Ethical Hacking

Abstract

Over the years the definition of hacker has changed and the word has developed a negative impact on societies instead of positive reactions. Also laws have made it difficult for hackers to proceed with their hobbies, since laws had defined the hacking as criminal act. The Computer Security Act of 1987 has received more attention after 911 attacks, and hackers are more careful to pursue their activities to avoid being arrested, fined or serving a jail time for their activities. The declaration of the Act by congress meant to improve security and privacy of the federal and public sectors. It’s required by federal laws for the companies and businesses to be comply with privacy requirements and the security standards that protect the public from cyber-terrorism and hackers attacks. With advanced technology the hardware and software security had become more sophisticated, and the hacking activities become very difficult to be done with any casual hacker that might get caught in attempt of breaking complex security systems (Wilson, 2004).

Hacker Culture and their laws

Douglas(2002) explained that hackers have difficult time defining what actually hacking is? For some groups it’s about exploring, learning, and understanding the inner core of the technologies and for others it’s about changing things that already exist with technology such as changing the look of web site, or changing information on public servers. In all cases, it’s a movement that exist with the age of technology. Hacking activities has changed over the years, while hacking 1950s, 1960s, and 1970s had a little or no access to computers outside of the university environment, hackers in 1980s, and 1990s has access to personal computers, and most of technologies at home to practice and study more about different technologies.

Over the years, a new school of hackers began to reach out to express a general dissatisfaction with the world, and the technologies being used. One of the factors that make hacking possible is the culture of secrecy that is surrounding our social and economic interaction. This culture of secrecy has produced a climate in which hackers feel both alienated and advantaged. Although hackers oppose secrecy, they utilized secrecy as a reason from them to do such activities because secrecy created the boundaries between them and technologies. Hackers basic recognition is that information is power, and that secrecy that maintained by governments and corporations is the meant for them to maintain such power by discovering secrecy (Douglas,2002).

The virtual space is the domain for hackers to work without bodies to control. Technologies put these boundaries around hackers which created the desire for them to break these boundaries and have more freedom. Hackers are seen as addicts since the control of their compulsions is so hard to be accomplished. Also, hacking has been transformed with eyes of the law from exploration process to criminal behaviour, and that led to the isolation of the hacker from their societies (Douglas, 2002).    

Is Hacking ethical?

Wilson(2004) categorized hackers into three main buckets:

 

  • Hacktivists (Black hat Cracking) – using the political activism or movement to hack.
  • Hobbyist hackers (Grey hat cracking) – Learning by hacking into systems, and share the knowledge with others for fun.
  • Research and Security hackers (White hat cracking) – Hacking into systems for their own concerns to discover security vulnerabilities, and writing the code to fix the security breaches.

Wilson(2004) also examined the above categories, and in her views she explained that regarding to the hacktivists, since we have the right to protest, we have the right to take any form of protesting as a tool of action, and using a digital or electronic tool to protest is in our right to do so. Also, she argued that the hobbyist hackers are a peaceful act, and we have the right to practice that act. She argued that since we have the freedom of the speech we have the right to search vulnerabilities and report those security breaches to the right sources. She also stated that hackers have a lot to offer, and they provide the balance of power between big companies and businesses that want to dominate the creativity and the technical skills that are needed in our modern societies. When hacking is set in the right directions toward the balance of any society, and exploring the ways to express our concerns, and practice our rights; the meaning of hacking and ethical activities will properly defined.

SearchSecurity (2009) defined the ethical hacker as the computer and network expert that does the attack (also known as penetration test) on behalf of the owner to discover the vulnerabilities that might exist. With such testing, hackers used all the methods that can be used to test security breaches, and report it back instead of taking advantages on such vulnerabilities. The first time the ethical hackers was used in the 1970s when US government hired security experts called “red teams” to hack its own computer systems to test vulnerabilities.

Edwards (2007) pointed out that hackers are always known to the public as negative group of people who wants to harm us. However, we need to understand that there are bad hackers “Black hats” who are using their expertise and knowledge to do evil things such as writing a malware, and there are good hackers “white hats” who are helping organizations and business to prevent attacks and damage that might be caused by dark hacker. He also argued that there are a few black hats have switched to the other side to help IT community to protect technologies. What helped motivate them to switch to the other side are the following:

 

  • Money – Most of the time, black hackers operate on their loss of their financial since they need the money for advanced hardware and software. It is found that the black hackers switch to the other side to work as a security consultant for business to guarantee a paycheque.
  • Exhaustion – Black hackers get exhausted from living the low-life of hiding behind computers, and living with the threat of getting caught anytime.
  • Glory – Many black hackers found that receiving praise and alerting the IT community about software or systems vulnerability a lot better than exploit the weakness of these systems.
  • Conscience – Any one with a sense of right and wrong will turn away from black hacking. Stealing money over the internet or causing troubles to others is not a constant thrill that most of the hackers are looking for.
  • Age – Age can make a lot of difference when it comes to learning about new technologies to build a malware, infiltrating networks, and blowing up servers. With higher ages black hackers start to give up things, and be scared to get caught and go to jail in an old age.
  • Intelligence – With learning sophisticated technologies black hackers sometimes they are ready to do something more valuable than just breaking into systems, and hiding behind computers.

Conclusion

A hacker is an individual who has gone beyond using the computer to survive (Programming for living) to the next two levels: to use the computer for the social tie and for entertainment. Hackers believe that both levels are the highest motivation of their actions (Pekka, 2001).

Ethical standard is something many of us have and hackers are no different in that aspect. White hat hackers their ethics is high toward the security of others, and they represent the computer security as the top of their talent. Some of the laws might deter the white hackers from going with their businesses, and that is not the case with grey hackers where if something wrong and it’s forbidden to touch it, they go for it and try to fix it without looking at consequences of their action. If a flaw found in a system, grey hat hackers will follow their own code of ethics instead of waiting on things to happen.

Finally, while white and grey hackers have their own work ethics, black hat hackers have no personal ethics standing in their way. They do everything possible to make their money such as stealing credit card information, creating online scams, and breaking into any systems that can be a source of wealth for them.

References

Edwards, J. (2007) Why Black-Hat Hackers Become White-Hat Heroes [Online]. Available from: http://www.networksecurityjournal.com/features/black-hats-become-white-hats-091107/ (Accessed: 08 November 2009).

Douglas, T. (2002) Hacker Culture [Online]. Available from: http://site.ebrary.com.ezproxy.liv.ac.uk/lib/liverpool/docDetail.action?docID=10151190 (Accessed: 08 November 2009).

Pekka, H. (2001) Hacker Ethic: The Open-Source Movement and the Spirit of the New Economy [Online]. Available from: http://site.ebrary.com.ezproxy.liv.ac.uk/lib/liverpool/docDetail.action?docID=10002157 (Accessed: 08 November 2009).

SearchSecurity.Com (2009) Security Testing and Ethical Hacking [Online]. Available from: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci921117,00.html (Accessed: 08 November 2009).

Wilson, M. (2004) Is hacking ethical [Online]. Available from: http://www.computerworld.com/s/article/91549/Is_hacking_ethical_?taxonomyId=17&pageNumber=1 (Accessed: 08 November 2009).

 

 

 

 

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: