Changer le travail ou changer la société ? : Les hackers entre conformation à l’ordre social et volonté d’innover / Changing workplace or society ? : Hackers between compliance with the social order and the will to innovate

Zufferey, Eric

25 January 2018

Cette thèse vise à interroger le hacking comme source de changement social, voire de subversion de l’ordre social. En mettant en jeu une forme d’autodidaxie et un décloisonnement social entre amateurs, professionnels et militants, il fait espérer des changements dans l’accès aux savoirs, ainsi que dans les manières de penser le rôle de la technologie au sein de nos sociétés. Dans le prolongement d’une sociologie bourdieusienne, l’enquête analyse comment la pratique du hacking s’articule aux instances classiques de la socialisation – famille, amis, institutions scolaires, etc. – et examine quels types de mobilité sociale elle produit. En partant des cas de hackers suisses et français, nous montrons que l’autodidaxie se décline différemment selon l’origine sociale et la trajectoire : elle permet les trajectoires les plus ascendantes lorsqu’elle se combine avec la culture scientifique légitime. En cela, les hackers n’échappent à la pesanteur des rapports sociaux de classes, alors même qu’ils développent une propension à transférer leurs manières d’agir et de penser atypiques dans différentes sphères d’activités. La thèse montre que le travail est la principale cible de leurs investissements. Les succès ou les échecs à innover dans la sphère professionnelle expliquent pour une large part les investissements des hackers dans des activités de loisirs, des associations ou des formes de militantisme. Les implications dans la sphère politique restent limitées et ponctuelles, car y accéder suppose d’autres ressources que celles possédées par les hackers. Mettant en évidence la diversité du hacking, ce travail permet d’appréhender la complexité de ses potentiels impacts sociétaux. / This thesis looks at hacking as source of social change, or even subversion of the social order. Hacking involves self-directed learning and remove social barriers between hobbyists, professionals and activists. Therefore, it raises the hope to renew the access to knowledge and the role of technologies in society. In line with the bourdieusian thought on reproduction of social inequalities, the study analyses how hacking articulate itself with the classical instances of socialization – family, friends, school system, etc. – and how it influences social mobility. By studying Swiss and French hackers, it shows that self-directed learning varies according to social origins and trajectories: it enables upward trajectories when it is combined with the legitimate scientific culture. In this regards, hackers do not escape the weight of social classes’ relations, although they are are willing to transfer their unusual behaviors and thought process across different areas of activities. Workplace is generally their main focus. Along with careerpath, success or failures to innovate in the professionnal sphere are key to understand the hackers’ involvement in leisure activities, associations, or various forms of activism. The participation in the political sphere is limited because hackers usually do not have the proper ressources. By highlighting the complexity of hacking, the thesis proposes a better understanding of its potential societal impacts.

Hacking

303.484

Building an Ethical Hacking Site for Learning and Student Engagement

Lehrfeld, Michael, Guest, Phillip

07 July 2016

This research investigates the use of build-your-own capture the flag ethical hacking simulations to help learners engage and understand penetration testing methodologies. Students in a senior level ungraduated ethical hacking class were tasked with the development of a capture the flag platform that scored participants' progress while exploiting a vulnerable web site. Remediation of the found vulnerabilities was also demonstrated to illustrate secure coding best practices. This work chronicles the development of one of the CTF platforms and the process used to develop it.

