Bring Out the Hackers

The question implies that all hackers are bad guys or anarchists. In fact, some are patriots; many want to do good, not harm; and all of them love a puzzle.
For the past 20 years, U.S. intelligence and law enforcement agencies have come to view some hackers as allies in the quest for cybersecurity. Many software companies pay bounties to hackers who find and exploit vulnerabilities in their programs — and dozens of professional hacking firms have risen up to meet the challenge.

Imagine the sheer sport of the F.B.I. vs. Apple case. The F.B.I. moans that it can’t crack the San Bernardino shooter’s iPhone without Apple’s assistance; Apple claims its phones are so secure, the slightest compromise could do grave damage. Watching this standoff, clever hackers worldwide mused, “Let me give this a try.” One firm of such hackers has now succeeded — and it may have taken its solution to the F.B.I., not to Apple, because Apple is one of the few giants of Silicon Valley that doesn’t pay bounties.

Hackers haven’t been absorbed into the system entirely. Some are bad guys who do commerce with criminals or foreign spies. Some among the “white-hat hackers” are too rebellious to collude with government; others, who have tried, are turned away — certainly denied security clearances — because they’ve illegally downloaded music or movies in their wayward youth (which, in some cases, may have been just a few months ago).

The government should relax its standards. It’s long been known that hacking is a major problem — not just to personal banking accounts, but to the nation’s critical infrastructure and the military’s command networks. Often the best way to beat hacking is with another hacker — someone who can find and patch the holes before a bad guy exploits them. A lot of hackers want to help; the government should do more to let them.

. . . . . . . .

Leave a Reply