BH #2 - How to Feed and Care for your Hacker

So you're thinking of hiring a hacker to help your business manage it's computer infrastructure. You've probably heard about other companies successfully hiring hackers. You also probably have some concerns about this. Won't the hacker break into all the computers, and steal sensitive company information just to profit? What if they do something illegal? There are a lot of misconceptions about hackers. This article attempts to clear those up, as well as help you understand a hacker.

First of all, I'll start by saying this. The media has had a field day with the word hacker. They've hyped it up to sinister creepy proportions. A hacker does not break into computers to steal information, only to profit from it. That is a criminal. Those people are often called crackers. Heads up, new terms. To understand this a bit easier, lets break things up into a top down food chain.

Hackers - These are at the top of our food chain. They are extremely analytical. They like to take things apart to see how they work. They think outside the box. They will look at a problem in many different ways from an unbiased point of view, evaluate many different ways to solve it choose the most secure, most efficient one, then recommend it, and/or implement it. All hackers have the ability to crack. However, hackers also have a sense of ethics. While they are able to point out security flaws, they will not use their knowledge to steal your information to sell to your competitor unless they are criminals, in which case they fall into a different category. Crackers can't hack, although a lot of them like to be called hackers, and enjoy the media attention they receive. Hackers are programmers. Some may be able to code in more programming languages than others. They may have also once programmed, but no longer do this. However, they still retain the same analytical thought process. Most hackers can, and do use a process called extreme programming. This is where they sit down and start writing code without planning it out. Some do light, general programming, then code in the details as they go. We'll get into this later on.

Phreakers - These are the telephone equivalent of hackers. They specialize in exploring the telephone system. There is a gray area in this group where the category of criminal and phreaker begins and ends. These people are extremely knowledgeable in the area of telecommunication. The criminal element uses their knowledge to rip off the telephone companies. The ethical group uses their knowledge to gain more knowledge, point out security flaws in the current systems, and urge those in charge to fix these flaws. These people also possess cracking skills. Some of these are also programmers. A person can be a hacker and a phreaker. (The term phreak is coined from phone and freak) These people may write software related to phreaking, or build electronic devices related to phreaking. These people are extremely electronic savvy. (as in chips and components electronics, low level stuff)

Crackers - These people haven't quite made it to hacker status. Some of them can program, but most of them that do possess programming knowledge fall into the Wares Dudes sub-category. These are the people who can, and do break into computer systems. They do not sell the information for profit, or exploit what they find unless they are criminals, which is a different category all together. These people crack passwords, accounts, serial numbers, etc. The skills required to do this are a subset of what is in the hackers arsenal. Crackers usually don't create new software from scratch, unless it is a utility to aid in the cracking process. The field of vision is narrow.

Wares Dudes - This is a sub-category of a cracker. These people specialize in defeating the serial, and various other copy protection schemes. Many of these people also distribute their cracked software on the net. Many of these people also fit into the criminal category. Script Kiddies - These are the people who are also called wannabe hackers or crackers. They download programs, utilities, scripts, etc. created by the crackers and hackers in an attempt to define themselves as a hacker. Most hackers at one time started out as a script kiddie. You tend to run into them in the hacker channels on IRC. These people tend to be young teens or actual kids, however, some never get past this status as they grow up. A good portion of these people also fit into the criminal group if they stay in this status for a while. This is because they have improper morals, ethics, and lack the knowledge to keep from getting caught.

Criminals - Some hackers, crackers, wares dudes, and script kiddies can fall into this catagory if they do not maintain a sense of ethics and morals. These are the people the media love to do stories about, and label them as hackers. In reality, these people are a very small portion of the hacker community, a small amount of the cracker community, and a larger (but still small) portion of the script kiddie community.

I've only scratched the surface of these different categories. In fact they can be broken down further, or organized a little differently, but the general idea will still hold true. These categories will serve the purposes of this article.

