Hacker News new | past | comments | ask | show | jobs | submit login
How to Become a Hacker (zalberico.com)
533 points by g-garron on June 1, 2020 | hide | past | favorite | 126 comments

Thanks for sharing my blog post! :)

I think something I would have included that I thought about later is being curiosity driven. It's more personal, but I've found a lot of what I've really enjoyed (and where I've learned the most) has been from allowing myself to go down random rabbit holes to play with different things.

There's some risk to this if you never go deep enough, but I think the benefits are worth it.

I think there's also something to PG's essay about liking debugging specifically too.

Reading your blog post brought back memories. The first Hacker News article that got me to make an account was How To Become A Hacker[1]. That led me down a rabbit hole as a high schooler that got me into software and later hardware. There's definitely a direct line from me reading that article to me becoming a hardware engineer.

I hope your article helps create the same effect on an unknowing high schooler. Thanks for putting it out there!


Thanks! There's a pretty direct line for me too. I'd be happy if my post helps others in a similar position.

Very similar for me - there is also a direct line from me reading that article to me being a software engineer today.

Thanks for putting this down. I too have sweet memories of original article. After reading ESR article, I chose Python over Perl few years back, and kick off my career. But the most important thing article taught me is about hacker mindset.

A lot of hacking is done simply because public and private databases and systems just aren't good enough to serve those that they were made to serve. This made me a "hacker," in that I created programs, crawlers and spiders to find and put together the information I needed for my everyday work as a teacher (all legal, of course, though highly unconventional).

I once told my boss about one such idea I had, that I thought would be beneficial to the rest of my collegues. He told me, "Go to the principal, and word your idea so it sounds like it's his idea, and I'm sure he'll give you the go-ahead for it." I told him straight up, that, "Nah, then I'll rather keep it to myself."

In this article the word "hacker" is actually used in the original meaning - nothing to do with breaking into systems.

I didn't break into any system. I merely streamlined the gathering of restricted data that I was entitled to anyway through my work. Then I made graphical representations of those data for my own use, in order to do a better job. I figured, if this works for me, it would work for my collegues as well, but I wouldn't want to divulge how I did that for free, and certainly not by letting someone else take all the credit for it. And thus I became a "hacker"...

sorry, I re-read your original comment and now I'm not sure how I assumed it was about criminal hacking

I think this idea is what the OSINT community does. Step 1: scrape websites, step 2: put it in a database.

Well, I guess you actually found databases instead of scraping sites. The OSINT community does that too.

Article discusses Hacker in the broader context, not limited to security.

My best advice to any budding hacker would be for them to find a job as unrelated to computers as possible, but which leaves them with enough free time to tinker with whatever currently tickles their fancy.

I’m sure this works for some people in the right context, but so many great OG hackers were career computer scientists and engineers. I mean, people like the original Xerox PARC guys, Woz, Cerf, Diffie, the RSA guys, TBL, and too many more to name. They were all working in jobs or started companies that allowed them to devote the bulk of their time and energy to hacking and building. There are only so many hours in the day. If you’re devoting a third of it to something completely unrelated to your passion, it’s pretty hard to get the best out of yourself. And forget it if you want to have any other kind of “life” besides.

Edit: readability

Most of those guys operated under circumstances vastly different from today.

If you can land a job like those at PARC or Bell Labs, then yes, "carreer hacking" is certainly possible. Considering how many IT professionals there are now and how few there were back then, I'd say those kinds of jobs are even more scarce now than they used to be.

It's not impossible, but it's not a realistic expectation.

> If you’re devoting a third of it to something completely unrelated to your passion

A programming job is likely to be as far from any kind of hacking passion as any other, with the added disadvantage of possibly poisoning the well, so to speak.

Imagine how different being a programmer was before the distractions of the internet. You might not even be in front of a screen all the time. I am sure a lot of time was spent preparing punch cards and in front of chalk boards. Overall I bet it was much better for mental health.

Yes, this is a major factor that's often overlooked. I grew up doing child-level hacking in the 80s and then got into real hacking in the 90s as the commercial internet was first starting to blossom. While the reality I inhabit now as a programmer is dominated by the Internet, my habits are more like pre-Internet programmers.

If I were to make an accurate account of all the time and energy that goes into my most successful and well-engineered software products, the majority of the productive time happens "offline" from the Internet and/or even my laptop's screen.

I spend a ton of time turning the abstract parts of the problem over in my head while doing "nothing" (or during the mundane tasks of everyday life), and even when I do get in front of a screen, I still spend a ton of time just sketching out notes in a text editor - basically arguing with myself until I've managed to jot down some good conclusions on how the design of a Thing should be done. Most of those notes get thrown away eventually, as they materialize into resultant source code. I have sometimes spent weeks or months turning an idea over in my head or in these textual debates with myself before a line of code is ever written.

But at least since the late 70s the kids then who were able to purchase a machine at home (Apple II, Commodore) did manager to stay 24 hours behind a screen. And a lot of interesting things came from that era.

