What do Hackers Do?
© 21 Feb 2013 Luther Tychonievich
Licensed under Creative Commons: CC BY-NC-ND 3.0
other posts

Why hacking exists and what it involves.

 

Per the Church-Turing thesis, a computer is an approximation of a a universal computational device. Meaning it can do anything that can be done—within limits. The limits, in particular, are (1) you can only add a few billion digits a second; Computers are getting faster quickly. ; (2) you can only remember around a trillion words at a time Computers are getting more memory quickly. As of 2013, if a hard drive was printed out as text it would take several dozen big-rig trucks to hold the paper. ; and (3) you can only use devices physically connected to the computer.

Since computers can do (almost) anything, there is always some input you can give a computer that reconfigures what it does. The basic idea of hacking is to find and make use of those inputs, and then ask it to do something the hacker wants. We call it hacking if the owner of the computer doesn’t want you to be doing what you are doing. Otherwise we call it programming.

Following are a few common vectors, or ways a hacker can gain access to a system.

Credentials

Typically the only intended means of changing what a computer does is via user credentials, often a name and password. You can get a password by guessing if the password creator isn’t creative; by decryption if you have access to the encrypted password file and a few hours (or days or years) for the computer to work; or by privilege escalation, phishing, or social engineering (see below).

In case you haven’t heard it enough before, create strong passwords. If your password might appear anywhere on the “‍list of billion most common passwords‍”, make a new one.

Injection

When writing a program it is common to consider “‍are there inputs to exercise all intended functionality?‍” but not consider “‍…and none that do anything else.‍” Input attacks work by finding special inputs that can go into otherwise-innocuous fields and change the behavior of the program.

The existence of injection attacks is the fault of software developers and their managers. There is no technical reason why we can’t remove them altogether See, e.g., seL4 and its proof of correctness. : it just takes a lot of work, and time is money.

Phishing

One way to figure out what inputs grant control of a system is by fooling someone into thinking that they are talking to that system when they are really talking to a hacker’s imitation. Fortunately, most programmers are wary of phishing and good ones have different passwords for different purposes; most phishers target credit cards not developer passwords.

Privilege Escalation

On modern operating systems, most programs don’t have the ability to do that much to your computer. Privilege escalation is process by which a hacked program gets access to more parts of the computer. Commonly this happens by simply asking (you get a popup that says “‍Your web browser wants to access protected system files. Please enter your password to grant it access‍” and then foolishly enter your password) or by using the hacked program to phish or to hack another program.

Social Engineering

It is appalling how readily humans reveal or reset passwords for strangers.

There are other attack vectors, but the above give a feel for the kinds of things hacker do to gain access to a computer.

Once a hacker has access, they can do with a computer precisely what anyone else could do. Hackers need to write code to get computers to behave. Given access, they find it just as hard to do X as does any other programmer.

I dream of a day when injection and its technical kin vanish from the set of attack vectors, leaving only guessing, phishing, decryption, and social engineering. Alas, economic and educational forces mean that day is unlikely to arrive anytime soon.




Looking for comments…



Loading user comment form…