New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Donations
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
image
Prime Choice
· Head Lines
· Advisories (All)
· Dnld of the Week!
· CCSP News Ltrs
· Find a Cure!

· Ian T's (AR 20)
· Marcia's (QA2)
· Bill G's (CO9)
· Paul's (AR 5)
· Robin's (AR 1)

· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
· Robin's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· Recommend Us
· RegChat
· Reviews
· Search (Topics)
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
How much can you give to keep Computer Cops online?

$10 up to $25 per year?
$25 up to $50 per year?
$10 up to $25 per month?
$25 up to $50 per month?
More than $50 per year?
More than $50 per month?
One time only?
Other (please comment)



Results
Polls

Votes: 561
Comments: 14
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
image riotact: Feature Opinion: Is Hacking Ethical image
Riot Act

Featured Opinion: Q&A: Is Hacking Ethical







by Marcia J. Wilson, CCSP Staff Writer
May 08, 2004



"Reprinted from MARCH 24, 2004 "
The definition of hacker has changed radically over the years. With the aid of the mass media, the word has developed a negative connotation rather than the positive one it used to have. Add ethical in front of hacker, and it's even more confusing. For the purposes of this article, I'll define those hackers with malicious intent as "crackers." Hackers can be categorized into the following three buckets:

  1. Hacktivists: Those who hack as a form of political activism.

  2. Hobbyist hackers: Those who hack to learn, for fun or to share with other hobbyists.

  3. Research and security hackers: Those concerned with discovering security vulnerabilities and writing the code fixes.


Since The Hacker Manifesto was published in 1986, computer security has become a national concern, especially after the terrorist attacks of Sept. 11, 2001. The casual hacker no longer has the freedom to poke around public or private networks without raising the concerns of law enforcement agencies.

Laws have been passed or refined that make it a crime to hack. Many hacktivists and hobbyists are more careful when pursuing their activities to avoid being arrested, fined or jailed for their activities. Many have legitimized their activities and hobbies by taking jobs in the computer security profession, starting their own security consulting companies, working in the open-source community or through other openly public and cooperative ways.

The Computer Security Act of 1987 has received more notice since the Sept. 11 attacks. The act is a declaration by Congress that improving the security and privacy of sensitive information in federal computer systems is in the public interest. The threat of cyberterrorism has increased focus on this piece of legislation, as well as the more recent USA Patriot Act.

As a result of increased anxiety over terrorist threats, federal and state laws have changed to make it an offense to "break and enter" a private or public network without permission. Federal law has required companies to comply with privacy requirements, business controls and corporate governance standards. These laws have brought pressure to bear on our increasing responsibility to secure the infrastructure and have made it more difficult for hackers to practice their hacktivism, hobbies or research.

Technology has also affected hacking activities. In response to legislation about privacy, business controls and terrorism, companies interested in capitalizing on the opportunities that exist have developed and manufactured sophisticated security hardware and software. The increased sophistication of these products has made the job of the hacker more difficult, and the casual hacker may stupidly get caught when attempting to circumvent a complex security system.

Education and awareness campaigns have also made an impact on hacking activities. Companies and government agencies have become more aware of security issues. Some train their employees on security-conscious use of their computers. The famous hacker Kevin Mitnick declared that social engineering was his primary tool.

Where have all the hackers gone? Have they gone more underground or taken "real" jobs? There is continuing debate over the ethics of hiring a former cracker, especially one with a criminal record, and placing him in a position of responsibility in a security capacity. I suspect that this is going to continue to be a difficult debate. Since the laws have become stricter, hacktivists and hobbyists are at risk of being labeled crackers.

What should our response be to crackers, who focus on hacking for personal gain and whose intent is to steal, threaten and destroy? Throw them in jail and throw away the key! What should our response be to the three categories of hackers? Do the First and Fourth Amendments of the U.S. Constitution protect hacktivism? Is there a way that hobbyists can work with the community to serve their interests, maintain their integrity and gain the trust of the public and private sector? Can we embrace the hobbyists and separate the crackers from the mix and treat the two groups differently? Can we educate our children on the differences, emphasizing right from wrong while supporting and promoting passion, creativity and freedom?

Is hacking ethical? It is if viewed within the context of the three definitions offered: hacktivist, hobbyist and researcher. We have the right in this country to protest, and if our activism takes a digital or electronic form, we have the right to do so. But don't take my word for it, explore this excellent article by Dorothy E. Denning at Georgetown University, "Activism, Hacktivism, and Cyberterrorism: The Internet as a Tool for Influencing Foreign Policy." It will make you think.

We have the right to peaceably assemble, and that may mean "sitting in" on a Web site or physically locking arms side by side with others in a large city's downtown intersection.

We have the right to free speech. Researching vulnerabilities and reporting those vulnerabilities is also our right, even if big companies like Oracle Corp., Apache Digital Corp., Microsoft Corp. or Hewlett-Packard Co. get angry and threaten us with lawsuits. That's par for the course.

I would like to see citizens better protected against big business and government. I don't want a huge company with lots of money to snuff out the fire, passion or interests in my life, and I don't want the federal or state government telling me what I can and can't do by broadening their powers via the Patriot Act.

I believe hackers have a lot to offer. They provide a balance of power by virtue of their creativity and technical skills. I think we need to protect and recognize them and find ways of working together.

Yes, I do believe that hacking -- when properly defined -- is an ethical activity. And yes, I do believe that understanding our freedoms and rights and protecting all that's good in our society while preventing all that's bad is the right approach. *Note: Some links to stories may no longer function or now require you to register to view.




by Marcia J. Wilson ComputerCops Staff Writer

Marcia J. Wilson, holds the CISSP designation and is the founder and CEO of Wilson Secure LLC, a company focused on providing independent network security assessment and risk analysis. She is also a free lance columnist for Computer World and Security Focus.

She can be reached at . Corporate website: wilsonsecure.com (see Prime Choice top left)


Copyright ©Marcia J. Wilson All Rights Reserved 2004
Posted on Tuesday, 11 May 2004 @ 10:05:30 EDT by cj
image

 
Login
Nickname

Password

· New User? ·
Click here to create a registered account.
image
Related Links
· TrackBack (0)
· PHP HomePage
· Microsoft
· HotScripts
· Apache Web Server
· W3 Consortium
· Oracle
· More about Riot Act
· News by cj


Most read story about Riot Act:
Who’s spying on my Hotmail?

image
Article Rating
Average Score: 1
Votes: 1


Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent


image
Options

Printer Friendly Page  Printer Friendly Page

Send to a Friend  Send to a Friend
image
"Login" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register