10 Media Players(console) for Linux

CMus
This is one of the best, feature-rich players for console. Build using ncurses and thus offering a text user interface, CMus has several view modes, organizes your music by artist/album, provides playlists and a library view, a filebrowser, it allows searching, Last.fm/Libre.fm scrobbling via this script, and it uses Vi-like keyboard shortcuts. A complete review can be found here and a guide to using it here.
Homepage

CMus is a powerful, feature-rich music player for the terminal which uses the ncurses library

mp3blaster
mp3blaster is one of the most popular music players for the terminal out there. It uses the ncurses toolkit, and has features like grouping of tracks, playlists, shuffle and repeat modes.
Homepage

MOC
MOC stands for Music on Console and it is a twin-panel music player with the file browser to the left and the playlist to the right. MOC is built upon ncurses and allows shuffle, repeat, volume control.
Homepage

MOC running in Ubuntu 11.10

Herrie
Another ncurses-based music player for the terminal, Herrie is a minimalistic player that comes with playlists, support for various audio files, including Ogg and MP3, jump to next/previous song.
Homepage

mplayer
This is mplayer, the famous video/audio player and converter. However MPlayer can also be used as a command-line audio player, and it supports all the formats out there, including Ogg, FLAC, MP3 or WAV.
Homepage

SoX
Self-described as “Sound eXchange, the Swiss Army Knife of audio manipulation”, SoX is actually a powerful command-line audio manipulation tool which can also be used as a music player, using the command play music_file.
Homepage

PyTone
Written in Python, PyTone is yet another command-line audio player. Simple and clean, it supports formats like MP3 or Ogg.
Homepage

PyRadio
Another program written in Python, PyRadio is able to play Internet radio inside the terminal. To use it, download it from here, unzip the archive and then run the ./pyradio script.
Homepage

With preselected stations, PyRadio is able to play Internet radio inside a terminal

ogg123
This little command-line tool is included in the vorbis-tools package and is able to reproduce Ogg and FLAC. It’s very basic, yet very fast and useful for quickly listening to songs which are encoded in a free format.
Homepage

mpg123
Just as ogg123, only that mpg123 plays the MP3 format.

Advertisements

Android antivirus freeware useless

According to a study released last Thursday, German security institute AV-Test said out of the seven popular free antivirus it tested–namely Zoner AntiVirus Free, Bluepoint Antivirus Free, Kinetoo Malware Scan, Privateer Lite, Antivirus Free by Creative Apps, GuardX Antivirus and LabMSF Antivirus betat–only Zoner AntiVirus Free achieved a “respectable result” in detecting 8 of 10 malware samples.

Another three–BluePoint, Kinetoo and Privateer Lite–managed to catch one malicious app while the rest failed completely, the report noted.

By comparision, the two paid antivirus apps tested–F-Secure Mobile Security and Kaspersky Mobile Security–spotted at least 50 percent of all malware samples, it added.

The malware samples were used because they were the most frequently identified virus picked up by the institute’s analysis system, which uses 30 scanners to analyze the installation packages, AV-Test stated. The apps were run on a Samsung Galaxy Tab running Android 2.2.1 for the test. Quoting figures from Google, the report stated that 45.3 percent of total devices run on Android Froyo 2.2 as of Oct. 3, 2011.

“The number of installations, which is given on the Android Market Web site, shows that many users trust these free apps, although they do not offer a reliable protection,” said the report’s co-authors Hendrik Pilz and Steffen Schindler.

Among the free antivirus tested, Antivirus Free had the most installed base, which stands at between 1,000,000 and 5,000,000, and was rated 4.5 out of 5 based on 41,375 ratings by users. Even the two with the least installed base of between 1,000 and 5,000–LabMSF and Privateer Lite–were rated 4.3 out of 16 ratings and 4.5 out of 28 ratings, respectively.

Both Pilx and Schindler spoke out against downloading these freeware however, saying it endangers users.

“The circulation of obviously near to useless security apps endangers those who trust them and install [these] apps from third-party app markets without further suspicion,” they stressed.

One Android user ZDNet Asia spoke to, Max Yam, admitted he had not installed any antivirus on his Android handset, adding that the awareness of antivirus for mobile phones is still low.

The Singapore-based designer also said while he is not sure if free Android antivirus are less secure, he would purchase an antivirus software if it costs less than US$5.

