Programmers, Hackers, and Technology

8 February 2012 | 3 Comments » | Matt Jones

As a Software Engineer and Security Analyst, one of the things that always bothers me in modern media is how programmers and hackers are portrayed. There seems to be a common belief that they have almost magical powers to pull usernames and passwords out of the air or complete complex tasks in seconds. I know my complaint is common and that anyone in a specialized profession can share my angst, but I thought I would write a little bit on how it actually works. In order to maintain the tempo of your novel, you may be inclined to skip all my advice and use HollywoodOS (the fake Hollywood systems) but at least you’ll be more informed. I’ll try to talk about where we are and where I believe we’re going in the future.

Starting with programmers, we’re a group very similar to writers. All of our work is creative in one way or another. Most of us are given (or help create) a specification that defines what the finished project will be like. Consider this your outline that talks about each chapter and how the characters move around in it. And much like writing the pages of the novel takes time, writing a full application takes a while to code. This is changing even in our lifetimes, however. Frameworks exist that give the developer the ability to create fully functional applications in a short time. Consider this like having a library of plot snippets that you can freely take and insert into your novel. All that is left is to customize the look and flow between the parts. As this advances, I can easily see a future where “programmers’ just tell a system what they want, how they want it to look, and the resulting application is built for them.

Next we have the hackers. I will say that the term “hacker’ has many connotations and many of them are negative when they shouldn’t be. The word hacker itself is used to describe a group that enjoys the challenge of building new things. This can be that kid down the road that turned his wagon and lawnmower into an awesome go-cart, or even you as a writer. It also commonly talks about people who break software or computer security. Technically, this group should be called a cracker, but since using the term hacker to refer to this group is so common, I’ll bear it and follow suit.

Hackers have many different subsets and it’s hard to classify them as a group. I’ll touch on a couple of the subsets here, but I can’t touch on all of them. First, I’ll talk about the lower class members commonly (and usually derogatorily) called script kiddies. This group attacks using software or scripts obtained from various sources. While their methods are effective, they often do not understand the full mechanics of the attacks they are carrying out. They are quick to take advantage of systems that are out of date and not very well maintained, but are unable to penetrate well maintained systems that may not have any vulnerability already exploited. I wouldn’t be surprised if there was a well organized group that gathered and used these scripts as a form of cyber-warfare.

The other side of that coin, and in my eyes the elite group, are the security experts. These are the members who write the code and find the exploits that the other groups use. This group looks the systems and start prodding them to try to figure out how they work. The simple way of looking at this group is like a spy attempting to enter an enemy’s base. They first scout it to determine how it’s configured and look at all the entrances. With enough information they can pretend to be someone else and walk through the front door, or learn the weak points and attack there. Most commonly, unlike the movies would have you believe, this process does not involve the user sitting at the login screen trying to guess the password. They involve lots of surveillance, analysis, and a great deal of luck.

There is one final group that should probably be included and that’s the social engineer. This is probably the most common type of hacker in television and tv. The social engineer doesn’t look at exploiting the computers, but rather the people who work on them. A social engineer attempts to deceive the users to give them information that can then be used to access the system. This information can be usernames, passwords, secret information concerning the infrastructure, or even just access to the secure systems themselves.

While this only briefly touches on these technological roles, I hope you find them useful in building your characters and perhaps making them a little more realistic. If you have any questions or comments, please ask them below!