Although hacker has many definitions, we believe most people asking this question are interested in malicious coding. Computer Hope does not teach or condone cracking, stealing, breaking, or otherwise illegal cyber activity. However, a hacker may also be defined as someone with an advanced understanding of computers and programming. If you want to learn more about this side of hacker, see the suggestions below.
Learn more about computers
Computer basics - Having a good understanding of a computer, its components, and how it works is essential for anyone, not just hackers.
Books - Make it a goal to read computer books that cover your interests. Visiting popular online bookstores, such as Amazon, and browse through the top 100 books on your subject is a great place to start. Audible has an enormous selection of e-books, if you prefer that method of reading.
Online news - Visit the Computer News pages at least a few times weekly to keep up with all the latest computer news. Visit our computer news links for a list of great news sites.
Participate in forums - The Internet is full of online forums, where thousands of other users participate with each other in answering questions or talking about what they love to do. Participating in these forums will not only allow you to test your understanding of the subject, but also learn from others. A great example of an online forum would be theComputer help forums.
Build a computer - If you want to learn more about the hardware aspect of a computer, there is nothing more educational than putting one together. Not only will this help broaden your knowledge of computer hardware, but can help with diagnosing hardware problems, and teach you more about how computers work. There are plenty of websites with instructions on how to build your own machine.
Pick up a programming language
Learning how software works by studying a programming language is an invaluable tool. It teaches you how to create your own programs, and how to debug them. It also gives you a better understanding of how programs work. Our programming language definition lists many of the more popular programming languages.
Also, learning scripting languages such as Perl and PHP and even the basics of HTML web design, are advantageous for anyone interested in setting up and tweaking websites.
If you need more experience with programming, creating your own open source project or helping with another open project can be a helpful learning experience. Creating your own website can also be another great learning experience as it shows the details behind website design and setup.
Learn alternative operating system
Many people today run some version of Microsoft Windows, which is fine for home and office use, but it is also a good idea to learn alternative operating systems such as Linux. Learning a Linux distro not only helps broaden your experience, but is a necessity when wanting to navigate Linux based servers running websites and other web services.
Tip: If you have access to a server that is hosting your website, you may have access to SSH, which allows you to connect to a server and is another good way to learn the Linux command line.
If you are new to Linux, Ubuntu is a good distro for new users to try. This distro of Linux can also be run by booting it off of a CD. However, if you want a full experience, it is better to install Ubuntu or another distro on the computer.
Ethical hacking and ethical hacker are terms used to describe hacking performed by a company or individual to help identify potential threats on a computer or network. An ethical hacker attempts to bypass system security and search for any weak points that could be exploited by malicious hackers. This information is then used by the organization to improve the system security, in an effort to minimize or eliminate any potential attacks.
What constitutes ethical hacking?
For hacking to be deemed ethical, the hacker must obey the following rules:
Expressed (often written) permission to probe the network and attempt to identify potential security risks.
You respect the individual's or company's privacy.
You close out your work, not leaving anything open for you or someone else to exploit at a later time.
You let the software developer or hardware manufacturer know of any security vulnerabilities you locate in their software or hardware, if not already known by the company.
The term "ethical hacker" has received criticism at times from people who say that there is no such thing as an "ethical" hacker. Hacking is hacking, no matter how you look at it and those who do the hacking are commonly referred to as computer criminals or cyber criminals. However, the work that ethical hackers do for organizations has helped improve system security and can be said to be quite effective and successful. Individuals interested in becoming an ethical hacker can work towards a certification to become a Certified Ethical Hacker, or CEH. This certification is provided by the International Council of E-Commerce Consultants (EC-Council). The exam itself costs about $500 to take and consists of 125 multiple-choice questions in version 8 of the test (version 7 consisted of 150 multiple-choice questions).
Topal.com is one of the top web site which writes on web application security research. Here is post written by GERGELY KALMAN - Security specialist about
"10 Most Common Web Security Vulnerabilities"
For all too many companies, it’s not until aftera breach has occurred that web security becomes a priority. During my years working as an IT Security professional, I have seen time and time again how obscure the world of IT Security is to so many of my fellow programmers.
An effective approach to IT security must, by definition, be proactive and defensive. Toward that end, this post is aimed at sparking a security mindset, hopefully injecting the reader with a healthy dose of paranoia.
In particular, this guide focuses on 10 common and significant web security pitfalls to be aware of, including recommendations on how they can be avoided. The focus is on the Top 10 Web Vulnerabilities identified by the Open Web Application Security Project (OWASP), an international, non-profit organization whose goal is to improve software security across the globe.
A little web security primer before we start – authentication and authorization
When speaking with other programmers and IT professionals, I often encounter confusion regarding the distinction between authorization and authentication. And of course, the fact the abbreviation auth is often used for both helps aggravate this common confusion. This confusion is so common that maybe this issue should be included in this post as “Common Web Vulnerability Zero”.
So before we proceed, let’s clearly the distinction between these two terms:
Authentication: Verifying that a person is (or at least appears to be) a specific user, since he/she has correctly provided their security credentials (password, answers to security questions, fingerprint scan, etc.).
Authorization: Confirming that a particular user has access to a specific resource or is granted permission to perform a particular action.
Stated another way, authentication is knowing who an entity is, while authorization is knowing what a given entity can do.