HTML5 and Mobile Web

By forcing Web developers, and ultimately Adobe, out of the Flash business, Apple made HTML5 apps better. That’s good for Safari users, but it’s also good for users on other Web platforms, like Android. If there’s a truly good universal platform for online apps, it stands to reason that the smart developer will build apps for it, since this way the app will be available to the largest number of users. Right?

Furthermore, now that Adobe has HTML5 religion, the company is releasing high-quality HTML5 developer tools, migrating its Flash developers over to the new platform. So we should be about to see a flood of new Web-based mobile apps.

All this appears to be just as Apple intended: Steve Jobs’ campaign to rid the world of Flash is succeeding. The Web is getting better apps and the Web-browsing experience on Apple’s mobile devices is getting better.

But this could be bad news for Apple’s lucrative App Store business. While Apple takes a 30 percent cut of all app sales through its store (still the only way for consumers to get apps), Apple gets 0 percent of “Web apps” loaded up through the browser. The better HTML5 gets, the less developers will write apps, less money Apple will make, and the less unique the iPhone and iPad will be.

I talked with the CEO of a Web company who is excited about the advances in HTML5 because he sees a future in which the devices and operating systems are on the same level. It’s a world where new products, like Microsoft Windows phones, can come along and be instantly competitive. And where companies like his can have a shot at dominance in their market niche after building only one app, the HTML5 version.

In other words, Apple, in pushing the world toward HTML5, is killing its own golden goose.

Or is it?

The counter argument comes from another CEO, one who’s built a successful business around both Web services, and software for mobiles and traditional computers. He says that apps are here to stay, because the “lowest common denominator” strategy (using the Web) doesn’t cut it for developers ultimately, nor for consumers, and most importantly not for the tech megaliths behind mobile operating systems: Apple, Google, and Microsoft.

The challenge for apps developers, my source explains, is getting their apps seen for more than a fleeting moment. For those making Web apps, there’s just no good way. Even a good review of a Web app on a popular site has only a temporary impact. The way to get your app in front of potential customers, time and again, is to get it featured in an app store.

You do that by building an app that highlights its unique hardware capabilities–the features that the hardware company is using to sell the product. These will likely be features that you can’t access today, or in the foreseeable future, with a Web app. This isn’t because HTML5 won’t advance, but because the device and OS manufacturers will always do their best to keep their products somewhat ahead of the lower-common-denominator Web platform. It is how they sell products.

So if you make a mobile app, you want to feed into that trend, because it will feed you.

And what about HTML5? It’s good for apps that don’t depend on the app stores for sales. The means enterprise apps, essentially. HTML5 has its place in consumer apps, too, including inside many successful mobile apps. But not for the core features or the main UI.

Relying on HTML5 to quickly get to broad compatibility across the mobile landscape is a trap, my guy says. To succeed, you need to tackle each platform separately. In fact, he says, you might want to build apps that only work on the latest and greatest version of a phone, and intentionally not on previous models. Yes, fewer people will be able to use it. But everyone who buys the new toy will. The more your app makes the hot new hardware look good, the more it’ll get promoted by the hardware or OS manufacturer. That can give your app presence it could not otherwise get. Once your product is succeeding on the brand-new hardware, you can start adapting it to other platforms.

Try to conquer the entire mobile world at once and you’ll have no marketing partners. Or, put more starkly: It’s hard to win when nobody loses.

Testing web applications – Selenium WebDriver

Mobile testing has come a long way since the days when testing mobile web applications was mostly manual and took days to complete. Selenium WebDriver is a browser automation tool that provides an elegant way of testing web applications. WebDriver makes it easy to write automated tests that ensure your site works correctly when viewed from an Android or iOS browser.

For those of you new to WebDriver, here are a few basics about how it helps you test your web application. WebDriver tests are end-to-end tests that exercise a web application just like a real user would. There is a comprehensive user guide on the Selenium site that covers the core APIs.

Now let’s talk about mobile! WebDriver provides a touch API that allows the test to interact with the web page through finger taps, flicks, finger scrolls, and long presses. It can rotate the display and provides a friendly API to interact with HTML5 features such as local storage, session storage and application cache. Mobile WebDrivers use the remote WebDriver server, following a client/server architecture. The client piece consists of the test code, while the server piece is the application that is installed on the device.

Get Started

WebDriver for Android and iPhone can be installed following these instructions. Once you’ve done that, you will be ready to write tests. Let’s start with a basic example using http://www.google.com to give you a taste of what’s possible.

