menu

'White Hat' Hacking Encourages Programmers To Point Out Problems

While the stereotypical idea of computer coding involves hacking, in reality there are so many good uses for it. From keeping security systems running to helping administrators with hospital records, a well-debugged code is a useful tool even if you don't know the first thing about C++. After all, think of how many of us depend on commercial computer programs for our workplace and home.

But there is a growing concern that as codes get complex, even the best name-brand companies can't keep up. That's why in recent years, several companies have introduced reward programs for people who spot vulnerabilities in the code. This recently led to United Airlines awarding two computer programmers a million flight miles each -- the equivalent of dozens of typical flights.

While the reward may seem a lot, think about how crippling a crash in United's website would be. Not only are there millions of dollars lost, but cancelled flights, angry customers and a fragile reputation. In the end, ignoring these vulnerabilities is bad for the company, its users and also its shareholders. And it is not alone in this thinking.

Good computer coding is good for an infinite number of uses. Credit: Wikimedia Commons

Many big tech companies of stature have these sorts of "white hat" programs. Google has a "vulnerability reward program" for problems spotted on the websites google.com, youtube.com or blogger.com, with individual awards ranging up to $20,000 each. In June, the company also said it would have a similar program for Android (mobile devices), which shows how seriously it is taking security on those things in our pockets.

At Yahoo, rewards for its "Bug Bounty" program go as high as $15,000; so far, 523 hackers have been rewarded for their service. (This program was introduced in 2013 after the company was criticized for only offering T-shirts as rewards.) Facebook is among other companies offering these services, wihch drew the attention of a blogger at TechRepublic.

"It's kind of ingenius, if you ask me," Toni Bowers wrote. "Ask the IT community, a people who would rather find fault with something than breathe, to isolate flaws in your system. And then pay them for the info!"

Facebook is among the company encouraging people to come forward if they spot vulnerabilities. Credit: Wikimedia Commons

As computers become more prevalent in our everyday lives, programs like this could become more important. Imagine connected smart appliances such as fridges, or those programmable locks on your front door, or security cameras that sense activity in the house. The technology can work for you or against you (such as the cameras being exploited by robbers to see when people are around.)

Is ethical hacking the way to go, or are companies relying too much on Good Samaritans to help them out? It's hard to say. There are stories of operating systems being shipped too soon, and critical flaws somehow escaping notice that can do something such as reboot an iPhone. While no system is free from human error, there is the danger of hoping for help rather than doing the right work ahead of time.

Do you have an idea to ethically hack? Let us know by launching a HeroX challenge.

Top image: Wikimedia Commons

more like this
TECHNOLOGY
comments
Space
A New Horizon of Inclusion: How Satellite Innovation is Opening the World to Everyone
The dream of universal connectivity is no longer anchored to the earth; it has taken flight, ushering in an era where geography is no longer a barrier to opportunity.
2 min read
Space
Building a Secure Orbital Future: The New Era of Resilient Satellite Infrastructure
Modern space infrastructure is transforming global connectivity, and by prioritizing proactive security, we can ensure these vital systems remain robust and reliable for everyone.
3 min read
Energy, Environment & Resources
Bridging the Gap: How Local Action Cultivates the Energy Transition
Renewable energy success relies heavily on local communities, not just state or federal policies. COSSA Institute's Jeremiah Garrick emphasizes that local support ultimately makes or breaks projects, a reality currently playing out across rural Colorado.
4 min read