hacking

hacking competition

security

student engagement

Examination of hacking and blunt force skeletal trauma

Peace, Breana

11 October 2019

The present research examines the effects of multiple different implements on long bones to determine if there is a point at which blunt force trauma becomes distinguishable from hacking trauma. Limb bones of the white-tailed deer (Odocoileus virginianus) were used in this research as a substitute for human bone. In addition to the use of purchased tools, seven of the implements used in the present research were created and designed to imitate the size and impact angle of other surfaces possibly found in hacking and blunt force trauma. A hacking machine was used to inflict trauma on the long bones at a consistent, controlled level of force. The resulting trauma was then photographed and analyzed to determine if there is a macroscopically distinguishable point at which an implement will inflict characteristics of blunt force trauma, with no visible hacking trauma characteristics. The analytical observations of the trauma involved scoring for elements such as hacking characteristic appearance as well as the amount of fracturing and fragmentation. The author hypothesized that when the angle of the implement’s striking surface reaches 60 degrees, the trauma would consist of blunt force characteristics and not of hacking characteristics, and a V-shaped kerf would cease to appear. The author also hypothesized that there would be an increase in comminuted fractures in more blunt blade angles, while hacking trauma would exhibit more transverse and oblique fractures. The present study found that there was a statistically significant relationship between the composite hacking scores and the blade angles (the striking surface of the implement), with a p-value of 0.011. The author concluded that blunt force trauma and hacking trauma can be distinguished by the composite hacking scores, with a score of one indicating blunt force implements and scores of three or four indicating hacking implements. The entrance widths of the impacts also had a statistically significant relationship with the implement blade angles, with a p-value of 0.037. When the elements were bisected as a result of the impact, the data generated was characterized into having bisected into three identifiable fragments or a minimum of four identifiable fragments. With regards to the data for elements with three identifiable fragments, it was found that there was a statistically significant relationship between fragmentation and the implement blade angle, with a p-value of 0.036. When examining the visibility of a V-shaped kerf in the bones, the author concluded that there is a statistically significant relationship between the blade angles and the visibility of these kerfs, with the visibility decreasing around the 60 blade angle (p-value = 0.003). With regards to the fracture patterns, there was a correlation between the appearance of transverse fractures, with a decrease in more blunt blade angles (p-value = 0.004). Additionally, the author discovered a correlation between clean cut impact site appearances and smaller blade angles, as well as with crushing and fragmentation correlating to more blunt blade angles. The data from this research should assist in establishing guidelines to determine the type of trauma inflicted in forensic cases of hacking trauma and blunt force skeletal trauma.

Forensic anthropology

Hacking

Trauma

Počítačová kriminalita / Computer criminality

Vyhnálek, Aleš

January 2007

Diploma thesis characterises the most important kinds of computer crime, economically evaluates incurred harms, presents factual examples and a prognosis of the possible way of developement of this kind of crime in the future. Thesis includes legislation regarding the computer crime and possible ways of defending against it. In the end, in the form of a questionary, the thesis monitors the knowledge of students of the Faculty of management in Jindřichův Hradec about the field of computer crime and interprets these results using graphs.

Samhällskonsekvenser av bristande IT-säkerhet

Stenberg, Jan-Ola, Mujanovic, Erko, Stehn, Frank

January 2012

Antalet företag, organisationer och instanser vars IT-system utsätts för attacker ökar. Något som märks trots att det försöker mörkläggas inom många organisationer. Myndigheter som Polis och Myndigheten för samhällsskydd och beredskap samt IT-personal inom de flesta företag är alla överens om att detta är ett växande problem som måste ses över. Konsekvenser av läckage av känsliga uppgifter kan vara förödande för ett företag, myndighet eller ett helt samhälle. En hel nations demokrati kan hotas av bristande IT-säkerhet och misstro till staten. Görs det tillräckligt för att upprätthålla en säker hantering av känsliga uppgifter och säker kommunikation från alla parter i dagens IT-samhälle? Tar alla sitt ansvar för att bibehålla demokratin vi lever i? Avsätter företagsledningarna på våra svenska företag de resurser som krävs för att IT-säkerheten ska kunna hålla jämn takt med den snabba utveckling i branschen? Tar våra mindre företag sitt ansvar genom att arbeta med IT och informationssäkerhet, trots oförmågan att se sig själva som mål för en attack, eller tillhandahåller de bakdörrar som kan användas av kriminella för att komma åt större företag? / The number of companies, organizations and agencies whose IT systems are under attack increases. This is evident even though many organizations tries to hide it. Authorities like the Police, MSP and IT staff in most companies all agree that this is a growing problem that must be reviewed. The consequences of leakage of sensitive data can be devastating to a company, government agency or an entire community. An entire nation's democracy can be threatened by lack of IT security and mistrust of the state government. Is there enough to sustain the safe handling of sensitive data and secure communication of all parties in today's IT community? Does everybody take responsibility to maintain the democracy we live in? Do the managements of our Swedish companies allocate the resources needed for IT security to be able to keep pace with the rapid developments in the industry? Do our smaller businesses take responsibilities by working with IT and information security, despite the inability to see themselves as the target of an attack, or do they provide a backdoor that can be used by criminals to gain access to larger companies?

