Q and A About HACKING

Q:
Will you teach me how to hack?
A:
Since first publishing this page, I've gotten several requests a week (often several a day) from
people to "teach me all about hacking". Unfortunately, I don't have the time or energy to do this;
my own hacking projects, and working as an open-source advocate, take up 110% of my time.
Even if I did, hacking is an attitude and skill you basically have to teach yourself. You'll find that
while real hackers want to help you, they won't respect you if you beg to be spoon-fed everything
they know.
Learn a few things first. Show that you're trying, that you're capable of learning on your own.
Then go to the hackers you meet with specific questions.
If you do email a hacker asking for advice, here are two things to know up front. First, we've
found that people who are lazy or careless in their writing are usually too lazy and careless in
their thinking to make good hackers — so take care to spell correctly, and use good grammar and
punctuation, otherwise you'll probably be ignored. Secondly, don't dare ask for a reply to an ISP
account that's different from the account you're sending from; we find people who do that are
usually thieves using stolen accounts, and we have no interest in rewarding or assisting thievery.
Q:
How can I get started, then?
A:
The best way for you to get started would probably be to go to a LUG (Linux user group) meeting.
You can find such groups on the LDP General Linux Information Page; there is probably one near
you, possibly associated with a college or university. LUG members will probably give you a Linux
if you ask, and will certainly help you install one and get started.
Q:
When do you have to start? Is it too late for me to learn?
A:
Any age at which you are motivated to start is a good age. Most people seem to get interested
between ages 15 and 20, but I know of exceptions in both directions.
Q:
How long will it take me to learn to hack?
A:
That depends on how talented you are and how hard you work at it. Most people can acquire a
respectable skill set in eighteen months to two years, if they concentrate. Don't think it ends there,
though; if you are a real hacker, you will spend the rest of your life learning and perfecting your
craft.
Q:
Is Visual Basic a good language to start with?
A:
If you're asking this question, it almost certainly means you're thinking about trying to hack under
Microsoft Windows. This is a bad idea in itself. When I compared trying to learn to hack under
Windows to trying to learn to dance while wearing a body cast, I wasn't kidding. Don't go there.
It's ugly, and it never stops being ugly.
There is a specific problem with Visual Basic; mainly that it's not portable. Though there is a
prototype open-source implementations of Visual Basic, the applicable ECMA standards don't
cover more than a small set of its programming interfaces. On Windows most of its library support
is proprietary to a single vendor (Microsoft); if you aren't extremely careful about which features
you use — more careful than any newbie is really capable of being — you'll end up locked into
only those platforms Microsoft chooses to support. If you're starting on a Unix, much better
languages with better libraries are available. Python, for example.
Also, like other Basics, Visual Basic is a poorly-designed language that will teach you bad
programming habits. No, don't ask me to describe them in detail; that explanation would fill a
book. Learn a well-designed language instead.
One of those bad habits is becoming dependent on a single vendor's libraries, widgets, and
development tools. In general, any language that isn't fully supported under at least Linux or one
of the BSDs, and/or at least three different vendors' operating systems, is a poor one to learn to
hack in.
Q:
Would you help me to crack a system, or teach me how to crack?
A:
No. Anyone who can still ask such a question after reading this FAQ is too stupid to be educable
even if I had the time for tutoring. Any emailed requests of this kind that I get will be ignored or
answered with extreme rudeness.
Q:
How can I get the password for someone else's account?
A:
This is cracking. Go away, idiot.
Q:
How can I break into/read/monitor someone else's email?
A:
This is cracking. Get lost, moron.
Q:
How can I steal channel op privileges on IRC?
A:
This is cracking. Begone, cretin.
Q:
I've been cracked. Will you help me fend off further attacks?
A:
No. Every time I've been asked this question so far, it's been from some poor sap running
Microsoft Windows. It is not possible to effectively secure Windows systems against crack
attacks; the code and architecture simply have too many flaws, which makes securing Windows
like trying to bail out a boat with a sieve. The only reliable prevention starts with switching to Linux
or some other operating system that is designed to at least be capable of security.
Q:
I'm having problems with my Windows software. Will you help me?
A:
Yes. Go to a DOS prompt and type "format c:". Any problems you are experiencing will cease
within a few minutes.