I'd argue that it's not the distraction or time spent before a screen, but the complexity software engineering becomes. Back in late 70s and 80s if you owned a personal computer, you can literally map the whole memory into your brain. A commercial game could be developed in under 2-3 months. Just look at how ID Software managed to pump out tons of games in under one year. They are definitely very talented, but how come they don't do it nowadays, or even in the late 90s?

Nowadays computing is the red sea where competition is cut throat and even great talents only get to work in a niche area.

> If you can land a job like those at PARC or Bell Labs, then yes, "carreer hacking" is certainly possible.

I wonder what the modern version of these are.

I'd say research position at Google of Microsoft. If research positions are not available then any position that gives you some freedom to poke at whatever you like.

I do agree that such positions are much rarer nowadays than the Cold War in which states were willing to invest X% for scientific progression. Nowadays? Let's cut everything that doesn't have a strong political backer.

Judging by the output of Google and Microsoft research units, they seem to be watered down variants of academia (with a lot more practical bent) and they certainly don't allow you freedom to pursue interests.

In "UNIX: A History and a Memoir", BWK claims he doesn't know of anything equivalent today.

It's kind of sad. Working at 1960-1990 Bell Labs 1127 is my dream.

Maybe in 100 years people will realize that maybe there is something more to business than short term appeasement of shareholders.

Maybe in 100 years people will realize that regulated monopolies are not necessarily a bad thing.

Sounds like you have bad computer job experiences.

20+ years on I've had some good, some bad and some occasionally wonderful. It's not a bad profession, as professions go: things are generally very cushy and you can, from time to time, experience the same elation as when exploring on your own (though, for me, it's getting increasingly rare).

It's a big difference between sating your own curiosity in a hackeresque way, learning about what interests you, programming whatever the heck you like, and working professionally with software development.

If there's a programming job with no specs, no customer demands, no deadlines, no legacy maintenance, no market pressure, no platform preferences or language requirements, please let me know, would you? :)

Sort of tangential, but I find that when I escape one set of annoyances, another pops up. I don't mean that worse problems are replaced by better problems, but rather that I seem to create them myself. The pain point isn't really in what's required or what's happening, but how I react to things.

Programming would be awesome without having to mess with customers.

Unfortunately, we get paid to translate business requirements to a language a computer can understand. Is that programming? Maybe, but a limited, rigid subset, that I at least don't find particularly stimulating.

I try to balance both out having a day job and having stuff that motivates me for learning and or Side projects. Even though I take breaks on my side projects I think you can be an OK hacker but, if you are able to get a large amount of free time making around ~$50 then I would agree with you.

That's interesting. Not sure I agree -- being into computers as a kid is what got me into programming. But there's probably more than one way to do it.

Not sure why that would be mutually exclusive? Programming doesn’t have to be a dayjob.

Pretty much what I'm doing but I do hope for a coding job...

Like most things, hacking is a lot like angling in the respect that it's a fun, relaxing and rewarding pastime, but most often neither of these when depended upon for survival.

Ha... boy this describes several phases of my life (with lessons learned) remarkably well. Thanks for the chuckle.

Poker, sports betting arbitrage, bug bounties... All were fun before I tried making them my day job.

Interestingly, the initial article [0] is still alive and updated. The most recent addition was about Go. I'm always impressed by how many people do things with this language. It seems to really hit a sweet spot for small to big tools.

[0]: http://www.catb.org/esr/faqs/hacker-howto.html

A hacker might be the modern independent scholar. You can follow your tech curiosity, self-study and work on your own little projects and be intellectually and creatively rewarded.

Start anywhere, any programming tutorial, or any arduino project recipe. Get immersed and always figure out how the stuff really works. You are most likely smart enough to do it.

If employment is an issue, well, what you learned from the above should take you at least halfway to a job and probably make your career better.

Interestingly, John Carmack talked about doing a “gentleman scientist” approach with AI

Sometime last year I was taking a short bus ride home from a local supermarket in Leytonstone (London) when a passenger boarded with a slightly louder American voice. I thought he looked familiar then it hit me - Richard Stallman. I didn't have much time to decide what to do as he was about to get off at the next stop so I left the bus at the same stop and caught up with him. After an introduction and short conversation about Emacs and the Free Software Foundation he drew his sword upon which I kneeled and was dubbed a hacker. That's how it's done.

Aw, alright - the sword bit is fictitious but the rest is true. Contact with a deity can confer status.

