hack
/hăk/
intransitive verb
- To let out (a horse) for hire.
- To make banal or hackneyed with indiscriminate use.
- To drive a taxicab for a living.
Videos
Kay' so if it doesn't bother you I would like to know what it means if you say for example "he's such a hack". I guess that's something quite negative but I can't take a glimps of its exact meaning.
The term "hack" has many meanings depending on context and popular use and has both malicious and benign meanings.
In general, it means that someone intentionally circumvented system design or controls in order to get the system to do something the designers did not intend.
You can hack a system to provide new, helpful functionality, or you can hack a system in order to let it permit you access to something it was designed to keep you away from. There is a desire in many circles to call a "malicious hack" a "crack" so that there is a clear distinction.
In your scenario, you see the effects but you have no idea about the intent. Therefore, you cannot conclude from the effects alone that there was intent or what that intent was. If the user permitted the malicious activity, then it is no longer a "hack" or a "crack".
So, no, I would not be comfortable with concluding that a system has been "hacked" because I saw pop-ups. Yes, there is undesired system behaviour, but there could be a number of reasons for it.
I would state that a hack is an undesirable activity with unauthorized access to assets. This can be, but is not limited to, doing an unauthorized action on a private machine such as modifying or transferring data.
This means a "hack" is broader then unauthorized access for most people. When your computer is infected by a cryptolocker, most people would say that their computer was "hacked", even though no access was given to an adversary.
If you take a look at a classic defense model or security landscape, you will see that a user has assets to protect. These assets can be protected by taking security measurements to protect against threats used by adversaries.
Not all adversaries are hackers, just like not all threats are hacking related. Power outage for example is a threat to your assets and you have to take security measurements, but a power outage does not constitute as hacking to most people. This is why it is important to look at threats as well as adversaries.
Depending on your adversary, a fake anti-virus message or browser redirect is a threat to your security (and therefore to your assets) but there is no unauthorized access yet and therefore is not a "hack" in my opinion, rather a malicious action (or threat).