The test below opens http://www.google.com on Android and issues a query for “weather in san francisco”. The test will verify that Google returns search results and that the first result returned is giving the weather in San Francisco.

 public void testGoogleCanGiveWeatherResults() { 
 // Create a WebDriver instance with the activity in which we want the test to run. 
 WebDriver driver = new AndroidDriver(getActivity()); 
 // Let’s open a web page 
 driver.get("http://www.google.com"); 
 // Lookup for the search box by its name 
 WebElement searchBox = driver.findElement(By.name("q")); 
 // Enter a search query and submit 
 searchBox.sendKeys("weather in san francisco"); 
 searchBox.submit(); 
 // Making sure that Google shows 11 results 
 WebElement resultSection = driver.findElement(By.id("ires")); 
 List<WebElement> searchResults = resultSection.findElements(By.tagName("li")); 
 assertEquals(11, searchResults.size()); 
 // Let’s ensure that the first result shown is the weather widget 
 WebElement weatherWidget = searchResults.get(0); 
 assertTrue(weatherWidget.getText().contains("Weather for San Francisco, CA")); 
} 

Now let’s see our test in action! When you launch your test through your favorite IDE or using the command line, WebDriver will bring up a WebView in the foreground allowing you to see your web application as the test code is executing. You will see http://www.google.com loading, and the search query being typed in the search box.


We mentioned above that the WebDriver supports creating advanced gestures to interact with the device. Let’s use WebDriver to throw an image across the screen by flicking horizontally, and ensure that the next image in the gallery is displayed.

 WebElement toFlick = driver.findElement(By.id("image")); 
// 400 pixels left at normal speed 
Action flick = getBuilder(driver).flick(toFlick, 0, -400, FlickAction.SPEED_NORMAL) 
 .build(); 
flick.perform(); 
WebElement secondImage = driver.findElement(“secondImage”); 
assertTrue(secondImage.isDisplayed()); 

Next, let’s rotate the screen and ensure that the image displayed on screen is resized.

 assertEquals(landscapeSize, secondImage.getSize()) 
((Rotatable) driver).rotate(ScreenOrientation.PORTRAIT); 
assertEquals(portraitSize, secondImage.getSize()); 

Let’s take a look at the local storage on the device, and ensure that the web application has set some key/value pairs.

 // Get a handle on the local storage object 
LocalStorage local = ((WebStorage) driver).getLocalStorage(); 
// Ensure that the key “name” is mapped 
assertEquals(“testUser”, local.getItem(“name”)); 

What if your test reveals a bug? You can easily take a screenshot for help in future debugging:

 File tempFile = ((TakesScreenshot) driver).getScreenshotAs(OutputType.FILE); 

High Level Architecture


WebDriver has two main components: the server and the tests themselves. The server is an application that runs on the phone, tablet, emulator, or simulator and listens for incoming requests. It runs the tests against a WebView (the rendering component of mobile Android and iOS) configured like the browsers. Your tests run on the client side, and can be written in any languages supported by WebDriver, including Java and Python. The WebDriver tests communicate with the server by sending RESTful JSON requests over HTTP. The tests and server pieces don’t have to be on the same physical machine, although they can be. For Android you can also run the tests using the Android test frameworkinstead of the remote WebDriver server.

Infrastructure Setup

At Google, we have wired WebDriver tests to our cloud infrastructure allowing those tests to run at scale and making it possible to have them run in our continuous integration system. External developers can run their mobile tests either on emulators/simulators or real devices for Android and iOS phones and tablets.
Android emulators can run on most OSes because they are virtualized, so we run them on our generic cloud setup. Though there are many advantages to using Android emulators because they emulate a complete virtual device (including the virtual CPU, MMU, and hardware devices), it makes the test environment slower. You can speed up the tests by disabling animations, audio, skins, or even by running in the emulator headless mode. To do so, start the emulator with the options –no-boot-anim, –no-audio, –noskin, and –no-window. If you would like your tests to run even faster, start the emulator from a previously created snapshot image. That reduces the emulator startup time from 2 minutes to less than 2 seconds!
iOS simulators can’t be virtualized and hence need to run on Mac machines. However, because iOS simulators don’t try to emulate the virtual device or CPU at all, they can run as applications at “full speed,” this allows the test to run much faster.
Stay tuned for more mobile feature in Selenium WebDriver, and updates on the Selenium blog. For questions and feedback not only of the Android WebDriver but also its desktop brethren, please join the community.