Now as for the hiring process, do you really want to hire a criminal? No one does. Treat that as you normally would when hiring a standard employee. You know, the usual resume, references, criminal background check, etc. Please note, it is possible for a criminal to reform. There have been some hackers, crackers, phreakers, etc. who have been arrested, served their time, released, and obtained good jobs where they use their knowledge ethically now. Some have ever started their own companies. Do not be biased when evaluating a potential employee. Ok, so you've hired a hacker. Wow, they're really weird aren't they? Of course they are. They don't think like your standard employee. They probably even dress strangely. Your hacker will wear what they feel comfortable in, unless you've made it clear up front that there is a certain dress code. If there is a special event, company function, etc. that will take place, feel free to ask your hacker to dress differently. Don't be rude. Just explain politely. They will be more than happy to accommodate you. However, for their everyday work, it is best to let them dress how they are most comfortable, They are more productive that way. If your hacker must interact with customers occasionally, or regularly, sit down and have a chat with them about it. Hackers are reasonable people. Unless you are a rude, demanding boss, you and your hacker will be able to work out a compromise.

My hacker occasionally wanders around, or stares blankly at the wall, *insert weird behavior instead of doing work here*, etc. Are they on drugs? Why are they doing this instead of working? What can I do about this? Ok, stop right there. Your hacker is working. He's thinking. Most likely, you've given your hacker a problem to work on. First your hacker will inspect the problem, gather all of the symptoms, what was recently done before the problem developed, etc After that, your hacker must analyze it all. Do not interrupt your hacker. They aren't on drugs. (Your company does do regular random drug screening right? For every employee? This shouldn't even cross your mind.) Your hacker is either listening to loud music, surfing the net, looking blankly at some object, wandering around aimlessly, etc. If you speak to your hacker while they are in this state, they will most likely ignore you unless you get in their field of vision. This is normal. Your hacker is actually thinking more about the problem, picturing what was done to cause the problem, and mentally applying various solutions to the problem, and evaluating what may go wrong with that solution, and it's probable outcome in fixing the problem. This is one of the things that makes your hacker more productive than a standard employee. Once the problem is fixed, feel free to discuss it with your hacker. He will attempt to explain it to you, but it may come out as an abstract explanation that is difficult to understand. Your hacker isn't trying to mislead you. Most hackers don't even realize what they are doing when they are in this extremely deep state of thought.

My hacker regularly misses breaks, and sometimes skips lunch, or takes breaks and lunches at weird times. This seems to be very anti-social. What's going on? Relax! You've probably given your hacker a problem to work on. Your hacker isn't being anti-social. In fact, most hackers are very social people. However, once a hacker gets started on something, they want to keep working on it until it is finished. This is normal behavior. Now I'm not telling you to let your hacker starve either. If you are truly concerned, when you go out to lunch, ask your hacker if they would like something to eat. Most will happily fork over some cash, and cover your gas for this service. You may also want to offer to let them eat at their desk. Don't worry about crumbs and such getting into your computers. Hackers detest such crud in their computers at home. While at work, they tend to view the equipment they are working on as "theirs" as well. It's a personal pride thing. They will take care of your equipment as if it were theirs.

I think I've upset my hacker, or I'm worried about upsetting my hacker. What do I do? Hackers are very different from regular employees. The things that motivate them are very different. Did you give your hacker a simple task to perform, like mundane data entry, or sweeping the floor? This is a good way to tick off your hacker. While you may have been choosing the closest person nearby, your hacker probably viewed it as an insult to their intelligence. They will get extremely bored while performing these tasks. Try not to give your hacker these simple tasks very often, or they will think you are mad at them. Instead, give them challenging things to do. They tend to view this as a reward instead of work. To them, their work is like play time. You can also reward your hacker with a pay raise. However, this can't always be done, depending on company policy, and the financial situation of the company. You can also reward your hacker with other perks, such as giving them old computer equipment that the company no longer uses buying them computer related books, caffeinated beverages, hot pockets, *insert hackers favorite snack food here*. It is generally a bad idea to promote your hacker to a non-technical managerial position. Hackers love hands on work. They will hate you if you force them to manage people instead of working on equipment. However, depending on the hacker, managing people while working on software and equipment is acceptable. That kind of promotion should be discussed with your hacker.

