menu

The Darker Side of Crowdsourcing

BY NICK | 3 min read

Last year, the FBI found a backdoor.

After attempting to use the All Writs Act to compel the company Apple to hack into the iPhone of Syed Rizwan Farook (of the San Bernardino shooting investigation), the FBI solicited an alternative. You might have called it an “incentive competition."

Apple CEO, Tim Cook released an open letter on February 17th, 2016:

“The FBI may use different words to describe this tool, but make no mistake: building a version of iOS that bypasses security in this way would undeniably create a backdoor… And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”

“Ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.”

With this powerful statement, it became obvious to the US government as well as its citizens, that this was an event which would define principles and set precedents with widespread implications. 

None the less, bureaucracy wants what it wants. 
 

Who you gonna call? 

In the world of hackers, there are two dominant camps: “White Hats" are the paid technicians and motivated hobbyists who discover and disclose vulnerabilities in hardware and software, alerting the responsible entities to their products’ issues so that the organization may correct the problem. Generally, the actions of White Hats are perceived as ethical. 

“Black Hats” are the notorious identity thieves, also the extortionists, pranksters, the crashers, the launderers, the embezzlers. Generally, the actions of Black Hats are perceived (understandably) as unethical.

But, there is a third camp: “Grey Hats” as you might imagine, operate in a grey-area where their actions are not easily distinguishable as strictly ethical or unethical. Unlike “White Hats” their services are not offered up freely, or as a full-time employee. Unlike “Black Hats,” they do not necessarily steal or extort. More mercenary than freelancer, the actions of Grey Hats often are driven by the highest bidder.

That seems to be the case in this scenario, with the FBI paying a one-time fee (aka cash prize) to the hackers who were able to offer up a solution. The FBI is no way obligated to give their "hack" to Apple. James B. Comey, the FBI Director, has commented as far as to say that this flaw only exists in the iOS 9 operating system. All the same, if the government is in place to serve citizens, why would they not offer this vulnerability to Apple so that they might patch the problem?

“...They would fix the problem, and then we’re back where we started…” said Comey.

In other words, if they share information, they would lose their backdoor. That's something to ponder, isn't it?  Here, the FBI incentivized the delivery of a backdoor into private data, which in itself represents an unconstitutional tool for violating privacy. It is, after all, a bypass to warrants and due process.

So what does this mean for HeroX, XPRIZE, and other incentive prize communities?


Do Know Evil.

...and Don’t Be Evil.

These mantras, early bylines in Google’s Code of Conduct express the ethical responsibility of the people who create and maintain the digital infrastructure which makes a global economy, space travel, and urban living -- just to name a few -- possible.

Every time you are offered money to solve a problem or create an innovation…think carefully about it. What will come of your work?

Money is helpful, but we must consider that every innovation has a ripple effect into the future, and when we give those solutions to powerful entities, that ripple can become a tsunami.  It’s easy to feel jaded. To believe that if you don’t take the money, someone else will...and you’re probably right. Still, that shouldn't be the premise on which compromise your principles as a global citizen. Who can say if these Grey Hats working for the FBI were wrong or right? They call themselves researchers, and they needed funding. That’s understandable enough.

But following a long line of Edward Snowden, Xiao Tian, Samy Kamkar, Matthew Keys, and Frank Abagnale… It’s important to know that even if you think that what you do is straightforward or benign...significant decision points will find you, and in those moments, you’ll have to decide: are you a White Hat, Black Hat, or Grey Hat?


 

comments
Data Science
Who was Robert J. McEliece and the people behind this Cryptosystem?
Learn more about the mathematicians behind one of the world's most secure annd valuable cryptosystems.
1 min read
Data Science
Scalability of New Approach Methodologies (NAMs) and their Global Impact
Check out these five potential impacts that NAMs could have on the scale of medical research across the whole world.
3 min read
Healthcare
Artificial Intelligence (AI) and New Approach Methodologies (NAMs) in Biomedical Research
Artificial Intelligence (AI) tools are poised to play a crucial role in advancing New Approach Methodologies (NAMs), complementing and unlocking the improvements that can be achieved with these new methodologies.
2 min read