Nintendo has been hacked and Sony has been hacked twice. These hackers have often claimed that they are ‘white hat’ hackers that are helping by showing where the flaws in computer systems are. By doing this the problems can be fixed so preventing any damaging ‘black hat’ attacks. However these recent hackings that have taken place have taken information but have been claiming to be white hat attacks pointing out the flaws in sony and nintendo’s security. However with the possibility of cyber warfare and concerns over hacks that result in huge amounts of information being stolen getting more widespread white hat hackers are becoming more necessary to ensure security. Can such attacks be justified?
All the Yes points:
- Hacks to demonstrate holes in security.
- Hacks to improve a product.
- Hacks as artistic expression.
- Hacks as political statements.
- Hacks to uncover or expose criminal activity, corruption or corporate malpractice
All the No points:
- Hacks always negatively affect someone.
- Stealing and invading privacy is fundamentally wrong.
- What hacking is doing to the fundamental structure of the Internet…
Hacks to demonstrate holes in security.
The hacker group Lulz Security recently accessed and published on the web the details of millions of users on SonyPictures.com, including passwords and personal details such as home addresses. They accomplished this using a simple and widely known hack involving using SQL to confuse and overload the site’s programming.
‘A LulSec press release said: “SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now.
“From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?” ‘
Sony, as a major technology company that handles the data of millions of customers worldwide, should be able to defend itself against simple and widely known hacks. To highlight this vulnerability to both Sony, who genuinely may not realise their web security has holes, and the customers, who may wish to reconsider entrusting Sony with their personal details.
Hackers demonstrate these kind of vulnerabilities in the security of large corporations and even Governments (see Gary McKinnon and his relatively simple hacking of the US Defence records – http://en.wikipedia.org/wiki/Gary_McKinnon) in the most direct and visible way.
If LulSec’s aims were benevolent, they should not have then released the information live onto the Internet, where it could be maliciously used by any number of cyber-criminals. The message wouldn’t be as convincing and shocking if the information wasn’t released, of course – but users who clearly don’t have the technological skills to even choose sensible passwords (‘Many of the passwords posted were, by and large, dictionary words or easy-to-guess phrases such as “123456.” While a strong password wouldn’t have helped in this kind of attack, users who make their passwords that easy to guess aren’t doing themselves any favors. shouldn’t be put in danger because of a battle they’re likely to know nothing about.
‘Here is the problem I have. My Robin Hood didn’t burn Sherwood Forrest to help the poor. He also did not use the poor as pawns in his fight with the rich.’ – http://www.corrections.com/news/article/28572-hackers-crackers-tramps-and-thieves
Ordinary users caught up in hacker stunts often can’t complain and are inconvenienced or even put in danger – often to the detriment of the cause that the hackers are trying to make a statement about – users aren’t likely to want to try and mod a PS3 game if they can’t use a PS3 without their credit card details being stolen.
<<Holes in their security wouldn’t matter if no one was allowed to hack. Also, if the company wants to plug in the holes then they would hire someone to do it for them. It is their responsibility to take care of their own. Outside hackers are breaking into others systems which is outside their right. If you lock your door and some stranger broke in to prove that it was possible, they still performed breaking and entering which is against the law. So to do it to prove it can be done is the worst excuse i’ve ever heard.
Hacks to improve a product.
The Mother 3 Translation Project (http://mother3.fobby.net/) is a fan-made, not-for-profit effort to translate the game ‘Mother 3’ into English, so that US and UK fans can enjoy a game in a series they are already familiar with and love, in their own language. While the patch itself requires you to use a rom and emulator, the creators encourage you to buy a legitimate copy of the game out of appreciation. In the long run, this hack will benefit the games designers as it will introduce the product to a larger fan base. If Mother 3 wasn’t supposed to be released in the UK, Lucas wouldn’t be in UK releases of Super Smash Bros. Brawl.
‘The greatest excuse in the world, Lou thought, They’ll be happier doing what I want them to do instead of what they themselves want to do’ – Ben Bova, The Exiles Trilogy.