jQuery and Ajax Error Handling

Website development duties were once assigned to different individuals with two distinct roles: A designer focused on the all matters related to the front-end HTML and CSS, and a developer was responsible for the server-side code. JavaScript’s meteoric rise to first-class citizen status has blurred these traditional lines, forcing developers into what was once considered taboo territory. The results have been spectacular, with frameworks such as jQuery significantly streamlining JavaScript’s often unwieldy native syntax, and programming techniques such as Ajax bringing highly responsive user interfaces to the browser. The marrying of jQuery and Ajax has been particularly impactful, providing developers with a powerful solution to the problem of asynchronously interacting with and updating parts of a web page.

Despite all of jQuery’s strengths, incorporating Ajax-driven features into web applications can be a frustrating endeavor, due in large part to the challenges of determining where exactly in the process things go awry. Did an error occur in the browser? What about during the transmission of data between client and server? Or perhaps within the server-side code? These are all possibilities developers need to consider when problems arise.

If you struggle with diagnosing and resolving Ajax errors, try these error detection and resolution techniques and technologies.

Native jQuery Error Detection

The vast majority of Ajax-related errors will come as a result of malformed JSON or server-side issues that generate a 404 (not found) or 500 (internal server error) response code. Despite this fact, you’ll often encounter code like this:

$(document).ready(function () {

  $.ajax({
    url: 'http://localhost/api/products/list',
    type: 'GET',
    dataType: 'json',
    success: function() {
      // Receive and format data
    }
  });

});

This snippet performs a straightforward Ajax GET request, contacting a URL and expecting the returned data to be formatted using JSON. Yet upon execution, suppose the returned data isn’t output to the browser as dictated by the success callback, leaving one wondering what caused the problem. A glance at Firefox’s error console doesn’t indicate any JavaScript syntax errors, and you’ve already thoroughly tested the server-side script’s JSON output. So what’s the problem?

As it turns out, the problem could be that the script is simply pointing to a nonexistent server resource, producing a 404 error rather than the desired output. Fortunately, error detection is easy to integrate thanks to the statusCode setting:

$.ajax({
  url: 'http://localhost/api/products/list.php',
  type: 'GET',
  dataType: 'json',
  statusCode: {
    404: function() {
      $("#response").html('Could not contact server.');
    }
  },
  success: function() {
    // Receive and format data
  }
});

You can detect and handle additional server status codes as well simply by following the same pattern:

statusCode: {
  404: function() {
    $("#response").html('Could not contact server.');
  },
  500: function() {
    $("#response").html('A server-side error has occurred.');
  }
},

Detecting Data Errors

With commonplace 404 and 500 errors handled, it makes sense to next account for errors that occur due to malformed JSON formatting. Suppose the aforementioned http://localhost/api/products/list.php URL does indeed exist, and is intended to return a list of products formatted using JSON. A properly functioning PHP script (although simplified for the purposes of this tutorial) might look like this:

<?php

  $products[] = array (
    array (
      "name"         => "Stylish Wallet",
      "price"        => "12.99",
      "manufacturer" => "European Limited"
    ),
    array (
      "name"         => "Pleather Shoes",
      "price"        => "37.99",
      "manufacturer" => "Hungarian Imports"
    )
  );

  echo json_encode($products);

?>

But suppose that in the API developer’s haste he accidentally erased the <?php delimiter, causing the entire PHP script to be returned to the client rather than just the desired JSON payload. As with the previous example, lack of proper error handling logic would make this problem difficult to detect, particularly if you aren’t privy to the inner workings of the server-side API. One easy way to account for such unexpected errors is through the error callback:

$.ajax({
  url: 'http://localhost/openlogic/list.php',
  type: 'GET',
  dataType: 'json',
  statusCode: {
    404: function() {
      $("#response").html('Could not contact server.');
    },
    500: function() {
      $("#response").html('A server-side error has occurred.');
    }
  },
  error: function() {
    $("#response").html('A problem has occurred.');
  },
  success: function() {
    $("#response").html('Success!');
  },
});

Reviewing Network Traffic and JSON with the Firebug Console

In addition to these programming techniques, a useful tool that can provide developers with keen insight into the HTML, CSS, JavaScript, and network activity associated with a web page is the Firebug Firefox extension. One particularly useful feature is its ability to monitor both outbound and inbound requests, including the request and response headers and payload. This capability can be indispensable for providing quick answers to the questions we posed earlier in this article, because you can peer right into the behavior and characteristics of each leg of the Ajax request/response process.