I too have a Stallman encounter story from years ago. He used to work/sleep one floor below the research group I worked for as an undergrad, and he would wander up to our floor regularly. He would sometimes walk by and nod at me when I was working on the computer. One day he stopped and asked me what language I was using. I told him it was Java, and he said, unsurprisingly, that I should help contribute to gcj, gnu’s free Java alternative. Not really knowing how to respond, I kind of mumbled something to the effect that I’ll look into it, and then added that I was at least using Emacs. A few days later, I went to use the bathroom on my floor, and who should be standing at the next urinal but the man himself. He recognized me, and while we were both emptying our bladders, he asked if I had checked out gcj yet. I had to admit that I hadn’t yet and that I was hosed that semester because I was taking some tough classes. He reiterated that I should contribute if possible. Well, after that, I did checkout gcj and eventually used it quite a bit, including in production. Sometimes I wonder if I might be the only person who’s ever had a urinal conversation about free software with Stallman, but given his whole life of gnu advocacy, I believe there must be many more of us out there.

Edit: spelling

Does this make me a hacker?

Donald Knuth was giving a presentation to celebrate someones birthday by debugging his old FORTRAN code. He was having trouble giving it since his PDF of his presentation was autoforwarding using Adobe Acrobat. I figured out that Preview would avoid this outcome. I think this is the largest contribution I will have to Computer Science.

Nice. Mine's not so impressive, but when I was green and in college, I was casually job shadowing an older friend for a day at a major tech company, and was asked to take a look at some code that had an issue.

I spotted the bug in 30 seconds.

It was then I realized that even at the top of our profession, everyone is still human beings with their own sets of strengths and weaknesses, and I have just as much potential as anyone else.

New eyes help a lot. Haven't you glossed over something that once found is obvious, both yourself and with the help of others?

This power is only multiplied when having to answer good questions about the system and even explain it in ways that may be different from your usual model but that clicks better with the other person.

Yea, to this day though I don't know how you can configure Adobe Acrobat to autoforward slides.

Pretty sure you mean this talk: https://www.youtube.com/watch?v=pP2D4DEQBTU — the contribution was crucial IMO :)

I've seen Knuth give other (more recent) talks out of slides like that one (https://cs.stanford.edu/~knuth/karp80.pdf) where each PDF page is a possibly different size and he wants it displayed full screen individually, but don't recall that problem from other times… so the impact of your contribution may extend beyond that one talk!

I'm reminded of a quote from Steve Jobs about optimizing the Macintosh.

"Well, let's say you can shave 10 seconds off of the boot time. Multiply that by five million users and thats 50 million seconds, every single day. Over a year, that's probably dozens of lifetimes. So if you make it boot ten seconds faster, you've saved a dozen lives. That's really worth it, don't you think?"

I must have optimized Computer Science at least maybe a minute or two. Too bad it won't change my Erdos number.

It was really cool getting a selfie with him.


That's an awesome experience. And the sword part may not be true, but it might as well be.

"A thing may happen and be a total lie; another thing may not happen and be truer than the truth." -- Tim O'Brien, The Things They Carried

I love how, this being Richard Stallman, I actually believed the sword thing.

Somehow "took out a flute" just didn't cut it.

You kneeled on his sword?

Hackers rites are different then knight rites.

upon which ~ at which time.

Possibly more of a British English usage; I'd appreciate somebody with better formal language knowledge giving a less shallow insight.

Or even thereupon.

I'm reposting part of a comment I wrote (and adding to it).

My version on how to become a hacker. It's just another reference point.

Step 1: Go to http://www.catb.org/esr/faqs/hacker-howto.html

Step 1b (bonus): read Hacker News (it actually helped, it also really distracted, the latter part is why it's labeled as bonus)

Step 2: Complete Binary and Malware Analysis at the Vrije Universiteit

Step 3: Complete Computer and Network Security at the Vrije Universiteit

Step 4: Complete Hardware Security at the Vrije Universiteit

Step 4b (bonus, I mean, you're there now anyway): Complete Kernel Programming at the Vrije Universiteit

Step 5: Go to https://hackthebox.eu, hack at least 1 easy, 1 medium, 1 hard and -- for good measure -- 1 insane box

Congratulations, you are now a hacker in every sense of the word:

1. You broke into computer systems.

2. You needed to be curious in order to do it.

This took me 8 months, personally (60 hours per week). I found it a lot of fun. It could take you a lot less time or more time.


I'm assuming you already know how to program, if you don't then get the following prerequisite knowledge.

Step 1: do CS50 in order to learn programming and learn how to learn programming languages. What I've seen in students is that the first 6 weeks are experienced as more difficult than the last 6 weeks (hint: it's because you start off with C). So don't get discouraged. If this is not you and it is the other way around, I've seen that too (though, I've seen it less. It depends on the default mode of thinking that a person uses).

Step 2: do https://www.nand2tetris.org/ to understand computer systems and get some assembly under your belt.

Step 3: if you feel like this road is too rigid, do a project that you're interested in here. Get it out of your system now, because the above mentioned stuff took me 10 months, personally. Create a computer graphics engine with OpenGL and Java. Yes, you could do C++ but that's complicating things for now. If you really want to though, go ahead, C++ is a fine choice if you're burning with passion.

These 3 steps probably take between 4 to 8 months. Some people with a hacker mindset could do this within 2 months, or 1 month even (email me if you did!). Some people that have other stuff going on in their lives will do this in 8+ months. It's all fine.

So you read ESR's definition of hacker in step 1 but instead focus on what he called "cracker"[1] in step 2/3/4 (not 4b)/5? Either you misunderstood "hacker" or unintentionally gave a misleading example of learning...

[1]: http://www.catb.org/esr/faqs/hacker-howto.html#what_is

No, I used both definitions. As you can clearly see I stated:

> Congratulations, you are now a hacker in every sense of the word:

> 1. You broke into computer systems.

> 2. You needed to be curious in order to do it.

There are multiple ways to get to 2. This is one of them. There are multiple ways to get to 1. This is one of them.

I simply leave it in the middle as to who gets to decide what the definition of a hacker is. I simply took both definitions that I know to be defined by hackers themselves (point 2) and the media/general public (point 1).

Subverting computer systems to let it do other things that you want is very very much a part of the definition of 2. Which is how breaking into computer systems and following your technical curiosity can overlap.

But I would totally agree with you that we'd live in a sad world if my path was the only way in which people became hackers.

Also note that Hacker News is on there as a bonus and if it wasn't as distracting as it is, then I'd put it there as mandatory. HN stimulates purely the curiosity part of hacking.

Serious Question, why is there such a heavy infatuation / prerequisite to running Linux to become a hacker?

Is it for folks who are focused on going below the application layer (working on OS/Kernal etc) or just general. I find my MacOS to be such a comfortable system to hack and wonder if I actually need to move to Linux natively to get more involved in projects below the application layer.

Linux is open. It's a lot more conducive in letting you know more about what's going on underneath.

To quote the original guide (http://www.catb.org/~esr/faqs/hacker-howto.html#skills2) "Under Mac OS X it's possible, but only part of the system is open source — you're likely to hit a lot of walls, and you have to be careful not to develop the bad habit of depending on Apple's proprietary code."

I've enjoyed learning hacking skills by configuring GNU/Linux partially guided by an excellent MIT course by MacOS users (freely available at https://missing.csail.mit.edu/). On MacOS you can get a lot out of customizing your shell, text editor, terminal multiplexer, etc. with dotfiles. But I prefer a more completely free (libre/open) operating system because it doesn't stop there, I've patched and compiled my own custom window manager as well, and my entire operating system has the level of hackability that I love in the terminal. I guess all of the software I've mentioned is not below the application layer but above other applications (except for the most part the text editor).

>Step 2: Complete Binary and Malware Analysis at the Vrije Universiteit

>Step 3: Complete Computer and Network Security at the Vrije Universiteit

>Step 4: Complete Hardware Security at the Vrije Universiteit

Can you share the resources i.e. Books, Videos etc used in the above courses? Might be a good starting point for those who want to delve into the subjects.

Are those courses at Vrije Universiteit open in some way? Is the best approach to grab the syllabus for each one and go through it that way?

No they're not. I also don't know any good alternatives. I mean, I've seen elements of it (especially of computer and network security) but it didn't feel the same.

I know it's the COVID season(s) but other than that: these courses cost 1200 euro's for non-EU students, I think. I'm relatively sure about the price (range: 1000 - 1500 euro's). I'm not sure if they allow contract students from the US.

Let me think about this for a bit.

No problem, just wondering. Glad to be made aware that there are high quality classes on these subjects. Maybe they'll move the coursework to a more online-friendly format soon, will have to keep an eye out. Excellent list in general though, thanks for the contribution.

I don't get this comment, it feels like "just follow a master in security lmao".

With this knowledge one can become a hacker. It's that simple. I've hacked into systems by using my curiosity and this background knowledge.

A hacker is defined as someone who's curious about technology. If you have this knowledge and apply your curiosity to understanding more of it, especially on how systems shouldn't behave but somehow do, then you're a hacker. An example of this type of hacking is creating Tetris in the game of life.

If you break into a computer system (legal or illegal), you're a hacker.

This knowledge helps you to both goals. It helps towards the broadest definition of what being a hacker is, no matter which person you talk to. There is of course the requirement that you're curious as well. But IMO if you're capable of successfully passing this, then you are curious and when given free reign, it'll be applied and you'll learn even more about computer systems.

It's not the only way, but it's one way of doing it. It's not the best way either, but it does answer the question: I want to become a hacker? How? Well, follow this path, tick off every box, notice the change within you and your thinking and voila. You're a hacker.

Obviosly, this is simply my opinion. Feel free to disagree. But I do view that it is that simple. Bear in mind that this path takes at least 2 years if you don't know how to program. So it's much easier said than done. It took me 8 years to get to this point (I studied a lot of other things).

Given that explanation, is there something you don't get? It's a genuine question.