Doing something for the good of someone else against their will is rarely justified. Nintendo and Ape Laboratories between them have produced enough successful games to know how to sell games, but we impatiently pressurise them to make a decision that they are waiting for the opportune moment to do so.
<< If Pepsi made 5 cans of a new special Soda called Pepsi Awesome, and you tried it and loved it, but then created some yourself to give to other people and encouraged that they can (if they wanted to) purchase a regular can of pepsi out of appreciation you are still in violation copyright infringement for basically recreating the same product (or modifying the same product) and giving it away for free. You can encourage them all you want, how many do you think will actually buy the real game, which would be useless to them. It wouldn’t happen and what The Mother 3 Translation Project is doing is against the law.
Hacks as artistic expression.
Hacks can be used as a powerful and effective artistic expression. Examples of this include hacks of toy and games console sound cards to be able to use all the sounds available, or the creation of personalised barcodes that register in scanners.
If art is being created using hacks, then at some point it is being done without someone’s consent, either the user or the company that originally created the product. Art should not be forced upon people.
<< The art of stealing? Im not sure i buy that. Youre saying its artistic to hack a game for content they created? But nonetheless, hacking yourself is not quite what this argument is about :P
Hacks as political statements.
Anonymous is a group of hackers with political motivations. Their hacks upon the intelligence company HBGary were intended to reveal that HBGary
‘ was engaged in illegal activity, including but not limited to: being contracted by the United States Chamber of Commerce to spy on & discredit unions and progressive groups, being contracted by the Bank of America to launch a campaign of misinformation against Wikileaks and it’s supporters (going so far as to blackmail journalists), developing a new type of Windows rootkit to spy upon individuals, and developing astroturfing software that could make an army of fake social media profiles to manipulate and sway public opinion on controversial issues.’
Hackers often reveal Government activity to the public that is of a concern to them and that could not be revealed any other way. Hacker culture itself is a political statement about freedom of speech and freedom of information. The existence of the Pirate Party UK (http://www.pirateparty.org.uk/) is proof that such issues can’t be ignored.
‘Pirate Party is the political party of the digital age. We represent the changes demanded by technology that governments and industries are resisting with all their might. We want copyright and patent laws to be reformed to fit their purpose, and your privacy and freedom of speech to be upheld and protected.’
“Hacker culture itself is a political statement about freedom of speech and freedom of information.”
Having scanned the hacking web site and blogs they are hypocritical, it would appear that the moment anybody speaks out against them their website or network is taken down. These kind of actions are creating a culture afraid to speak its own mind for fear of reprisals.
So who determines what can and can’t be said?
The hackers, that make them no better than the people they are attacking.
In the recent PSN attacks it is costing Sony millions, how much more will it cost them, and how long before that then transpires into loss of employment for potentially thousands of employees that are just trying to earn a living. It appears that hackers do not always consider the “bigger picture” when they exercise their right to steal peoples information and then display it on the network for all to see.
Surely a more effective way would have been to demonstrate to Sony that they had been hacked privately to allow them to improve their security, and then published on the net that Sony had been breached and have been advise of their weakness in security. This would have achieved the same end result, everyone would know and peoples personal information would not be up for grabs. How many fraudulent actions can be made from the information released that will end up costing the user.
Hacks to uncover or expose criminal activity, corruption or corporate malpractice
If a hack reveals or exposes criminal activity, and the relevant information is given to the authorities, then the hack is most certainly justified, and is a net benefit to society. The same can be said for corruption – the public benefit from being made aware of serious corruption, and the ones responsible deserve to be publicly exposed. The same can be said for corporate malpractice and other, similar legal situations where if the hack had not taken place, the information would not be in the public’s domain (or the authorities in the case of criminal activity).
the pros do not out-weight the cons. How many people hack to see if their neighbor is a terrorist? How many people hack to steal information of cause harm?
Hacks always negatively affect someone.
To the person whose personal information has been released onto the web without their consent, who has been exposed to potential credit card theft, or whose gaming network has gone down for months on end, hacking cannot be justified. Hacking is never victim-free. Companies are victims too, and if a games company, for instance, loses money because their website goes down or they face litigation, they can’t spend that money on developing games that would benefit the fans.
<could, but the pros do not outweigh the cons :P
While hacking may always negatively affect someone, it may actually have a positive impact on society. The information gleaned from the hack could result in evidence of criminal activity or coporate misconduct/corruption, and as such it could be argued that if the hack had not taken place then the person or entity would not have received their comeuppance – wether it just been bad publicity or civil/criminal charges.
Stealing and invading privacy is fundamentally wrong.
Whether or not the action is in the physical or digital realm, whether it is is a physical object or data that is being stolen, theft and invasion of privacy is wrong. If I break into your house, it doesn’t matter if I’m trying to make a statement that your personal security isn’t good enough, it is still a crime.
<<and your argument still doesn’t outweight the cons :P
While it may be a technically be a crime, it should again pertain to the points outlaid above on wether it is still ethically justified for the hack to take place, as it may uncover criminal activity or malpractice/corruption. Also, if the hackers genuine attention is to simply find a breach and report it – then what’s wrong with that? And to respond to the analogy used by the Opposition, if someone found a way to get into your property, tried it themself and found it worked, but told you so you could fix it, then I am hard pushed to find anything ‘fundamentally wrong’ about it.
What hacking is doing to the fundamental structure of the Internet…
It is reducing it to the same level as the Shin Megami Tensei alignment of Chaos (http://megamitensei.wikia.com/wiki/Alignment)
‘We care not whether the actions we have taken in this struggle have complied with laws of the United States or any other country. What your lot fail to understand is that we live in cyberspace. The only laws that apply are the laws set forth by our individual consciences. We break your nations’ laws when we recognize those laws to stand between the people and their freedom.
Anonymous is not simply „a group of super hackers”. Anonymous is the embodiment of freedom on the web. We exist as a result of the Internet, and humanity itself. This frightens you. It only seems natural that it would. Governments, corporations, and militaries know how to control individuals. It frustrates you that you do not control us. We have moved to a world where our freedom is in our own hands. We owe you nothing for it. We stand for freedom for every person around the world. You stand in our way.
We hope you come to see that your attempts to censor and control our existence are futile. But if this is not the case, if you continue to object to our freedoms — we shall not relent.
We do not fear your tyranny. You cannot win a battle against an entity you do not understand. You can take down our networks, arrest every single one of us that you can backtrace, read every bit of data ever shared from computer to computer for the rest of this age, and you will still lose.’ – http://www.reddit.com/tb/hto2s
Such a world would not be one in which any human would want to live. It would be totally anarchistic, dependent on the whims of the strong who have the resources, charisma and knowledge to control the flow of the Internet, where those who are less influential are used as pawns or discarded entirely. There are no laws or hierarchy to constrain anybody – but also nothing to stop them preying on the weak.
This is certainly not a good model for humanity outside the Internet, as Anonymous seem to want it to be.
Law is by no means a good faction in SMT. This doesn’t mean that Chaos is a good faction.
Hacking has been used countless amounts of time to prevent terrorist attacks, save lives, and even create a safer environment for frequent internet users.
Seb, “There is no control over the hacker’s actions until the law enforcement gets involved however hackers are just arrested.”
There is no control over any crime until law enforcement gets involved, how is that any different than hacking? The government uses hacking to help find terrorist in other countries and stop all sorts of attacks from happening, it is simply part of their job.
However, In the case of most issues the only correct answer lies somewhere in the middle of both sides of the argument. Is hacking Ok? Yes and No. Many people use it for the wrong reasons, but there are people who use it to better society. It might be wrong to hack companies and invade their privacy. However there are many websites companies put up where they do pay hackers to see if they can find and help fix its weaknesses. Many times hacking becomes a moral issue, where everyone has different views and morals. There will never be a clear answer to whether hacking is justified or not.
There is no control over the hacker’s actions until the law enforcement gets involved however hackers are just arrested. Laws do need to be changed so that hackers have a fair chance to justify their actions but if a hacker goes around looking for someone engaged in criminal activity, they may have to go through 1,000 innocent people’s personal information before they find anything.
We would love to hear what you think – please leave a comment!