a number of years. Eventually, I ended in the demo scene and there I found
a bit of help. It took me so much time. And when I compare to other hackers
who had friends in the business, they just learned faster than me :-(

So, even though it sounds obvious : the number one priority is meeting other
people, sharing information. Social skills are sooo important if you're not an
absolute genius...