How can I make my hacker more productive? A good start would be to stock your hackers favorite caffeinated beverage in the break room. If cost is an issue, put a vending machine in there. Your hacker will be more than happy to pay a fair price. Most hackers consume highly caffeinated beverages regularly. A few go too far and consume too much however. If that becomes a problem, talk to your hacker about it. Most hackers only go through that issue once, and never repeat the mistake of consuming too much. (it tends to do bad things to the stomach) Hot Pockets, and various other microwaveable snack foods are also another good idea. (see above regarding missing breaks and lunches) Hackers tend to keep weird eating habits, usually due to working on a problem. Allow your hacker to listen to music with headphones. This helps them block out outside distractions. Allow your hacker to decorate their work area (within reason). A hacker is more productive when they feel comfortable. The same thing applies to the clothing issue. Let them be comfortable. You may also want to offer your hacker the option of telecommuting. Most hackers have a certain time of day, night, or somewhere in between where they are more productive. For this reason, hackers are better as being paid as salaried employees. Your hacker may work for 24 hours straight before sleeping. This happens when your hacker gets in their "zone", their mind is on the right track, and things get done very quickly. Having to stop working at a certain time wrecks this process, especially if your hacker usually gets into their zone at the end of their work day.

My hacker speaks to me, and everyone else in management as equals! They don't respect me! What can I do? Typically, the hacker isn't disrespecting you. In fact, they don't see management as above them. They view management as performing a different job within the company. If your hacker speaks to you as an equal, this is generally a compliment from your hacker. If you feel that your hacker doesn't respect you, it is most likely because you haven't shown your hacker any respect. A hackers respect must be earned. It isn't automatically given because of your title. You must get past this if you wish to have a productive business relationship with your hacker. If you feel that your hacker talks down to you, it is most likely because you are talking down to your hacker. This is an easy way to upset your hacker. They do not like to be treated like children. They will also quit because of this. The more stubborn ones will refuse to quit, and instead wait and see how long you'll continue disrespecting them before you either quit or admit you are wrong and change your behavior. Your hacker isn't trying to be your boss. They just want the space to do their job, and to feel that they are respected as a valued employee.

My hacker looks like crap! Are they going to drop dead on me? This is a valid concern. The number one reason they look like this the next day is probably because they have been working on a personal project at home all night, and didn't get any sleep. The fact that they showed up for work is proof enough that they aren't sick. They are just tired. They may also have the standard issues going on in life that your other employees are having. Your hacker will most likely discuss what's going on with you if you politely ask them in a private conversation. Your hacker may also have a sore back, wrist, etc. from working. It is a good idea to get your hacker a comfortable chair if they are sitting at a terminal most of the day. There are also wrist supports that can be purchased that help prevent repetitive stress medical issues. These would be a wise investment for all of your employees, as it will save in health insurance, and missed time at work. If your hacker calls in sick, they are really sick. Remember, your hacker loves their job. Missing work is like missing a vacation. Accusing them of otherwise will only upset your hacker.

I'm afraid my hacker will quit. What do I do? Investigate why they may want to quit. Is it a pay issue? Did they get a better job offer? A better job offer for a hacker may not just include a pay raise. It may also be a chance for them to work on equipment they have always wanted to work on, even if it is at a lower pay. Unless your company plans to upgrade, or offer your hacker enough money to stay, there isn't much you can do about this except to hire another hacker. While you give your hacker technical things to work on, your hacker may be leaving to accept their dream job. For hackers, these are always technical positions, but usually a hacker has one specific area they really enjoy with a passion. In this situation, there is nothing you can do to convince your hacker to stay. If you have treated your hacker fairly, they will leave a notice, an attempt to leave on good terms. Do not attempt to bully your hacker into staying. This is the number one thing that causes ethical hackers to turn criminal. They do it out of self defense. No it isn't right. But it isn't right for you to treat your hacker like crap because they are leaving either. In fact, your hacker may come to the end of his analysis thought process, and either walk out, or sue, depending on how much bullying you are doing. It would be more productive to either have your hacker train another employ on what to do until you hire another hacker, or hire another hacker and have your hacker show them what needs to be done.

In conclusion, depending on the technical aspects of your company, hiring a hacker may be very productive. O hire two so they will have someone to talk to, and relate to. Hackers just have a different set of guidelines to follow when dealing with them. These guidelines aren't set in stone however. Hackers are also people. As such, all people are different, therefore, all hackers are different. Act accordingly. I hope this article has cleared up a few misconceptions about hackers in general. There are also probably many out there that would disagree with me, especially with the categories I set forth above. Your mileage may vary. I welcome anyone to submit an article on the subject with their point of view on the subject. This article reflects my point of view based on personal experiences.

-=databat=-