After installing Firebug, you have access to a new console window that allows you to examine all the requests that occurred in the process of loading a web page, as depicted in Figure 1.

Viewing all requests associated with a web page

Clicking on the Headers tab provides information about the nature of the request, as shown in Figure 2.

Learning more about the nature of the Ajax request

Clicking on the Response tab provides more information about the associated response, including the JSON payload, as depicted in Figure 3.

Peering into a JSON-based response payload

This ability to examine each component of the request without having to resort to littering the code with debugging statements is invaluable, and something you’ll use on a regular basis when developing Ajax-based features.

Installing Windows XP/7 from USB drive

In this post w’ll see the procedure of making a bootable USB drive from an image of Windows XP or Windows 7, and installing it on your system.

What you need for this procedure?

USB drive : 1 or 2 or 4 GB is enough.

Windows XP/7 image:  image is copy of a CD can be made or downloaded, image file has extension “.iso” (there are many image files like .img , .uif , .nrg but iso is standard)

Flashboot : is a software which is used to make bootable usb drive.

Procedure  

1. Download and install flashboot. (demo version but works fine)

  http://www.prime-expert.com/flashboot/download.php

2. Download windows XP/7 image from torrent or any other source,( u can also make a image from the bootable CD using  CDBurnerXP or magic iso or magic disk)

3.  follow the procedure shown in the images:

1) Run FlashBoot, click Next


2) Choose CD -> USB in Main Menu


3) Choose CD/DVD drive or image file and click Next


4) Choose “Convert Windows XP/2000 installation CD” from the scenario list and click Next


5) Choose target USB disk (flash, HDD) or image file and click Next


6) Enter volume label or leave it as is and click Next


7) Check summary information and click Next


8) Wait for process completion


9) USB disk is ready for use. Click OK to exit

4.  Now you have a bootable flash drive. Plug it in the computer on which you want to install Windows & reboot.

5. Go to Boot menu (for intel  motherboards, press F10 number of times when computer is starting specifically on the blue Intel screen) and select your USB device from the menu.

6. Follow the procedure given in the screenshots in the  below link(the webpage in the link is heavy,  have patience  ).

http://www.prime-expert.com/flashboot/xpinst_gallery/

be careful while making partitions.

You can also install any linux distro.(like ubuntu, suse,  redhat etc) using same procedure but the software used will be Unebootin.

plz comment if u have any query.

#######################################

Hydra tutorial

Ok, so some of you have been asking how to crack things like FTP/SSH/POP3 etc. Well, here is a quick way to do this for all you Windows users out there, provided you have a decent sized password dictionary. I personally use one of about 3.16GB in size, but for this tutorial I’m only going to use a small password list, just so you get the feel of it. First step, download hydra either from it’s homepage (http://freeworld.thc.org/thc-hydra),

Make sure if you download it from its actual homepage that you choose the Windows version, as that’s what this tutorial is written for. Download the zip file, extract it, and make sure you see the files below:

If you do, that’s good. Go to Start > Run > cmd to open the command prompt. Then change to your hydra folder using the “cd” command. For example my hydra folder was on the desktop, so I did this:

Now that you’ve done this, it’s time to execute Hydra for the first time! Sorry Windows fans, but there is only a GUI for Hydra for Linux systems, you you’re gonna have to do it the old fashioned way. Never thought you’d see that happen did ya? 😛 Just type “hydra.exe” without quotes, and watch the result:

Next, we will do a quick scan to think of some IP’s to attack. I would advise Nmap. You can download it fromhttp://nmap.org – make sure to download the windows installer. Install it. Find out your IP address, so that you know a possible IP range. In the command prompt sessions, type “ipconfig” and watch the results:

In my case, the range is at least 10.1.1.1-4, but I’ll go from 1 to 10 just to be safe. Fire up Nmap and do a ping scan “nmap -sP 10.1.1.1-10” to see what hosts are alive, and wait for the results:

Pick a host to port scan – I picked 10.1.1.1 because it is a router, and for most people the password is generally pretty simple, if not default. Port scan it using something like “nmap -sS -sV -P 0 -T5 -O 10.1.1.1” and see if it’s running any services (click on the “Ports/Hosts” tab at the end for a simpler view of the services running and their ports):

