Ethical Hacking

#1
Should ethical hacking be considered a crime or not?
Currently it is against the law to hack websites without their consent, but why should it be if we're just testing a lead on a vulnerability? It may help them in the end.
 

Eric

Owner
Staff member
Stormy Days(HC)
#2
Its still a crime. You are accessing somebody's service without their permissions with the intent to exploit a vulnerability.

On that note, I think even port-scanning is partially illegal.
 
#4
I'm on the fence about this one. If a person's curious (which all people are) but don't have any intent to harm such as taking info, ect and just want to give a company a heads up that there's an issue, then I don't think that they should be punished severely. There's normal thrill seekers and there's thrill seekers who get into crime. It's like comparing a skydiver to a person who robs because of the adrenaline rush.

This is how I personally see ethical hacking:

You come over one day to knock on a neighbor's door's door (whether to discuss stuff or just to say hi, ect), realize that nobody's home and as you're on your way off the property you notice that the gate to the backyard, (through the side yard) is unlocked because the door's opened a crack. So being the nice or curious neighbor you are, you go over to investigate and realize that the latch has deteriorated. Technically by entering the side yard you've trespassed on the property to inspect the faulty hardware that was supposed to keep the door closed. You haven't taken anything, but you've entered the property's premises. So after looking, you leave and once the neighbor comes home you let them know that their gate's no longer secure.

People do this all the time and yet aren't charged with trespassing or in some cases breaking and entering if they passed through the broken gate.
 
#5
No matter how we look at it, hacking is illegal - just like breaking into a person's home. Even authorities require the proper paper work before they can set foot in anyone's premises. Now a days, most people do their banking and even processing credentials online, hackers can easily steal their info which will definitely cause a lot of problems. It may be a bit more life threatening to have strangers break in to my home just to rob me but at least I have the chance to fight them off or identify them so they can be caught. I honestly prefer that than being hacked.
 

Eric

Owner
Staff member
Stormy Days(HC)
#6
No matter how we look at it, hacking is illegal - just like breaking into a person's home. Even authorities require the proper paper work before they can set foot in anyone's premises. Now a days, most people do their banking and even processing credentials online, hackers can easily steal their info which will definitely cause a lot of problems. It may be a bit more life threatening to have strangers break in to my home just to rob me but at least I have the chance to fight them off or identify them so they can be caught. I honestly prefer that than being hacked.
There is a much higher chance of being caught hacking.... Since you leave a lot of paper trails on the internets. :)
 
#7
The problem is that you are invading someone's property without their permission. It's like trespassing on private property. If you're doing a good thing why not just ask the site owner? I suppose there would be rare cases where a site is about to encounter severe problems, the owner is on vacation, and the only way to save the site is to hack it and do whatever. But how often does that happen? Ethical hacking would be an extremely rare scenario.
 

pwarbi

New Member
#8
When it comes to hacking, I think its very easy to hide behind saying 'its for the greater good'...computer hacking, at this moment in time is illegal and therefore anybody doing that is considered to be breaking the law. Everybody has their own reasons for doing things, not just in hacking but in all aspects of life, just because something is happening that you don't agree with, doesn't necessarily give you the right to interfere and impose your own opinion.
 
#9
If it is for the good of the company, and if they were hired legally, there is no problem, it is legal.
However, if it is doing to help people but it is illegal, the people should get arrested. No contest.
 
#11
It can be important to exploit a flaw in a company's website security. Curiosity will get the best of us. It depends what kind of hack it is such as a SQL injection which should be legal because as long as you don't change anything you don't harm anything or anyone. If you hack with a R.A.T. then that should be illegal.
 
#12
Obviously if the hacker is employed by the company to exploit weaknesses in their own system then this is of course acceptable.
I believe that this is already a very common practice with most big businesses these days. Security, especially online security is a massive concern to most people, company's or individuals so testing a sysytem in as many ways as possible is essential.
 
Top