Are there free alternatives to Vrije Universiteit

And don't forget the synchronous communities! All hackers have at some stage had a collection of friends in MSN, IRC, ICQ, XMPP, Slack, Discord, Mattermost -- something where they can regularly collaborate and talk among individuals with relevant interests.

Check out your local subreddits, find links to invites and start forming relationships with people you may never meet. Because more often than not, these are the people that will introduce you to concepts, jobs and cool shit you'd never find out on HN, Reddit or blogs.

For me, there is a checklist of ideas one has to grok and then computers connected over a network and talking to one another is comprehensible.

I think a lot of the complexity of modern software development is powers that be, entrenching their powerful positions by layering more and more complexity, so that no team of a dozen people can ever hope to compete.

There is no attempt to re-factor our current way of doing things to reduce the complexity 10x. We're stuck with multiple OSes, multiple languages, multiple tools for each language, a plethora of frameworks that do the same thing but slightly differently and none of them do anything uniquely excellent, they're different for historical reasons, not pragmatic.

Half the web developer jobs are a matter of manually solving SQL <-> user interface problem, specific to a business domain.

Why we don't sit down and create protocols/specs for each business domain that span across SQL, UI, security and permissions levels so that each bank doesn't have to hire a team of IT people to do the same thing slightly differently is beyond me - I can only guess it is because nobody in government understands how computers work.

We're seeing some reduction in complexity with cloud providers, but it is of the worst kind - it is consolidation combined with vendor lock-in, proprietary software and pay-as-you-go pricing, yikes!

Being a programmer is not being a hacker. This article is about how to become a decent programmer .

I think any decent programmer is also a decent hacker. Because it's hard to imagine someone being a decent programmer if they can't get the computer to do what they want. Which is the classic definition of a hack: to force the computer to do what you want, whether the computer wants to or not.

The more I learn I’ve started to think more and more there is not a separate skill of hacking except maybe to learn a few tools- the best engineers to reverse engineer a system are generally the ones capable of forward engineering it.

I dont understand what he means when he said

"(a good example book for this currently is Designing Data Intensive Applications)."

I got this book recently and was planning to read it soon, does he thinks the tools and techniques mentioned in the book are a waste of time, or the opposite?

Ah sorry that's unclear, I meant I thought that book was really good for, "just learning more about the craft of programming in general".

Somehow reminded me of the original Hacker Test https://www.elfqrin.com/hackertest.php

looking at the ESR version the updates only go back to 2007, but I thought I originally read it in 1996. Whatever it was, it was very similar. I miss that feeling of finding mysterious text files from the elders of the internet. I used to think the changes in technology killed that feeling, but now I have a hunch that I just got older.

Warms my heart to see the old ways kept alive.

Brought a smile to my face. The original article by Eric Raymond had a huge impact on my life.

Great post. It's equally refreshing to read an article that uses the word "hacker" appropriately, and not like mass media does (i.e. kid in hoodie with a stickered laptop trying to steal your credit card number).

Kevin Mitnick destroyed any faith I had in what being a hacker was about.

I have given up educating people I met in daily life who misunderstand "hacker" and "cracker", but now I feel sad even on HN and with ESR's article [1] that people here still misunderstand these two.

Hope most HN readers are not coming here looking for new system breaches or vulnerabilities.

[1]: http://www.catb.org/esr/faqs/hacker-howto.html#what_is

He's a corporate man now, but in his youth he was legit.

I felt his story was spun in a way that accredited far more moral weight than I learned was actually warranted

The author's experience mirrors mine almost exactly, down to being inspired to study computer science by that how-to.

And, maybe not coincidentally, I agree with everything in that post.

I appreciate this blog post very much. Glad I read it 4 years into my programming journey rather than 14 years.

We would be a lot better off if this term went away.


This is confusing. "Hacker" is a person who uses computers to gain unauthorized access to data. "Software Engineer" is the right approach. "Hacker Spirit" lol

The term "hacker" predates electronic computers. It is originally used to refer to someone that creatively uses systems in unexpected, unconventional, and generally creative ways. Media portrayal in the mid 90s grabbed on to this term without understanding its actual context. One potential source of the term is the MIT model train club, but that is up for dispute as some claim it existed before that.

There are more self-described hackers that do good and creative things, and not just related to computer security than the malicious types. Fun fact, the "maker" movement was a branded version of the "hackerspace" movement for people. Any time you hear about a Maker they're also a Hacker just kind of a subset of them.

Source: I'm senior staff of DEFCON, the largest hacker conference on the planet.

The term hacker is indeed pretty old. As far as I know the MIT model train club divided themselves into the artists who worked on the scenery on top of the board and the hackers who worked on the underside of the board on the fancy electrical switching they had adapted (hacked) from telephone exchanges. When computers first arrived at MIT this latter group moved their focus to them and the term "hacker" moved with them into computing.

Other comments have mentioned "cracker" in relation to invading systems. Before computers we had "safe-crackers".

What's your stance on the term "cracker"?

