A legitimate role of hackers in todays world?!?

Discussion in 'Serious Discussion' started by gorski, Jul 26, 2012.

  1. gorski

    gorski MDL Guru

    Oct 21, 2009
    5,514
    1,452
    180
    Is "ethical hacker" a mythical beast or a very real and necessary actor (including the relevant university courses) on the scene, as it is today?!?

    See it against the following background, for instance: http://www.bbc.com/news/technology-18997580

    Global terrorism is very real and mistakes in security technology MUST be found!

    (To begin with but not only in that sense...)

    What say you?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    4,071
    4,651
    150
    "Black Hat" hackers are very important, but only if their findings can be controlled and not disseminated to the masses without proper precautions taken. What good is having a black hat find an exploit if His/Her findings are published before you can protect yourself from it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. gorski

    gorski MDL Guru

    Oct 21, 2009
    5,514
    1,452
    180
    There was a case of a hacker-babe who found an exploit in a security suite and she went to the manufacturers.

    They gagged her and refused to do anything about it, gambling on a hope that no one else will find it...

    Now, then what?!? Would you publish something like that, not necessarily publishing the exploit but...?

    Should these guys be forced to act responsibly?!?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    13,081
    13,977
    340
    Yes, they should.
    I'd firstly try to resolve that issue privately with the affected manufacturer.
    If there is no reaction I'd demonstrate at the public what the exploit can do at an example, but I'd firstly not release the exploit.
    There are many good examples doing it that way. Recently there is an issue with credit card readers of a particular manufacturer which can be exploited remotely through network and the 'hackers' have demonstrated the exploit on TV at a verified environment.
    I also know what the good old CCC (Chaos Computer Club) did with the BTX terminal-hack at BTX terminals far before the www existed in the year 1984.

    And I had already contact with the invisible things lab CEO asking for an UEFI module exploit to alter a signed module which had been later patched by Intel....they published the way on their website without releasing the exploit code, though.

    There could be another issue. If the copyright owner should be pi**ed off he might sue you later, even though your intention had been to inform about security holes.
    But IMHO they should be grateful if there are far more experienced persons who try to resolve the issue privately first, before they publish that at the public.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. gorski

    gorski MDL Guru

    Oct 21, 2009
    5,514
    1,452
    180
    I remember relatively recently the Dutch hackers hacking the Dutch biometric passports, reading them from a distance...

    Now in the days of global terrorism, should the importance of hackers testing the system be explained at all?

    There are now legitimate university courses, as society realises what these vulnerabilities might mean...

    Bills are passed in Parliaments, in order to create a legitimate role for such hackers...

    And yet, some businesses still live in cloud-cuckoo-land, playing an ostrich game...

    'Cost effectiveness', they call it, risking your safety for their profit margins...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. bludgard

    bludgard MDL Member

    Jan 4, 2011
    211
    54
    10
    I'm suprised they did not offer this "hacker" a job. May have been less costly (legally), less of a gamble and possibly have made this particular security suite a better product.
    Seems that people (we) are always doing things the hard way: Over and over.
    Go figure, eh?

    To the topic, "hacking" is like all things; neither good or bad. It can be a liability or an asset. Nutritious or toxic....
    This is how I feel, anyway.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. MaSSaSlaYeR

    MaSSaSlaYeR MDL Novice

    Jan 24, 2013
    32
    2
    0
    Hackers can get high paying jobs at computer security firms!
     
  8. gorski

    gorski MDL Guru

    Oct 21, 2009
    5,514
    1,452
    180
    Not really - every scientists does the same job in the academia, as they try to poke holes in various "theories" and then trying to put together better ones...

    Open-ness is the mother of Modernity!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. pc71520

    pc71520 MDL Junior Member

    Feb 12, 2013
    89
    44
    0
    Whether Legitimate or Not,
    Hackers largely Reveal/Expose
    the Vulnerabilities/Faults
    of Technology/Society...;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. qofbored

    qofbored MDL Novice

    Feb 6, 2013
    24
    3
    0
    Society today is controlled, limited and censored. Your so-called freedom is but an idea, or a hope.
    Internet is one of the few things in our lives that is left truly free, but even that is slowly and surely changing. We can see it by means of advertisements online. Or contracts that you must constantly agree to before downloading or using software. Or DMCA and such requests by government officials, which is basically censorship or a modern day book burning if you will.

    So with these facts in mind, I think hackers are hugely underrated in society. I think there should be a lot more of them, and I hope that hackers realise that they are the army that makes a chance at fighting this invasion on our privacy. If we allow corporations to infringe on our lives through social media or the use of their (closed, unfree and proprietary) software, why then do people frown at hackers? I believe hackers are doing absolutely the right thing when it comes to exposing government secrecy and f**k-ups at top levels, or if they are attacking copyright enforcements agencies.

    I hope there is a future where we don't have a watchdog in our computers by means of our ISP, the court system, etc. If the internet can become truly liberated, then perhaps the rest of the world might be as well. And for that to happen, we need a lot more hackers doing a lot more work which matters most for sake of humanity.
     
  11. hpg62

    hpg62 MDL Novice

    Mar 25, 2013
    12
    6
    0
    Ethics and anything else we may want to tie to freedom went out the window with Facebook and allllllll the dummies that could not wait to tell and show everythinggggg about their life and to make it easier drag everyone they know into their stupid little web world.

    It's everyman for themselves mentality will prevail.
    Look at the Banks, nobody has gone to jail.
    20 little children and 6 teachers were butchered, they say each kid had at LEAST 5 bullets in their little body.
    Yet, nothing has changed to prevent that except they want MORE guns as the answer.

    The rainforest and oceans provide us oxygen, food, medicine and we humans have provided bulldozers, carbon pollution, and endless netting.

    We are killing the things that provide all of us air.
    How long before we go? Earth will just do a reboot.
    People are stupid, people are kept on the hamster wheel of life.
    People do not want to think. They trained and kept in a state of stress/drugs/entertainment that they can't think.

    Hacking is just another form of learning.
     
  12. gorski

    gorski MDL Guru

    Oct 21, 2009
    5,514
    1,452
    180
    Food for thought...

    If we can learn in IT/hacking why not in politics/ecology/economy/society as a whole?!?

    Indeed, Systems Theory may teach you a thing or three: http://en.wikipedia.org/wiki/Niklas_Luhmann

    In Psychology search for the same vane/attitude in this guy, since you mention ethics: http://en.wikipedia.org/wiki/Lawrence_Kohlberg's_stages_of_moral_development

    The best/least crappy option we have today, to my mind, is Critical Theory, mainly rotating around research of Juergen Habermas' circle: https://en.wikipedia.org/wiki/Jurgen_Habermas

    On the other hand, if we are talking about brainless/spineless people, have a look at these: http://en.wikipedia.org/wiki/Stanford_prison_experiment and especially this - http://en.wikipedia.org/wiki/Milgram_experiment

    You can say something like "Oh, two thirds are sad excuses for Human Beings..." But one could also see it in a historical manner and say that a third isn't without conscience/spine and brains - which is not a small force!!! Since we can learn, not just individually but also on the level of groups/organisations/whole states - why not on the level of Humanity...?!?

    Sure, it may not be to your liking in terms of speed but...

    The ubiquitous self-depricating stuff is so non-obliging it hurts... literally - all of us! In that case you can just sit on your arse and do nothing and therefore you would be joining the two thirds, rather that the decent third, as you seem to be trying to position yourself. Sadly, what one is really doing when one is saying stuff that is so "cynically pessimistic" is doing the opposite from what the decent third ought to be doing to remain decent... and keep growing...

    If one actually really thinks about it... then the rhetoric should also reflect that non-self-defeatist attitude!!!:cool:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. EFA11

    EFA11 Avatar Guru

    Oct 7, 2010
    8,719
    6,741
    270
    #13 EFA11, Mar 31, 2013
    Last edited by a moderator: Apr 20, 2017
    Everything is different today from back in the early 80's. People today romanticize about how things were then. Back then it was about building something, being observant with a pure willingness to learn from the inside out, literally. The majority out there today are focused on attacking, breaking, and taking down the environments and people that built the infrastructure that is used by the very people who are utilizing the technology to attack it. The goals are so different today from back then. This is not to say that the minority who are still curious and harmless are without use. Hell, the minority are the very hackers today that are the most useful and sought out who can and will make the most difference and contribute the most.

    But as far as legitimacy goes, everyone from the lamer to the military have a place of their own in today's technology. Unfortunately the ethical hacker is nothing more than an ethical criminal in most people's eyes.

    For those who do not know, U.S. DoD has approved of ethical hacker certification.

    Code:
    http://www.informationweek.com/government/security/dod-approves-ethical-hacker-certificatio/223101209
    In case anyone would like to start training :)
    Code:
    http://www.ethicalhacking.com/
    I don't remember where I got this but it's an old text file on an even older drive lol, but maybe it pertains or is debatable at best.
     
  14. aiir.

    aiir. MDL Novice

    Apr 1, 2013
    1
    0
    0
    its BBC man, what do you expect?.
     
  15. gorski

    gorski MDL Guru

    Oct 21, 2009
    5,514
    1,452
    180
    Deep...:rolleyes::p:worthy:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. Mutagen

    Mutagen MDL Addicted

    Feb 18, 2013
    580
    123
    30
    So, a stranger going from house to house checking for unlocked doors and opened windows is a good thing. We need to know where security is lacking.
     
  17. gorski

    gorski MDL Guru

    Oct 21, 2009
    5,514
    1,452
    180
    Yes, in this context, they are necessary!!!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. chavo

    chavo MDL Novice

    Nov 23, 2013
    7
    0
    0
    Interesting thread thanks for sharing
     
  19. nimd4

    nimd4 MDL Novice

    Jul 10, 2007
    36
    5
    0
    #19 nimd4, Nov 25, 2013
    Last edited by a moderator: Apr 20, 2017
    Just btw., I always list the ycombinator as a *cool* source for hax0r news these days..:)

    Code:
    https://news.ycombinator.com/
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...