Q:
Where can I find some real hackers to talk with?
A:
The best way is to find a Unix or Linux user's group local to you and go to their meetings (you can
find links to several lists of user groups on the LDP site at ibiblio).
(I used to say here that you wouldn't find any real hackers on IRC, but I'm given to understand
this is changing. Apparently some real hacker communities, attached to things like GIMP and
Perl, have IRC channels now.)
Q:
Can you recommend useful books about hacking-related subjects?
A:
I maintain a Linux Reading List HOWTO that you may find helpful. The Loginataka may also be
interesting.
For an introduction to Python, see the introductory materials on the Python site.
Q:
Do I need to be good at math to become a hacker?
A:
No. Hacking uses very little formal mathematics or arithmetic. In particular, you won't usually
need trigonometry, calculus or analysis (there are exceptions to this in a handful of specific
application areas like 3-D computer graphics). Knowing some formal logic and Boolean algebra is
good. Some grounding in finite mathematics (including finite-set theory, combinatorics, and graph
theory) can be helpful.
Much more importantly: you need to be able to think logically and follow chains of exact
reasoning, the way mathematicians do. While the content of most mathematics won't help you,
you will need the discipline and intelligence to handle mathematics. If you lack the intelligence,
there is little hope for you as a hacker; if you lack the discipline, you'd better grow it.
I think a good way to find out if you have what it takes is to pick up a copy of Raymond
Smullyan's book What Is The Name Of This Book?. Smullyan's playful logical conundrums are
very much in the hacker spirit. Being able to solve them is a good sign; enjoying solving them is
an even better one.
Q:
What language should I learn first?
A:
XHTML (the latest dialect of HTML) if you don't already know it. There are a lot of glossy, hypeintensive
bad HTML books out there, and distressingly few good ones. The one I like best is
HTML: The Definitive Guide.
But HTML is not a full programming language. When you're ready to start programming, I would
recommend starting with Python. You will hear a lot of people recommending Perl, and Perl is still
more popular than Python, but it's harder to learn and (in my opinion) less well designed.
C is really important, but it's also much more difficult than either Python or Perl. Don't try to learn
it first.
Windows users, do not settle for Visual Basic. It will teach you bad habits, and it's not portable off
Windows. Avoid.
Q:
What kind of hardware do I need?
A:
It used to be that personal computers were rather underpowered and memory-poor, enough so
that they placed artificial limits on a hacker's learning process. This stopped being true in the mid-
1990s; any machine from an Intel 486DX50 up is more than powerful enough for development
work, X, and Internet communications, and the smallest disks you can buy today are plenty big
enough.
The important thing in choosing a machine on which to learn is whether its hardware is Linuxcompatible
(or BSD-compatible, should you choose to go that route). Again, this will be true for
almost all modern machines. The only real sticky areas are modems and wireless cards; some
machines have Windows-specific hardware that won't work with Linux.
There's a FAQ on hardware compatibility; the latest version is here.
Q:
I want to contribute. Can you help me pick a problem to work on?
A:
No, because I don't know your talents or interests. You have to be self-motivated or you won't
stick, which is why having other people choose your direction almost never works.
Try this. Watch the project announcements scroll by on Freshmeat for a few days. When you see
one that makes you think "Cool! I'd like to work on that!", join it.
Q:
Do I need to hate and bash Microsoft?
A:
No, you don't. Not that Microsoft isn't loathsome, but there was a hacker culture long before
Microsoft and there will still be one long after Microsoft is history. Any energy you spend hating
Microsoft would be better spent on loving your craft. Write good code — that will bash Microsoft
quite sufficiently without polluting your karma.
Q:
But won't open-source software leave programmers unable to make a living?
A:
This seems unlikely — so far, the open-source software industry seems to be creating jobs rather
than taking them away. If having a program written is a net economic gain over not having it
written, a programmer will get paid whether or not the program is going to be open-source after
it's done. And, no matter how much "free" software gets written, there always seems to be more
demand for new and customized applications. I've written more about this at the Open Source
pages.
Q:
Where can I get a free Unix?
A:
If you don't have a Unix installed on your machine yet, elsewhere on this page I include pointers
to where to get the most commonly used free Unix. To be a hacker you need motivation and
initiative and the ability to educate yourself. Start now...