Hacker News new | past | comments | ask | show | jobs | submit login

I suspect you're still associating hacking with other actions that can be facilitated by hacking. But the very next thing I wrote was "knowingly turning off a hospital ventilator is still murder", so it only makes sense to answer as if you strongly intend the "per se".

In isolation, why would finding a hole in someone else's ruleset be immoral? If hacking per se were immoral, then there could be no such thing as a "white hat".




> I suspect you're still associating hacking with other actions that can be facilitated by hacking.

I specifically wrote "per se", so no - I'm not.

> If hacking per se were immoral, then there could be no such thing as a "white hat".

White hat hacking it typically specifically authorized (e.g. red teams). That is not the case with the example from the article.

In the locksport community there is a pretty strong norm to only pick locks you own or have specific authorization to pick.

Computer security not the same thing, but it's also not that different.


> White hat hacking [is] typically specifically authorized (e.g. red teams)

That is merely one kind of white hat hacking. Another kind would be figuring out an exploit for software that you have a local copy of, even against the wishes of its developer. If we agree that this is moral, then general finding of holes itself cannot be immoral.

I don't think you mean to imply that in locksport, you only pick models of locks that the manufacturer has given you the go-ahead to attack. Rather you're referring to ownership of the physical lock itself, which is merely one type of authorization. I would also guess that the reason the community repeats this prominently is to head off legal entanglement.

To the extent that a given ruleset only exists on a specific device that one does not own, then it is indeed hard to find holes in it without also affecting that device itself. However, it is still important to draw the distinction between any effects and the logical hacking itself, lest minor effects end up being persecuted inequitably.

In the context of the original article, there are essentially no damages and a little bit of unjust enrichment. Yet this whole thread has blown up about a spectre of harsh punishment under the CFAA, when equity is closer to the amount of the access fee.




Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: