CreateDebate is a social debate community built around ideas, discussion and democracy.
If this is your first time checking out a debate, here are some quick tips to help get you started:
Arguments with the highest score are displayed first.
Argument replies (both in favor and in opposition) are displayed below the original argument.
To follow along, you may find it helpful to show and hide the replies displayed below each argument.
To vote for an argument, use these icons:
You have the power to cast exactly one vote (either up or down) for each argument.
Once you vote, the icon will become grayed out and the argument's score will change.
Yes, you can change your vote.
Debate scores, side scores and tag scores are automatically calculated by an algorithm that primarily takes argument scores into account.
All scores are updated in real-time.
To learn more about the CreateDebate scoring system, check out the FAQ.
When you are ready to voice your opinion, use the Add Argument button to create an argument.
If you would like to address an existing argument, use the Support and Dispute link within that argument to create a new reply.
You can share this debate in three different ways:
#1
#2
#3
Paste this URL into an email or IM:
Click here to send this debate via your default email application.
Click here to login and CreateDebate will send an email for you.
should this form of computer hacking be legal?
So, before I begin, I shall explain something needed for the debate. There are three categories on the hacker spectrum.
white hat- The good guys. Test security systems for flaws (called pen testing). Catch black hat hackers (the bad guys).
black hat- The bad guys. Break into computers. Steal millions of dollars. Make, and infect computers with, viruses.
And finally:
grey hat- These guy are controversial. Let's say person A breaks into person B's computer. A doesn't put a virus on it. Instead, he'd rather leave a document saying how B's antivirus software is crap. A recommends better software. Okay? So, he had to break into B's computer, but he had good intent. Maybe the next day, A decides to modify his FB page. He's decided that FB shouldn't have taken away that old myspace feature, to modify the HTML on the page. But to do this, he has to find his profile on the FB server. But it's only his account. Isn't it reasonable for him to change the font of his name on the blue and white? Maybe add in a little red and black? Then again, he did have to hack FB to do it. Then again, he's not doing it to anyone else, it's on a public site, and it IS his account.
well, i would go for a grey hat . He want to make thing look like how he likes without affecting the society. Just take example- if a person is a smart , genious in computer and then also due to some life tragedies he ended up in dump. he again want to start a software firm or something like it. He asked from every other person around and banks too bt he got nothing else than disappointment. then he hacks in 1 million accounts and just take a rupee (Indian currency very less as compared to dollar) and he was happy. May be it was a crime bt what other persons lost 1/60 of a dollar.
No because the potential for crime is still their with no regulation. Sure he's a 'good guy' today, but what's stopping him from being a 'bad guy' on a bad day? Without regulation, the answer is nothing.
The problem is that nothing is stopping them from becoming a black hat at any time. In another argument you said, that if their is a contract between the white hat and the people who need their security checked it's okay, and in that regard I agree with you. I agree there because if Scythian should o wrong, or the hacker decides to do anything actually bad, blame can be easily placed on one person and they can face the consequences.
However if some guy with some computer skills is just deciding he's going to be a good Samaritan and go breaking into people's accounts just to let them know "hey your security's weak" nothing is stopping him at any time from going even further than that.
My reasoning for deeming all of this illegal (if no contract is issued) is simply because people can not be trusted without some form of checks and balances in place to prevent them from getting out of line.
Slightly less relevant note, I also disagree with the actions of anonymous, the hactivist group who liked to air the private information of people they deemed criminals.
Slightly less relevant note, I also disagree with the actions of anonymous, the hactivist group who liked to air the private information of people they deemed criminals.
Anonymous is another debate. I'll admit they do controversial stuff.
My reasoning for deeming all of this illegal (if no contract is issued) is simply because people can not be trusted without some form of checks and balances in place to prevent them from getting out of line.
Actually, I think you could. Now, I'm not getting this information from anywhere, i.e. I'm pulling it out of my ass, but you could just have specific guidlines for what you're allowed to do. You could also have a test you have to pass to do it. What do I mean by this? I'll tell you. Let's put this into context.
However if some guy with some computer skills is just deciding he's going to be a good Samaritan and go breaking into people's accounts just to let them know "hey your security's weak" nothing is stopping him at any time from going even further than that.
Actually, if the punishment is worse for pretending to be grey hat, then turning black hat, than for just being black hat, then it would probably outweigh being grey hat.
Let's look at your last point again.
My reasoning for deeming all of this illegal (if no contract is issued) is simply because people can not be trusted without some form of checks and balances in place to prevent them from getting out of line.
You could say it's allowed, but you have to pass a test to start doing it. It could be legally administered. You'd offer it at colleges and high schools, and only kids who showed a lot of responsibility would be allowed to take it. It wouldn't really be grey hat anymore, in the legal sense, other than they'd be allowed to break into security systems without permission.
However, it would mean that you could then weed out the people who might turn black hat. If that person did, you could then make the consequences worse. Anyone who doesn't take the test is black hat with a worse punishment. It would defeat the point of turning black hat.
That's just my theory, not a sourced fact. Or even any kind of fact for that matter, but I'm betting you could license it just like white hat.
Hackers are hackers. It does not matter what they stand for, anonymous is a perfect example. You say they are another debate all together, and with that I agree, however the way they act fits perfectly with the scenarios presented in your debate's description. Wouldn't they count as 'good guys'? I mean they
re taking illegal actions, just like the hacker who might break your computer's security, but they have a noble cause....just like the hacker who yadda yadda yadda. You see where I'm going with this? A hacker is a hacker, and if we don't know who they are, and they don't have permission, they are doing something illegal, and it should be considered illegal.
