When most people hear the word ‘hacking,’ their minds go to a scary place of spies trying to break into computers and steal their credit cards. However, in A Hacker’s Mind, security expert Bruce Schneier points out that hacking is really something else. He defines hacking as “Something that a system allows but which is unintended and unanticipated by its designers.” Using this definition, Schneier looks at hacking as a method of creative problem-solving and critical thinking, challenging how one can extend a system’s capabilities beyond its designers’ original expectations.
The heart of hacking lies in its cleverness. Hacks are created by people that know how to manipulate systems in ways that other people (specifically their designers) haven’t thought of. Hacks often result in grudging admiration, like bad puns, and have some element of “Cool—I wish I’d thought of that,” even if it’s something you’d never do.
Security experts like Schneier see the world differently. As a kid he saw an ant farm in a store. Most kids would use this to learn about how an ant community worked. Schneier saw a possible hack. The ant farm came with the housing for the farm, two clear plastic sheets and the sand, but no ants. Customers request ants by mailing in a card with their address. The young Scheier thought, “Wow, I can have this company send a tube of ants to anyone I want.” Writing about computer security for decades, Schneier’s recent work in A Hacker’s Mind extends these concepts beyond digital realms, exploring both the negative and positive aspects of non-computer hacking.
We see negative hacks all the time. Tax loopholes are a good example of real-life negative hacks. Take the example of how Peter Thiel used a Roth IRA to transform a minimal investment into billions, tax-free, exploiting legal but perhaps ethically questionable loopholes. Similarly, the Double Irish with a Dutch Sandwich strategy allowed corporations to dramatically reduce tax liabilities, manipulating international tax laws.
Positively, hacking manifests in innovative thinking that changes entire fields. The forward pass in American football, once an unconventional tactic, revolutionized the game’s strategy and playstyle. In ice hockey, the introduction of curved sticks, initially an unorthodox modification, led to new playing techniques and eventually became standard, with regulations evolving to accommodate this change. The Fosbury Flop in high jumping is another paradigm shift – a unique backward jump technique that replaced the traditional straddle method, significantly improving performance and altering the sport. These are all ways that people have looked at the rules and found loopholes to hack the system.
Schneier teaches cybersecurity policy at Harvard’s Kennedy School. As part of his class he wants his students to teach hacking not just a technical skill, but as a mindset. He does this by telling his students to memorize the first 100 digits of pi in 2 days. At first glance, the task seems impossible, designed to set students up for failure. However, Schneier’s real lesson lies in encouraging students to think like hackers, to find creative loopholes in seemingly impossible challenges. He doesn’t just allow cheating; he expects it, challenging students to outsmart the system without getting caught.
His students come up with diverse and ingenious solutions. One student used invisible ink to jot down the numbers, visible only through special glasses. Another wrote the digits in Chinese trusting that Schneier couldn’t read them. A particularly creative solution involved a student programming his phone to transmit the digits in Morse code through vibrations. This solution was so discreet that he looked like he was computing the solution in his head.
But the exercise goes beyond showcasing students’ cleverness. It highlights an essential truth about hacking: it involves seeing beyond the obvious, questioning norms, and thinking creative way. The real world is filled with digital, social, and legal systems that are ripe for innovative exploration and creative exploitation. Through these exercises, students learn not just about cybersecurity, but about the power of creative thinking in navigating and shaping the world around them.
In A Hacker’s Mind, Bruce Schneier illustrates how hacking is about creative exploration and innovation within any system. His examples range from the whimsical ant farm mail-order hack to transformational sports tactics and complex tax strategies. Schneier paints a world where hacking is crucial for everyone, not just the tech-savvy. Furthermore, he highlights its importance in education, advocating for teaching students to think like hackers. This approach, exemplified in exercises like the pi memorization challenge, encourages creative problem-solving and critical thinking, essential skills in our complex society.
This is part of my ChatGPT experiment. With the help of ChatGPT, I assembled this post in 1:15. That doesn’t include the note taking or asking the questions in ChatGPT. I’m excited about the fact that I can put my thoughts down about a book and share them quickly. It really helps me clarify my thinking much better. For this one, I copied my notes from the Kindle and then put an outline on top of them. Here’s the conversation with ChatGPT.