I was super into reverse engineering and loved the challenge. It seemed at some point "cracker" moved away from someone who can break software protections through reversing to someone who uses tooling to break into systems, without understanding how computers work. I still prefer "cracker" as someone who can reverse and break software protections.

Also, Thanks for helping out with Defcon! Been there a couple times and plan to go again. At the next live con i'm down to meet and talk about hacker lore!

Thanks! FWIW I think the virtual con this year is going to be pretty cool. There are a lot of challenges, and forms of interaction that aren't possible in person we're going to try out. There sadly are a bunch of things we can't do virtually that I'll definitely miss from the in person event as well. It'll be different but still hopefully awesome.

I think the term cracker had the same media portrayal problem probably starting with the movie Sneakers (of the top of my head, no fact checking there) but it is a much more niche term in general and if you were to generally use it around people, probably even in computer adjacent jobs, they'd be more confused by what you're talking about then recognize it.

That being said yeah I'm 100% down with considering crackers being the DRM busters. I personally kind of consider demo scene wizards to be part of the "cracker" group even though it is completely unrelated. There just seems to be a heavy amount of overlap.

There was a movement around 2000 to define hackers as the good guys and crackers the bad guys who break into computer systems and cause damage. I believe that movement failed.

A cracker, to me, is someone who breaks software protection. A hacker can be good or bad, and that makes the word more fun.

If you believe that, what are you doing on "Hacker News"?

You can't use "engineer" in Canada without complete studies in engineering and paying money every year to be a member of their club.

People I know in real life use the word "hacker" for "generates crappy code that holds together via duck tape basically".


Their first mistake was taking heed of anything ESR has to say, including his archaic opinion on what hacking is.

If it's nothing to do with software or hardware security, then it's not hacking.

And yes, this site is itself woefully misnamed.

I don't know, this matches closely the meaning I was taught when I was first introduced to the word. I've never found Hacker News to be misnamed.

I don't like this new definition of the word "hacker". I wish people would call builders and tinkerers something else. We have all this strong history with hackers who are the ones that infiltrate systems. And now someone makes an app and he/she is a hacker. Somehow I feel like there's a necessity to feel special and unique. This word is so soft now.

The builder/tinkerer meaning predated the infiltrator meaning by like a couple of decades, but whatever, okay, zoomer.

Based on your comment and some of the other ones on here, I looked this up and it looks like the original meaning of “working on a tech problem in a different way than what’s outlined in the manual” dates back to the 1950’s.


Curious to see this comment on "Hacker News".

Did you think this resource was about the infiltration profession?

Yup, on hacker news, that doesn't mean I like the name of this page, right?

It's clearly not "new", at least.

Absolutely agreed, the word used to carry a good bit of street cred but now everyone and their grandma is a hacker.

This is exactly what I mean. But I guess I'm a minority here

I wrote a comment about a recent article that talks about doing the cybercrimes as non glamorous[0]. Here was my response:

(I bring it up because too many people see hacking as glamorous when it often is not, except for the payoff at the end)

Like anything, it's usually the payoff that is exciting and glamorous. I know the old hacker mantra: 'boredom and drudgery are evil' hence why we automate everything, but I don't think the mantra holds true for most hackers. The best hackers know that programming essentially works against you when you do it, because there's no instant gratification. You have to constantly bang your head against the wall (even because of simple syntax mistakes that make you feel like a n00b all over again).

The payoff is always fantastic though. Whitehat or blackhat, knowing that all that hard work and grunt pays off is a wonderful feeling. I tend to veer towards whitehat stuff though because of the old saying: 'If you can't do the time, don't do the crime'.

[0] https://news.ycombinator.com/item?id=23355084

If you need to ask How to Become a Hacker, you are not going to be one. It all depends on your personal curiosity, either you have it or you don't.

PS: Found 0day on Paypal when I was 12 in the early '00s, never got paid or recognized for it :(

Surely if someone is interested in the topic of "how to become a hacker", it shows the kind of curiosity that you are talking about.

PS: Congratulations? How is this relevant, gate-keeping aside?

I think this is phrased wrong. I get what you mean, but this is just gate keeping. First, what do you even mean by hacker? There are many ways to describe this.

Sure, if you mean the creativity, bending the rules of what's possible, general interest in discovery... that's traits people have in the first place before being called hackers. But that's not the only way.

I find gatekeeping in the hacker world to be some of the worst in tech.

There's a strong "if you can't figure it out on your own you're too stupid to help" vibe to it, while the rest of the dev world has actually made some decent strides toward valuing inclusion and education.

I find that this is largely the American hacker community - European hackers, and especially Germans, tend to be incredibly supportive of people with the drive to learn. They also tend to expand their hacker mindset to things other than computers - wherever there's a complex system, they're critical of it, enjoy learning how it works, learning how to break it and bend it.

There is a certain kind of person that will become some kind of hacker no matter what, but with advice and guidance they will get a lot further than without.