IT-säkerhet

Samhälle

Riskanalys

Hacking

Hacking for peace: the case for cyber coercion

Kemmer, Tara A.

15 September 2021

Are cyber capabilities a useful method for coercive diplomacy? If so, what conditions favor successful cyber coercion to produce a desired victim response? This research explores how cyber coercion can be used as a tool of statecraft to change an adversary’s behavior and examines two cases over three temporal values. Examining the two cases of North Korea versus Sony and Russia versus Estonia illustrates practical lessons about the constraints and abilities of the employment of cyber coercion as well as how victim responses operate on a spectrum and can change over time. In examining George’s seven factors that favor coercive diplomacy and applying them to these cases, this research reveals four additional factors that ought to be included when addressing the dynamics that contribute to a victim changing their behavior in response to cyber coercion. The difference between a low-level attack (e.g. web defacement) compared with a high-level attack (e.g. paralyzing backbone servers) communicates two vastly different levels of threat to a victim and incurs extremely different costs for the victim. These technical aspects of cyber statecraft and their ramifications for cyber coercion are not covered by George’s earlier works on coercive diplomacy, as few people in the 1990s were even considering cyber as a threat landscape. This research does not provide one generalizable theory of how to conduct cyber coercion; rather, it provides a Utilitarian theory that identifies additional factors that favor cyber coercion and contributes to a conditional generalization. Further, it introduces the idea of examining this change in behavior over time to properly assess the impact of cyber coercion on the totality of the victim’s behavior. Extending the time intervals reveals additional critical data necessary to fully analyze the nature of a cyber coercion dyad. Finally, it provides a hybrid method to attain attribution by fusing social science methodology with cybersecurity techniques. Together, this data and method serve to correct the conventional wisdom on two influential cases; this research traces the process that proves why a correction for each case is warranted; and, it shows how the choices an aggressor makes in its cyber coercive strategy can result in different outcomes for the victims.

International relations

Coercion

Cyber

Hacking

Beyond Invention: How Hackers Challenge Memory & Disrupt Delivery

Lockridge, Timothy Alan

26 April 2012

This dissertation uses a case study of 2600: The Hacker Quarterly to consider how the practices of a hacker public might be theorized as a rhetorical activity. The project is contextualized within a history of hacking (building from a narrative that centers on Levy's 1984 book Hackers) and within the arc of recent copyright legislation, specifically the Digital Millennium Copyright Act (DMCA) and the 2011-12 Stop Online Piracy Act (SOPA) debates. Within this framework, the dissertation examines how specific patterns and cases within 2600 might further our understanding of the rhetorical canons of memory and delivery and of dissent in digital spaces. Specifically, the project presents three practices of memory at work in 2600: Aggregating, Fingerprinting, and Narrating. Drawing on the work of Collin Gifford Brooke and Mary Carruthers, among others, the dissertation examines how texts printed in 2600 present memory not as an inert technology but rather as a practice and a pedagogy—a response to the increasing commercialization of technology. The dissertation then uses Jim Porter's techne of digital delivery to analyze three specific moments in 2600's history (the 1985 U.S. Government raid on New Jersey hackers, the E911 lawsuit, and the DeCSS narrative), illustrating how our spaces of textual production have become increasingly regulated and commercialized and considering how that regulation/commercialization affects our understanding of ownership, circulation, and the public sphere. Building on Michel de Cereteau's concept of strategies and tactics and Michael Warner's theory of (counter)publics, the dissertation ultimately argues that a history of hacker publics offers one way to reconceptualize and reintegrate theories and technologies of digital circulation into our scholarly work and curricular goals. / Ph. D.

