Is There Such a Thing as an “Ethical Hacker?”
When we think of the term “hacker” we tend to think of someone in the shadows, the mysterious figure toppling websites and wreaking havoc across the internet. We also tend to think of criminals. They might not look like a street thug, or a violent person, but they are the ones who steal our identities and crash our favorite places to visit or do business.
Most people don’t think of someone like Charles Tendell.
Mr. Tendell, a decorated Iraq War Veteran, dresses like a businessman. His photo looks like your typical LinkedIn profile image, or something out of a Forbes business write up. He is trying to change the way we think about hackers, by taking them mainstream.
He is a radio co-host and news commentator who has spoken out about Internet security, especially overseas. Mr. Tendell has a new venture called “Hacker’s List.” The site seeks to allow people to anonymously bid on the services of hackers across the world.
A recent New York Times write up details the meteoric rise of the site, from an “off the cuff” idea to something quickly gaining in users and media attention. To date, 4,000 jobs have been posted, but only about 250 completed.
According to Tendell, the intention was to “[test] the waters” and see if there was a market for a service that allowed individuals to hire cybersecurity experts for private use. Tendell refers to himself as an “ethical hacker”, who uses his skills and knowledge of computer networks to help companies and individuals fight back against “bad guys” online. His stated intention when launching “Hacker’s List” was to connect people with those who could help them with “legitimate online investigations and surveillance.”
The site has come under harsh criticism because of its anonymous nature. The shield of not having to reveal one’s identity has led to a propensity for illegal, or at least dubiously legal, requests for hacking. Critics say that by allowing users to maintain anonymity in their requests, the website offers an “invitation to illegal and unethical behavior.” To date, some of the most common requests posted have been to break into an email account, a facebook profile, or change a grade online.
The looming question is whether the public has a right, or can be trusted, to have access to those whose skill sets include being able to circumvent Internet security. In many cases, the actions taken are blatantly illegal, or at least in violation of website terms of service that would carry a ban if not actual legal repercussions. While there certainly are legitimate uses for such a site, like testing the security of a property you own, does providing such an open forum allow too much room for misuse?
Is this a case in which freedom of speech and open market principles should allow anyone to be able to solicit work from hackers? Just because the actions taken are digital, should they carry any less weight? Surely a website on which you could hire someone to break into another person’s house would not be allowed. Should it be different when it is an email account or profile?
“Hacker’s List” collects a fee for every completed assignment. In theory, Mr. Tendell could be making commissions for illegal acts facilitated through his site. Is this right, or is it not his responsibility how others use the service?
In the largely anonymous world of the Internet, there seems to be a tendency to consider things less “real” and therefore less illegal because of the disconnect from other human beings. Without seeing, hearing or feeling the presence of another, many tend to say and to do things they wouldn’t in person. By taking the fairly specialized skillset of the hacker and making it widely available, are we inviting widespread mischief?