Hacker Theory: 101

Anyone who has ever sat in front of a computer with the intention of using it has, at least subconsciously, questioned themselves along the following lines:

"What can I do?"
"How do I... ?"
"Why does this... ?"

The first question might not be a recurring one, but it should be. Knowing what you are capable of is very important. Can you process a list of 100 names into mailing labels? Can you send an email? Can you create a website?

The tasks that we perform are the ones that we can perform. The rest are tasks that we will either never take up, or ones that we will abandon in frustration. But those that we are capable of, we do not have to question; when it comes time to use the skills we have, we know what to do. Stating that is being redundant with logic itself, but bear with me.

I don't have to wonder what to do about a lot of things. The reason is not that I understand how to do those things. (I do, and that's nice). The real reason I don't have to wonder how to do a lot of things is that I understand why they work. If I run into a problem with a program somebody else wrote, I know how to get around it a lot of times simply because I know the thinking process that goes into writing such a program.

I'd like you to take that approach. Don't simply question how to send an email. Ask yourself, "Why does this work?" It is tempting to ask yourself how it works, but that's just details. Why, why does this work?

Here's an example to show the difference between those questions:

Lets say you're the newest employee at the United States Mint. You're all stoked about printing money, and of course you're going to be responsible about the whole thing. So, the first question you have is "How do we print money?" You're introduced to machines, inks, computers, papers, fibers, watermarking techniques, and all the rest of the process. (I used to visit the Denver Mint – its very cool to watch!) Eventually, as your experience grows, you fit into the work team there and you begin feeling a bit like a machine yourself. But you know how it works, and that's enough to get the job done.

Now, back up a moment and look outside the boxed-in view of that fictional day job. Before you were introduced to how the process works, people had to invent the process. They had to make the machines. Somebody had to design the money, and somebody had to approve the design. Efforts were made to ensure the uniqueness and security of not only the process, but of the resulting product as well. On the other end of the spectrum, downstream from you are millions of businesses, customers, counterfeiters, and FBI agents spending quite a bit of time handling your product. The customer holds their bills up to the light to look for a watermark. The business owner runs a special marker across a $20 to make sure it is real. The counterfeiter does their best to imitate the whole affair, and the FBI man has to sniff out his criminal substitute. I've heard that the FBI prepares for the investigation of counterfeiting by examining a real dollar bill intensely. They look at the real deal so that they will notice any departure from that pattern when they come across a fraud.

With all this in mind, ask yourself – "Why does this work?" Why does the process, which you've learned to be a small part of, come together into one big functional system?

The answer to most questions in that vein is that people decided to do things in a certain way, successfully tested and implemented that method, and have been able to contain departures from that method at an acceptable level ever since.

I think I'll say that again.

People decided to do things in a certain way, successfully tested and implemented that method, and have been able to contain departures from that method at an acceptable level ever since.

Leaving analogy-land... Most computer users only interest themselves in the middle of that reality – learning how a method has been implemented, and how they can use that method in a routine manner.

Hackers look at the whole she-bang. I'm not just curious in how to repeat a process another guy came up with. I want to know why they chose that method. What other methods could they have chosen? When they tested their method, what were the results? Was this the best way of implementing that method? Could there be improvements? Are there holes in their thinking? Are there holes in there implementation? What departures from this method can and do occur? How are these departures contained? Is it possible to depart from this method in a way that cannot be contained?

As you may begin to see, the simple process of intense examination has already led to questions that raise ethical and even moral questions of their own. That's a discussion for another post, though.