Circulation

Hacking

Distribution

Memory

Delivery

Business Hacking

Villegas, Manuela

20 September 2021

El business hacking como marco en la transformación empresarial tangible, medible y sontenible. La digitalización y las altas expectativas de los consumidores están cambiando radicalmente la forma en que interactuamos, y las organizaciones que saben cómo gestionarlo tendrán éxito. El marco de business hacking tiene como objetivo hacer que la transformación sea tangible y medible, haciendo que el cambio sea sostenible y encontrando nuevas formas de optimizar la cultura y el impacto empresarial. pasando por todo un modelo accionable de adquisiciòn y retenciòn basado en medios digitales

Business Hacking

Si señor

Digitalización

How to hack Growth… : En kvalitativ studie för att bidra till förståelse av begreppet Growth Hacker Marketing samt hur det används

Cadjo, Nellie, Cornéer, Clara

January 2022

Growth Hacker Marketing is a relatively new concept that has emerged as the digitalization and the development of the internet occurred. The purpose of the study is to gain an understanding of the meaning of GHM and how it is used, a concept that is widely applied in the marketing industry but not as widespread in theory. The study has been carried out with a qualitative deductive approach, which means that it is based on the investigated theories, continues to the empirical data in the terms of interviews and then lands in the analysis. The study also shows that a growth hacker that works data driven and with the help of tracking tools, achieves growth for the organization, something that is fundamental within GHM. The growth hacking funnel, which is a method within the subject, is widely used by the investigated companies, however, the explicit term is not necessarily applied. The results also show that the work process within GHM can look different depending on the specific organization and its activities, for example if the company works B2B or B2C. In summary, there are both some similarities and differences regarding the meaning of GHM between theory and empiricism, which could be due to the gap between the academic world and marketing industry.

Growth Hacker Marketing

Growth Hacking

The Growth Hacking Funnel

The Growth Hacking Process

Business Administration

Företagsekonomi

Playing against the grain : rhetorics of counterplay in console based first-person shooter videogames

Meades, Alan Frederick

January 2013

Counterplay is a way of playing digital games that opposes the encoded algorithms that define their appropriate use and interaction. Counterplay is often manifested within the social arena as practices such as the creation of incendiary user generated content, grief-play, cheating, glitching, modding, and hacking. It is deemed damaging to normative play values, to the experience of play, and detrimental to the viability of videogames as mainstream entertainment products. Counterplay is often framed through the rhetoric of transgression as pathogen, as a hostile, infectious, threatening act. Those found conducting it are subject to a range of punishments ranging from expulsion from videogames to criminal conviction. Despite the steps taken to manage counterplay, it occurs frequently within contemporary videogames causing significant disruption to play and necessitating costly remedy. This thesis argues that counterplay should be understood as a practice with its own pleasures and justifying rhetorics that problematise the rhetoric of pathogen and attenuate the threat of penalty. Despite the social and economic significance of counterplay upon contemporary videogames, relatively little is known of the practices conducted by counterplayers, their motivations, or the rhetorics that they deploy to justify and contextualise their actions. Through the use of ethnographic approaches, including interview and participant observation, alongside the identification and application of five popular rhetorics of transgression, this study aims to expose the meanings and complexities of contemporary counterplay. It examines counterplayer testimonies that articulate the practices and rhetorics underpinning the creation of incendiary user generated content, grief play, glitching, modding, and hacking on the Xbox 360 platform in particular. This study represents a contribution to the field of game studies in an area so far underresearched, offering voice to a previously silent demographic, that of counterplayers. In focussing upon their practices, communities and motivations, this study challenges the framing of counterplay as reductively oppositional or hostile. Instead, counterplay is shown to be an act of seduction, a means of articulating identity, status and recognition, as an expression of hacker ideology, and as a re-engagement with the carnivalesque. These meanings, in addition to the rhetoric of pathogen, offer an expanded image of counterplay and the counterplayer that highlights the significance of counterplay within the context of contemporary popular and youth culture.

700