As I’ve indicated by circling, I’ll be attacking the Telnet port because I know that it works, because I know you guys think Telnet is the be-all and end-all of hacking, and because the Windows version of THC-Hydra isn’t compiled with LIBSSH support (unless you did it yourself), and as such I can’t attack SSH – otherwise I’d be doing that instead. It’s so much better. Head back to your command session, and review the output from Hydra before; it tells you the services it can crack. After looking through it, and realising that Telnet definitely is there, we can now proceed to attack it with the command “hydra -l admin -P passlist.txt 10.1.1.1 telnet” as is demonstrated here:

An explanation of the command: -l admin was used because I assumed that the router would have the login of “admin”. You can use username lists as well if you wish. -P passlist.txt specified a password dictionary named “passlist.txt” – make sure to have the -P include the capital P, otherwise you’ll be specifying a password to try. 10.1.1.1 is the routers IP address, and telnet is the protocol we want to attack. Now obviously we could tell it to attack that protocol on a different port, but we won’t bother with that right now unless anyone else wants to see how. My dictionary only included 4 words for the purpose of this tutorial. You can see the cracked password circled at the end (which by the way, isn’t my password for the router, for those of you who know how to get my IP and wanna try and break in :P). And that’s how to do a basic hydra service crack on Windows.

Hacking WallpaperS

Your wallpaper is the great source of motivation for everything you do in  computers. You should set your wallpaper such that it reflects your goal. Its better if you use selfmade wallpapers. Amoung below wallpapers there is one wallpaper created by me, quated “This is my world , im the creator “.

This slideshow requires JavaScript.

 

hacking using Metasploit Framework

Metasploit Tutorial

Today I am writing a tutorial on hacking with Nmap with Metasploit.

Metasploit is a framework for attacking the vulnerable victim’s machines using exploits present  in the framework.

learn more about metasploit on

http://www.metasploit.com/
Let all that install, and towards the end of the installation it will ask if you would like Nmap installed also,
choose yes.

Once you have that installed the Metasploit screen will open up as shown below…

Now type db_create

Once you have typed that type nmap

This loads nmap, as shown below….

You need to configure your scan now, I usually do a simple -sT -sV scan which will tell us the open ports and services running on the victims computer, Now type nmap -sT -sV xxx.xxx.xxx.x (X’s being victims Ip number), Demonstrated below.

Now give it 5 minutes to complete the scan,Once that is complete if your lucky you should get a response like this…

This is basically a list of the open ports and services running on the target machine, Now the handy feature of the metasploit 3.3 framework is the autopwn feature, this basically searches and runs all matching exploits in the Metasploit database against the target machine and if successful will create a shell or similar privilege for the attacker.

Now once you have the nmap results delivered back to you showing the open ports and services type db_autopwn -p -t -e , From this point you will either have access to the victims computer through a successfully launched exploit or you will get a response saying the machine wasn’t vulnerable to any of the exploits in the Metasploit database. Unfortunately on this particular machine I found it wasn’t vulnerable as the image below proves.Good luck.

What is hACKINg????

My equation of hacking is

knowledge + art + curiosity = hacking

knowledge: about computers, web, programming languages.

art: making new techniques  to get into beat your victim.

curiosity: he want to know about all the things.curious to learn new things.and he never give up while solving a problem.

Hacking is not that thing which u can learn in some time.

What is hacking?

While there are many definitions of hacking, a general definition is to modify something to make it work for you. For computers, hacking includes fixing programs until they work. Also, hacking includes modifying the computer hardware to make it work better or tuned to the person’s wishes. The type of hacking that the media discusses includes breaking into secure systems to determine their weaknesses and to explore them. However, the media only points out the malicious uses for breaking into systems.

Black Hats, White Hats, Crackers and Phreakers

What do these terms have in common? They’re all terms used by hackers to describe hackers. Just like in typical cowboy fashion, the “white hats” are the good guys and the “black hats” are the bad guys. Although the lines are blurred greatly when it comes to hacking. The “White hats” are security experts who try to find the vulnerabilities in programs and systems, and report them to the manufacturers. They would be considered “ethical hackers” because they either have authorization to break into the system or program, or they do so with the intent of assisting the manufacturer in securing them. The “Black Hats” are the ones who are trying to find those same vulnerabilities and exploit them. “Cracker” is another term for the Black Hat hackers, usually referring to the creation of software cracks to bypass anti-piracy methods. A “Phreaker” is a person who hacks into telecommunications services.