A hacker is not so much an entity, a being, a title as it is a mentality. Most people are familiar with Tupac the rapper/actor. But I wonder how many people ever looked at him as being a hacker? That’s right. Tupac was indeed a hacker. Evan Carmichael carved out what’s come to be known as Tupac’s Top 10 Rules For Success. From those same 10 Rules I’ve decided to adapt and put together what I call a Hacker’s 10 Rules For Success!
-
Be Outspoken
If you’re truly passionate about hacking and you’re trying to reach people with your message about security, here’s the thing; you can’t shut up. You can’t be quiet about it. But you have to talk from your heart and be real. That passion will bleed over and eventually you’ll have an affect on those you’re trying to reach. Go down paths that have never been traveled before. You will mess up. What’s important is that you learn from these mistakes. Preach hacking like it’s the gospel. Never let it be forgotten because if it’s forgotten then that means people are comfortable. And when people get comfortable, people get hacked.
-
Search For Knowledge
As a hacker, you should be constantly seeking to learn new things. No one knows everything there is to know about IT security. And by all means, always respect the knowledge of other information security specialist. At the same time, if there’s something on your mind, speak it. Don’t be afraid to ask questions in regards to something you don’t agree with or are unsure about. But when answers to those questions are offered you need to listen. Remember: We were created with two ears and one mouth.
-
Humble is Sexy
Geek being the new cool goes right along with humbleness in a hacker being sexy. There’s not too many things in the hacker community that are worse than an arrogant prick boasting about his hacking prowess. Be humble.
-
Share Abundance
I am a firm believer that it is a cardinal sin in the hacking community to hoard knowledge. Just like you should constantly be seeking knowledge, you should likewise constantly be sharing that knowledge as fast as you learn it. It doesn’t do the IT Sec community any good to be hoarding knowledge from the world. After all, that’s why we do this right? Start a blog. A podcast. A YouTube channel. A lot of hackers don’t share what they know out of a feeling that there’s not anything new they’ll be bringing to the table. This is a huge mistake. Everyday there’s an aspiring information technology professional making the decision to become a hacker. There’s always someone who can and will benefit from what you have to share.
-
Spark a change in the world
If you listen to the media you’ll see that all they are doing is leeching off of the hacker community. They’re using hacking for their pain, their sorrow, and for their movies. Every time you turn on the T.V. today you hear something about another hack. “So and so was hacked”, “it was the hackers”, blah, blah. All of the hit television series and big time cinema are including a hacker plot into their episodes to boost the ratings. Now, I’m not saying that hackers are going to rule the world or even change the world but I guarantee that hackers are going to spark the brain that will change the world. And that’s your job as a hacker. To spark someone else that is watching you. You may not be the one (think Neo from the Matrix) but don’t be selfish and think that because you’re not going to be the one to change the world, that you’re not going to talk about how the world should be changed in relation to information security. I don’t know how to hack the world. But I know that if I keep talking about how vulnerable information systems are…somebody’s going to want them secured.
-
Prioritize Opportunities
I had a chat with one of my mentors about all of the different jobs I’d been applying for and kept getting rejected. I told him that I eventually came to the conclusion that if no one else was willing to hire me then I guess I’d just have to hire myself. He told me that some of us are just unhireable and that he couldn’t keep a job longer than a year in most cases. He said that he was just too “entrepreneur” for corporations. Now, I’m not telling you to quit your day job but if you just so happen to find yourself in this situation, you may want to start looking for an opportunity hidden deep within the rejection. Make yourself your top priority and create your own opportunities.
-
Shine
Everybody shines in different things. You may not be the greatest web app or network hacker. Maybe databases are your thing. Maybe you have a natural inclination for social engineering. You have to find what it is that’s your specialization and shine!
-
Talk about problems
As an information security professional, when you see a problem you have to talk about it. Some where along your career you’re going to find yourself occupying a position that isn’t one of IT security and working for a company that doesn’t have security at the top of their list in the day to day operations. You will come across things that, from your experience as a hacker, you know beyond a shadow of a doubt is a problem. Do not keep your mouth shut. Sure, you may be blatantly ignored. You may even be told to not worry about things that isn’t in your job description and to stick to what you’ve been hired for. But that doesn’t mean you stop talking about a problem when clearly there’s a problem.
-
Learn from tough times
If you come into hacking from a situation where audits are handled by automated tools, penetration test are performed by SaaS, and your professional pen test chops were earned by passing a series of multiple choice questions, I don’t think that really prepares you for the hacking landscape. As a hacker, you really should want to expose yourself to situations that involve manually testing for vulnerabilities. Seek out pen test certs that emulate real world hacking engagements and require the candidate to successfully compromise a system in order to be considered certified. These things are going to be tough. But it will be a toughness that you can learn from and that will prepare you for the real deal.
-
Do something
What it all boils down to is that we have to survive. We have to protect our information infrastructures from those who seek to destroy it. So you, if you call yourself a hacker, do something!
That’s all I have. Hack on, gents!
Inspirational sources for this post can be found here.
