Craig Rimando
Luke White

“hacking” - negative connotation

Not always that way


Originally a compliment
Not all hacking necessarily bad

“Good” hacking? Ethical hacking?

“Bad” hacking groups
Anonymous
 Lulzsec


Black hat hackers





DoS / DDoS
Identity Theft
Website Defacement
Leaking Incriminating or Personal Information
Viruses / Worms

Is there a grey area?
Honorable or benign motivations
 Protect computer networks
 Deter hackers from hacking in the future


Should any form of hacking be permitted?
Counter hacking
 Certified ethical hacking
 Clipper chip


Pre-emptive or reactionary response to a hacking
attack

Ethical Worms


Sovereignty over own computer but not the Internet
For the greater good

Self-Defense

Innocent Third Party




Who is in control
Identify other victims
Find the origin or next hop point
Jerome Heckenkamp case

Some company’s are founded on beneficial hacking
Security Explorations
 “providing various services in the area of
security and vulnerability research”
 Discovered and reported numerous Java



bugs
Billions of users at risk
EC-Council
Offers a professional certification – Certified Ethical Hacker
 Employed by company, penetrate networks like a hacker
 Purpose: find & fix security vulnerabilities

Discussed and developed 1990’s government plan
 Installed in electronic communication with unique
government encryption
 Only government could decrypt
 Valid warrant needed for each tap


Same longstanding law as for wire taps
Downside: Some people feared government would
abuse its power
 Upside: monitor known criminals and terrorists



Decrease the amount of crime – deter criminal activity
Increase the government’s ability to fight crime

Not all hacking is necessarily bad.

Some can be ethically justified




Intended to protect users / public
Deter future attacks
Find security flaws / Code innovations
Infringe on privacy rights?