If so, isn’t “Grey Hat” a better term? I read about “Grey Hat” from wikipedia. I don’t know how exactly the Turkish hacker did to your website but it seems he is better categorized into this “hat group” huh?

Actually, none of these terms (hacking and cracking) are found in the statute. The statute merely defines the offensive acts that shall be treated as crime. One should see most of them apply to crackers if he knows how to differentiate hacking and cracking.

The problem is many law lecturers do not have a deep understanding in this area and they barely scratch the surface of it. Thus wrong concept has been passed down from generation to generation. I believe such phenomenon happens somewhere else. Some people could have realized it, but I can tell majority of them never. Frankly, if I had never read your post, I would stick to the wrong concept too. Anyway, I agree that the Malaysian cyberlaw is still at an immature stage.

Hacker and cracker disambiguate the ambiguity. Both terms are product of modern/advanced society. There are a lot of grey areas between both.

The Malaysia’s Computer Crime Acts show the immaturity and incapacity to differentiate hacking and cracking. It is stupid to give definition to ambiguity such as hacking without knowing the black (bad) and white (good) and the grey sides of it.

Although I labeled myself as hacker, but my skill is inadequate to become a hacker myself. I labeled myself hacker because I like hacking and sometimes I hack. Speaking of skill level, I am still far behind than those people in Black Hat, Defcon, etc.

These two have particularly caught my attention because I remember you wrote about the differences between a hacker and a cracker.

My lecture notes has rather vague definitions in both hacking and cracking. It says:

“Hacking in simple terms means an illegal intrusion into a computer system or network.”;
“The motive behind the crime could be as a result of greed, power, publicity, revenge, adventure, desire to access forbidden information, etc.”
(refer to Section 3, Malaysia’s Computer Crimes Act 1997)

Whereas cracking means “an illegal intrusion into a computer system or network with a criminal intention of causing harm”.
(refer to Section 4, Malaysia’s Computer Crimes Act 1997)

In fact, both definitions could apply to cracking alone, right?

You know in some countries like India, the law does not even distinguish between hacking and cracking. So long an unauthorized access is initiated, it is termed as “hacking” regardless intentions. In other words, all sorts of cyber crime conducted by the crackers are accounted “hacking”. Pretty derogatory to those professional hackers (and to you), eh?

Have you ever read the book Cybercrime: A Reference Handbook, authored by Bernadette H. Schell and Clemens Martin? One of its chapters tells the nature as well as the history of hacking and cracking. It has also included some interesting case studies that distinguish between the “good guy” (hacker) and the “bad guy” (cracker).

About the “Good Sorcerer” and “Bad Sorcerer” you mentioned, they are actually more precisely termed as “White Hats ” for ethical hackers and “Black Hats” for crackers. These two terms originated in US from black-and-white western movies, where often, the heroes would wear white hats and the villains would wear black hats.

The book also includes six principles of White Hat Hacker’s Ethic which are quoted from the other book:

1. Access to computers–and anything that might teach individuals something about the way the world works–should be free.
2. All information should be free.
3. Authority should be mistrusted, and decentralization of information should be promoted.
4. Hackers’ status in their community should be judged by their hacking prowess, skill sets, and outcomes–and not by irrelevant criteria such as formal educational degrees, age, race, or societal position.
5. Both art and beauty can be created on computer.
6. Computers can, indeed, change one’s life for the better.

~ Steven Levy, 1984.

Correct me if I’m wrong. These are exactly your ideals of “civilization” in your 文明和野蛮 post, yes?

I have a funny idea actually, hope you don’t mind. I think maybe I should dub you “Mr. White Hat” for you’ve upheld these principles so strongly. The name certainly suits you because you have been wearing a natural white hat (hair) for years.

Back to the topic. Now I wonder. Why did the Black Hat founder name its organization as “Black Hat” instead of “White Hat” in the first place?

龙

Not a good practice in our field. I think dragon has a reason to do so.

张薇

Now, she writes beautiful Ada codes!

Being a software engineer myself developing software for satellites in Xian, I often need to do some hacking to learn how some codes work and to find security loop holes. Due to incomplete technical documentation, my team also do a lot of reverse engineering or hacking to learn about software systems developed by other developers.