Definitely. I had an hacker's mind from age 0. Mind you, I felt in love with hackers of my time when I was 12 years old. But unfortunately, I had to learn by myself. I didn't have a mentor around me (and my parents could not keep up) for a number of years. Eventually, I ended in the demo scene and there I found a bit of help. It took me so much time. And when I compare to other hackers who had friends in the business, they just learned faster than me :-(

So, even though it sounds obvious : the number one priority is meeting other people, sharing information. Social skills are sooo important if you're not an absolute genius...

personally, I think it is false to think about skills as linear model, it is more inverse exponential model a like. In another words, what I am trying to is that; if you have sustained environment, discipline, and some luck, it is straight forward to become worst of the best. How fast you get there will depend to some extent of advice and guidance, but one has ask self; does he want to become in shortest time worst of the best or become worst of the best no matter what.

You mean you have to acquire the ability to actively collect and discriminate?

Note the article is about a different and older definition of hacker than you seem to be using.

From the ESR article linked: “The basic difference is this: hackers build things, crackers break them.”

This is quite false! The mere fact that someone asks how to be a hacker shows they are curious.

A true hacker asks a lot of questions. Lots and lots of questions. The longer you hack, the more obscure, interesting, and fascinating the questions become.

In fact, a key part of becoming a hacker is figuring out the right questions to ask. You learn to do so by asking the wrong questions. As you gain experience, revisiting old questions can lead to beautiful solutions.

Another important aspect of being a hacker is sharing knowledge! Hacking is about learning. A lot of what I learned is from reading what others have wrote. Also by failing and experimenting.

When I was a kid, I did ask my friends "how do i become a hacker" and "how do I hack". I'm glad I did, because I've been enjoying the journey ever since.

Extraordinary claims require extraordinary evidence. I normally don't call people out on this as we are human and we need wiggle room for conversation and the formulation of opinions. Plus, everyone is guilty of this, me included. In fact, the previous statement is me doing it as well. We are human after all.

But I do tend to call people out on this when people stifle curiosity with these type of claims. Knowing myself, I know that 10 years ago I might've taken your advice to heart as I didn't know any better. I know that I've done this in other areas of my life and it has had a negative impact.

So I am here to produce a counter voice loudly proclaiming that one should be very sceptical about taking your opinion to heart.

Some people claim God exists. And I therefore should live quite differently than I am right now. I require extraordinary evidence.

Some people claim that you can't become a hacker if you need to ask it. I require extraordinary evidence.

In spirit of my sentiment, I'm going to give you a counterexample. I'm the counterexample.

Step 1: Go to http://www.catb.org/esr/faqs/hacker-howto.html

Step 2: Complete Binary and Malware Analysis at the Vrije Universiteit

Step 3: Complete Computer and Network Security at the Vrije Universiteit

Step 4: Complete Hardware Security at the Vrije Universiteit

Step 4b (bonus, I mean, you're there now anyway): Complete Kernel Programming at the Vrije Universiteit

Step 5: Go to https://hackthebox.eu, hack at least 1 easy, 1 medium, 1 hard and -- for good measure -- 1 insane box

Congratulations, you are now a hacker in every sense of the word:

1. You broke into computer systems.

2. You needed to be curious in order to do it.

If you think this is my whole path then that's not true. This is simply the happy path that I uncovered. It's not optimal, but it works. It might not work for everyone, but I'm sure it will work for more people than just me.

I am now a hacker. And I'm sure there are more counter examples stemming from the VUSec group that started hacking real machines after that.

That's my evidence. I don't expect that you have enough evidence as your position is much tougher and I wouldn't even know how to begin on starting an argument that does. My point simply is: please be a bit careful about the accuracy of your statements if it implies negative consequences. Inconvenient truths are fine, but simply opinions without any backing that leads to something negative really feels disheartening to read.

Note: I didn't downvote. I don't think you had any ill intentions. And you do provide your actual view in a succinct manner (something I could learn from O:) ). And that's what discussion is all about, albeit a bit rough at times, perhaps.

> Some people claim God exists. And I therefore should live quite differently than I am right now. I require extraordinary evidence.

Just curious, theoretically speaking, what are some evidences that would be 'extraordinary enough' for you to believe? For sake of argument, let's assume we're talking about the Judeo-Christian god as described in the standard Bible.

Hmm... God comes down, allows the person that tries to convince me to fly and zaps us to another planet where other lifeforms are. If there aren't any others, then he zaps us to a planet that God thinks is simply amazingly cool (and comfortable enough for us humans). God tells us something that humans may found out in 100k years from now. It doesn't have to be knowledge that is valuable for me to use right now. It should be knowledge that I am able to verify.

Obviously, the number 100k is arbitrary.

Oh, and it should be done in such a way that I can know 100% that it wasn't because of some weird mushroom/drug trip. God is all powerful, I'm sure that shouldn't be a problematic requirement.