What I'm reading is that you're saying give them all the opportunity to be 'good guys' or 'bad guys'. I use these quoted terms, because I prefer it to the distinction good hackers and bad hackers. The problem I see with this, is like giving a child a gun. One day he's good with it, next day he's switching the script and terrorizing the neighbor kids. I mean luckily when you tested to make sure he didn't shoot the cat he passed, but oh no somewhere along the line he became a black hat, er uh I mean 'bad guy'.
There are adults who have guns for self defense. Do some of them misuse them? Yes.
On the other hand, are guns legal if you pass a test? Yes.
I think if someone is over 18, they should be allowed to take a test for grey hacking. I say that because it's the same thing with guns and people are totally chill with those.
You're comparing owning a gun and breaking into a computer. I don't think that's similar enough to justify it's use here. I'd sooner compare breaking into someone's computer with actually pulling the gun on them. You could pull your gun on some random civilian and say I was just testing to see if you knew how to handle having a gun pulled on you. I mean he didn't shoot the guy so it's okay right? I say no.
I'm not comparing it to a gun for the action of testing. I'm talking about the situation where, using white hat computer forensics, you find someone's hacked into your system. You hack into their system to learn about what advantages and disadvantages they have over your computer. You can then either:
1. set up a better security system (the more white hat way)
2. use their information to either contact the police or stop them from being able to hack into other computers, until you CAN contact the police to arrest them
This is very reasonable. You'd contact the authorities as soon as it happened.
White hat hackers are already hired. They generally have different jobs. Most of them get paid to do pen testing for a company's network every blank months/days/weeks/etc. This is perfectly legal if your certified.
So, I'm not comparing it to a gun for the original situation I described earlier. I'm comparing it to stopping someone from hacking into your computer.
It can also be used to change your own FB colors on your page. If you believe that your public FB page should be your property, which some people do, then it's reasonable to hack into your own property.
You also would get free pen testing to your own computer from another of your own computers. I guess white hats can already do the last thing I said, but I might be wrong.
Your assuming white hat hacking is illegal, which it isn't. You just need certification and then a company can pay you to do it instead of the CIA, which is way more expensive. Obviously, the only controversial one is grey hat, which you already knew. I'm just saying that in case you made the assumption that white hat is illegal.
Just to throw in an obvious fun fact, white hats get to participate in solving cyber crimes against a company, and not just set up a better firewall/security system for them.
Is it okay to break into a bank vault just to tell the bank that their vault needs security improvements? By law I am sure this counts as a crime. Entering someone's computer without previous permission seems like a crime.
Yet, if you are licensed and both parties sign a contract, your allowed to do exactly that. It's called Pen testing. And who said that grey hat was limited to illegal pen testing?
You know, patching could be considered grey hat. That's when one adds a feature to an open source program, like Android. You might have to hack for that.
Would you consider it bad to hack into LoL servers, just to change your own character?
How about to see about another hacker attacking you, in order to better prevent them from hacking your computer? Self defense isn't okay? Security systems are all hackable, no matter what firewall you have. Isn't it possible that one could perhaps, take it beyond just having to use a firewall?
This should say "Clarify", but I clicked "dispute" out of habit.
That's different, but my point still stands. If permission isn't granted beforehand then it's illegal. I'm not even sure why you clicked "dispute". The "clarify" button would have been a more logical selection.
EDIT: This should say "Clarify", but I clicked "dispute" out of habit.
That is true, but there is an inherent sense of privacy that we have been conditioned into the populace. You really want to try and take that away from them?
Actually, some will argue that that goes against net neutrality. If you have net neutrality, then you have more privacy because the government would have less control. It sounds irrelevant, but actually if you make grey hat hacking a permanent illegality, you defeat net neutrality. Net neutrality covers a number of other topics besides hacking, but has a lot to do with how the NSA controls your information. Here's basically what it is according to wikipedia, since this is a good explanation:
Net neutrality (also network neutrality or Internet neutrality) is the principle that Internet service providers and governments should treat all data on the Internet equally, not discriminating or charging differentially by user, content, site, platform, application, type of attached equipment, and modes of communication.- wikipedia.org
So, this probably seems counter intuitive, but here's what I mean. If you allow net neutrality, then you believe in more freedom online. If you don't, then the NSA and government has to regulate information more. If information is regulated, then that allows them to better regulate grey hat hacking.
But if you believe in net neutrality (obviously, you would still punish black hat hacking even more so than before), then you believe someone should be allowed to pen test their own data, or pen test for someone else with that person's permission, or use the skill for other purposes, so long as they've been granted permission by whoever owns the data. But you believe that someone who owns their own profile on a website, or a character in a program, should be allowed to control their own character through hacking.
Why, because people would be allowed to do what they want with the data they own right? It sounds counter intuitive, as if it would be the other way around, but I'm actually saying this as accurate as I can.
They don't mention the relationship in articles online, but if you ask someone in a hackerspace (having to do with electronics, programming, etc, not just security... but it can also be that) or a security office, they'll say that if your in favor of net neutrality, then you believe in an argument for allowing some form of grey hat.
Your entire post is literalpy useless as it does not correspond to our original point which was regarding permission to view the computer in the first place.
, then you believe someone should be allowed to pen test their own data, or pen test for someone else with that person's permission, or use the skill for other purposes, so long as they've been granted permission by whoever owns the data. But you believe that someone who owns their own profile on a website, or a character in a program, should be allowed to control their own character through hacking.
Yes, this is something I would support since permission is key. Hacking your own equipment is only harming yourself and I don't think we can have many legal restraints on self harm.
I am also quite positive you do not understand the position of which I have taken up. I am aboslutely in favor of this method of "hacking" as long as permission is granted before hand.
Right, without permission it could be okay if the rule was that it was a crime as soon as someone purposely did something to the system after breaking in. Its arguable that the difference between grey and black is that black hats do damage. As soon as someone does damage, then the owner of the system would know because the system would suffer damage.