Let me state again: hackers are not necessarily the bad guys. Apart from the categories of white hats, grey hats and black hats there is another point that should be made: hacker who do reveal something which would otherwise stay secret.
Exploiting security holes to gain possession of information which is or could be interesting for a broader public would be the more careful definition. This is something the ‘UFO hacker’ became famous for and what some hackers did just a couple of days ago. They hacked into the system of Climate Research Unit of East Anglia and published 1000 documents and 3000 internal emails.
Depending on your point of view, hacking into a computer system not in order to report security breaches but to download – partially private – information, might be bad. The question is mainly about ethics. If the information gained thos way is important and should be available for a broader public, is committing the crime of breaking into the computer system rather good (caused by the intention) than bad?
Let me briefly compare this situation to real life. Someone breaks into a politician’s home, stealing some documents with the intention and suspicion that the subject is corrupt. Instead of correspondence which assures the thief and strengthens his suspicion, he finds documents revealing that the politician committed bribery himself. Subsequently, these documents are published.
First of all, there can sill be doubts about the authenticity of the documents, fair enough. Secondly, what would happen if the thief does not find anything? Additionally, even though the thief has found something (in our case), he committed a crime himself. Is he than an ordinary criminal or a modern and digitized version of Robin Hood?
From the legislative point of view it is clear. If the thief is not member of any executive of the state and has followed legal procedures while hacking into the system the thief is a bad guy no matter what he found. From the ethical point of view it might depend on what he found and how strong the evidences have been before he decided to break into the system. If he just needed proof, did not damage anything and handed over the documents to the police everything might be fine. From my cyber-libertarian point of view, I would agree with the ethical perspective. While I do think that it is okay to act like the guys in East Anglia did (or wherever they live on our beloved planet), there are some circumstances which I think are crucial to justify actions like this.
– no one should be harmed (means: deleting private files, publishing details about an affair etc.)
– no one’s privacy should be harmed (means: no copying of private pictures, diaries etc.)
– information gained this way should be shared for free on the Internet
– backdoors should be closed and security breaches not made available to other people
– unless it is important for criminal investigation, the ‘victim’ should stay anonymous
– the secrets expected there should be worth breaking into a computer system (means: if someone stole an ordinary bottle of wine from you, there are other ways to deal with it)
Why do I think that hacking has something to do with the nature of the Internet and should therefore, apart from the ethical dimension, be not condemned in general? hacking culture evolved early, probably at the same time as the first communication technologies have been developed. People using a scrambler to imitate the tone that it took to dial for free from a public telephone box which also worked for the first modems is one example. Another one was the possibility to send some bit of information via telephone lines without paying for it. That has been the precursor of modern instant messaging. Though not legal, all these examples are somehow part of the nature of the Internet.
Now you might argue that the nature of humans is brutal and so on and therefore we also developed something. Societies and passed laws have been established to live next to each other in peace and harmony. In my mind that is also true for hacking. The guidelines I think are important are noted above. Following these principles, being ethical and do-no-harm are important but some secrets revealed are also important.
Subsuming, hackers should not be regarded as criminals in general. Even though their methods might be against current laws, hackers do have principles and we can be thankful for some information they reveal – because sometimes they concern us…some day they might even contribute to safe the society as we know it.