DailyPost 380
WHITE HAT HACKERS – The Way Forward
White Hat Hackers seem to be the beacon of hope in the present day world. Security is not a design element is most of software / hardware ecosystem, it is a value add, perforce & we don’t allow White Hats to do penetration testing et al, then what is the way forward. We seem to have stuck up in a technical logjam. The legal situation is also not very supportive. The law has not caught up either on the negative or the positive side.
Penetration testing concentrates on attacking software & computer systems. Moving further scanning ports, examining known defects & patch installations also comes under the purview of the White Hat Hackers. At a full blown level for achieving path breaking results, they have to take the arduous journey of emailing staff to ask for their password details, making way to executive dustbins and more often than not breaking & entering without the knowledge & consent of the targets.
Struan Robertson, editor of OUT-LAW.com, says ”Broadly speaking, if the access is legal, hacking is ethical & legal.” Unauthorised access even to expose vulnerabilities is illegal he says. ”There is no defence in our hacking laws that your behaviour is for greater good. Even if it’s what you believe.”
This is the Catch 22 situation we are in. Even those who want to help make world safer are on the wrong side of the law.
Experts would always remain experts and so should it be. Undeniably, White Hat Hackers are experts of their own domain. We are shy of using them at our own peril. It is taken as ignominy for the IT enterprise to take them on board. Legality should evolve to find ways and means to use this talent. They only can provide succour to the breach ridden world.
It would be a slow moving iterative process, the initiation has to happen now. Some grey or black hat hackers might also changes sides, if its made promising.
LEGALLY EMPOWERED WHITE HAT HACKERS CAN DO MAGIC.
Sanjay Sahay