// Posted by Tommy on 02/28/2012 (7:50 PM)
Given the tremendous amount of attention hacking has received in the last couple years, especially due to groups like Anonymous and the Stuxnet virus last year, hacking has come to inherit a pretty negative stigma. Just tonight, Interpol released a… Read more
Given the tremendous amount of attention hacking has received in the last couple years, especially due to groups like Anonymous and the Stuxnet virus last year, hacking has come to inherit a pretty negative stigma. Just tonight, Interpol released a statement describing the arrest of some 25 individuals associated with the hacker group Anonymous, in a coordinated international operation across four countries in Latin America and Europe. The statement goes on to quote Bernd Rossbach, Acting Interpol Executive Director of Police Services: “This operation shows that crime in the virtual world does have real consequences for those involved, and that the Internet cannot be seen as a safe haven for criminal activity, no matter where it originates or where it is targeted.” The article seems to me to imply that all hacking is necessarily criminal, which is somewhat misleading.
On the opposite end of the spectrum are the good guys, who use their powers for good and not evil. People like Charlie Miller, winner of the 2011 Pwn2Own hacking competition held at the annual CanSecWest security conference (and I know, how dare I link to wikipedia… but it gets the job done with only 1 link).
At the competition, hackers are offered cash incentives to exploit various software and browsers on both computers and mobile phones. But why would companies willingly let people hack their products, let alone pay them to do so? Basically, because these companies are then provided with information about the vulnerability that was exploited, so that the company can then attempt to correct the problem and prevent as much harm as possible from malicious hackers.
In fact, since nobody has been able to successfully hack Chrome yet, Google is offering an additional $1 million in “hacker bounties,” on top of the money already offered at the 2012 CanSecWest conference next week. Google wrote on its blog, “We require each set of exploit bugs to be reliable, fully functional end to end, disjoint, of critical impact, present in the latest versions and genuinely ’0-day,’ i.e. not known to us or previously shared with third parties.”
**Update**: a group of french hackers while finally able to hack Chrome at this years Pwn2Own
The point I would like to make is that, while hacking for monetary gain or to take down competition is usually the wrong thing to do, these same skills can be used to help companies fix up and improve their products. Are there any other instances where hacking could be beneficial, as opposed to criminal? Or is hacking something that should be always be considered a malicious act, regardless of the hackers intent?