This is extraordinary enough. At least, with evolution theory, I actually am able to see this to some extent. It helps that I've played poker as a hobby and had to think about probabilities on an emotional level a fair bit.

There simply should be no room for doubt. Whenever I'm able to understand a mathematical proof, then I have that feeling as well. Mathematicians also can make quite some extraordinary claims. And then they back it up.

Ok, thanks for the reply.

Just curious, what would be the 'MVE' (minimum viable evidence) such that you would choose to believe?

For example, if instead of flying and zapping to another planet, what if they just fly (without some mechanical invention)?

> Oh, and it should be done in such a way that I can know 100% that it wasn't because of some weird mushroom/drug trip.

How you can you know 100%? That doesn't make any sense. Are you just referring to believing something with faith such that it feels certain?

> God is all powerful

Yes, but he can't make illogic logical. Therefore, I don't see how he could make you 'know 100%' something. He could convince you with evidences, sure.

> Just curious, what would be the 'MVE' (minimum viable evidence) such that you would choose to believe?

I'm simply answering this honestly and I'll confess that I'm not a model citizen on this. In any case, I'm too lazy to think about it. That's the answer. It's why I have a bit of an over the top heuristic. But I also think: surely if one is all powerful, that's not an issue.

> How you can you know 100%? That doesn't make any sense.

God is all powerful, God can devise a scheme in which I'll know it 100%. Here's one for you: I believe that humans have powers that are to quite similar to telepathy, not the same though. We call it WhatsApp. That's extraordinary evidence in such a way that I'll know it 100%. Currently we're moving to machine learning inferring brain patterns. We might actually get to real telepathy.

To me that just sounds insane! But it's true! What?! I am the type of person that finds it quite easy to imagine that I'm simply just a human and nothing more than that. From that baseline our modern world is so crazily magical. It would be awesome if God is in that, but it doesn't need to be in its sheer magicalness.

I have one hypothetical reason why a God (or god-like civilization) might exist. That would be the simulation argument. Also, if we're capable of reproducing consciousness and run simulations, then who is to say that someone isn't already running one? What I do believe is that we might have the potential of becoming Gods as a species. We're trying our damn hardest anyway.

If we're capable of engineering anything and travel anywhere, then one might ask if we can create the exact same universe as we are in right now where (if determinism is real, big if) and if we can do that... Well then again, we might wonder, has this happened before?

So interestingly enough, in my mind, the process of science can turn out to be a very very religious endeavour. Or it might be able to completely dispell it.

It's all speculation during my lifetime though. So I like to keep it to the realms of highly reproduced science (aka engineering and to a big extent physics).

But yea, that doesn't say much about the Christian God, or any religion really. Science is my religion, I simply like the process more of having evidence for things than believing a certain book is the holy word and that I should take it seriously.

I'm sorry if I ranted a bit too much. I don't usually talk about this stuff as it is highly speculative and I have better things to do with my time such as focusing on reality.

I appreciate the non-judgemental tone of the questions by the way.

I appreciate your thorough response. I was questioning the usage of the phrase "know 100%" because I'm very curious about the relationship between "knowing" something and "believing" something. I would argue that there is no such thing as "knowing". And, I think this is an important distinction to make because the common view is that science is somehow fundamentally different to faith, and so we can magically trust it. Actually, science is simply the presupposition by faith that one's senses, mental computations, memory, and experiments are accurate. That's not to say that there aren't qualitative differences, but fundamentally it still rests on faith.

To the extreme, we don't 'know' that 1 + 1 = 2. In fact, you can't be quite certain that you just read that equation correctly. Or perhaps, after you read it your memory (mental or computer) was corrupted: it actually said 2 + 1 = 2.

You believe that 1 + 1 = 2. First, you believed it because someone told you (you trusted your ears). And then you reasoned about it for yourself, and you saw how if you have 1 object and another 1 object and combine them, then you had 2 objects (you trusted your eyes). And eventually you figured that this equation is perfectly knowable because it a metaphysical truth, but you still had to trust your mind to be infallible for that. Even if we believe 1 + 1 has always equaled 2 in the past, we have to take on faith that that is still true in this moment.

Ah, fair enough. I agree with this. They call this epistemology right?

In any case, I always thought this type of stuff was a bit pendantic. And in some perspectives, I still think it is. Such as the "I need to get stuff done" perspective.

However, when I took truffles in Amsterdam (that's legal), this is exactly what I went through. And from that experience I can truly only know that: I experience therefore I am.

It's a spin on Descartes, but suffice to say I couldn't really think (not logically anyway), but I could still experience. It's really unsettling to be corrupted. You have no clue what comes next really.

Other than that, the idea that I assume reality to be true is already a leap of faith. It might all be a fantasy world or a dream. It also might be what we think it is: real.

I think you will find this debated interesting: https://youtu.be/9wLtCqm72-Y

Oh! Penrose! I'm watching this. Thanks!

Applications are open for YC Winter 2023

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact