Ethical Hacking

Have you been pwned? The word, which means owned, or mastered, is also techno talk for having been hacked, and it seems that not a day goes by without a new breach being reported in the news. Social media companies, email providers, banks, online dating sites – no company with a computer is safe, and internet security seems an oxymoron. In an age when so much of our lives is stored, or simply happens, online, it’s no wonder that we see hackers prying their way into our digital secrets as criminals. But should we?

Hackers, as most people who write about them will tell you, are not a priori criminals. They’re computer experts, certainly, but also explorers and problem solvers, passionate, curious, enthusiastic individuals who live for the challenge of unlocking doors, breaking down walls, and sticking their nose wherever they’re told it doesn’t belong. Or, to avoid language that still sounds suspiciously criminal, they could also be described as quality control.

For example, one hacker, Barnaby Jack, dedicated his relatively short professional life to exposing flaws in supposedly smart medical technologies, showing how he could hack automated insulin distributors to deliver fatal doses to diabetics. And in a 2016 stunt, perhaps the year of peak hype for the potential of autonomous vehicles, hackers proved they could take remote command of a Jeep – while a Wired journalist was at the wheel. From demonstrations like these, it’s not a great leap to imagine villainy worthy of a James Bond film. But the difference is the goal: they’re not holding the world hostage; they’re trying to wake it up.

By showing that grave consequences resulting from our technological naiveté are not only imaginable, but feasible, so-called white hat hackers are alerting the world to what black hat hackers – the real bad actors – could do. Hackers have been described as an essential part of the internet’s immune system, finding weaknesses and attacking vulnerabilities so that the system is better prepared to defend itself. The robustness of open-source software is due in part to channelling the positive energies of millions of volunteers happy to collectively test and tweak publicly available code. Many of the most famous tech companies sponsor bug bounties, or vulnerability reporting programmes, offering big money to whoever can expose the flaws in their systems. And governments, with their sometimes awkward outreach and recruitment, love hackers too.

At least some of them. Because for many hackers it’s about more than a challenge, or a pay check, but about principles. And the principles most often associated with the “hacker ethic” are antiestablishmentarianism, openness and extreme transparency – the kind that can get you branded a traitor, or worse. Depending on your perspective, Julian Assange is either the world’s most famous journalist, or its most notorious spy and hacker (among the charges against him is volunteering to help Chelsea Manning crack a US government password).

Hackers, to paraphrase the hacking group Anonymous, are legion. They don’t collectively wear one colour hat or another and should be judged by their actions. And whether those are criminal or heroic, all the pranks, attacks, hacks and breaches strengthen our immune system, and shake us out of our technological complacency. If hackers are like viruses, they may be just the viruses we need.