Young hacking whizz joins elite cyber team
Breaking into Sony’s online security got George Hotz into huge trouble, but Google offered him a high-salary figure with an ‘ethical hacker’ unit. Is he a good example for would-be hackers?
Aged 17, George Hotz became the first person to crack into a major American phone company’s iPhone security systems in 2007. And when he took apart the defences on the Playstation 3 in 2010, Sony threatened to destroy him with a monstrous lawsuit. It mercifully dropped the charges.
But when Hotz broke into the Google Chrome web browser earlier this year, something extraordinary happened. Google rewarded him with $150,000 for highlighting its vulnerabilities and offered him a job with ‘Project Zero’, a crack team of full-time hackers who test security systems across the web to reveal their flaws.
‘Project Zero’ is just one of many ‘ethical hacker’ groups which use their knowledge to probe security systems and warn companies about weak spots before any unscrupulous hackers find them.
‘Unethical’ hackers can be a huge threat to online safety. In April experts discovered a major security flaw known as ‘Heartbleed’ which could have given hackers access to millions of internet users’ passwords. They are now calling 2013 ‘the year of the mega breach’ as 552m people had at least part of their online security compromised.
But what counts as ‘ethical’ hacking is not always clear. After the whistleblower Edward Snowden revealed that national security agencies like the USA’s NSA and the UK’s GCHQ had access to billions of internet users’ private data, companies like Google are keen to shore up their defences. Yet security chiefs would argue that their online spying is a necessary evil for catching potential criminals and terrorists.
Ethical lines are also blurred when it comes to hackers using their abilities for what they think is the public good. Last year one ‘hacktivist’ from the hacking group ‘Anonymous’ was sentenced to ten years in prison after he released emails from a security company that had been trying to monitor him. Earlier in 2013, the highly talented coder Aaron Swartz committed suicide after receiving a 35-year prison sentence for distributing documents from a pay-to-access academic site.
The hacker’s code
Some people say that George Hotz’s hacking is a great example for young people as it shows they can practise a useful skill in an interesting way and get a reward for it. As long as hackers tell companies about any hacking achievements, they are acting ethically and responsibly while showcasing their skills.
But others would argue that Hotz walked a very fine line between criminality and success. Hackers can feel like they are using their skills for a good cause, such as disrupting what they believe to be bad companies, but this can backfire spectacularly. While Hotz got lucky, would-be hackers should not look to him for inspiration.
- Is following George Hotz’s example a good idea for would-be hackers?
- ‘All young people should be made to learn coding languages.’ Do you agree?
- In pairs, imagine you are master hackers and could hack into anything for information or to change a site. List five sites you would hack and why. Share with the class.
- Using the links in ‘Become an Expert’ research ethical hacking. What does the job involve? Create a job description for an advert.
Some People Say...
“In the future the internet will control our lives, and hackers will control the internet.”
What do you think?
Q & A
- Why should I care about hacking?
- With so much of our lives now conducted online, hackers could steal a person’s digital identity, access their bank account or learn all sorts of private things about them. Governments are also concerned about ‘cyber warfare’, in which a rival country could shut down power supplies and communications. In the future the stakes involved in hacking will only get greater.
- Can hackers practise their skills safely?
- There are websites like www.hackthissite.org which allow aspiring hackers to practise their skills safely and without breaking into sensitive data. Groups like ‘Young Rewired State’ also provide hacking competitions for young people. The government is very keen to encourage young people to engage with coding, so look out for other events.
- Experts discovered that there was a backdoor for hackers in OpenSSL. This is a system which encrypts, or codes, users’ data so that the details of someone making an online payment cannot be discovered. Some of the world’s largest companies, like Google, Facebook and Dropbox use its services.
- The former American intelligence worker revealed that spies at the National Security Agency and the British Government Communication Headquarters had been secretly collecting data on the online activity of millions of their own citizens.
- Anonymous is a loose collective of hackers who target governments and corporations which they believe have engaged in unethical behaviour.
- Swartz co-founded the highly successful Reddit website and was widely respected for his talents. He died aged just 26.
- JSTOR is a huge online academic archive which many universities subscribe to. While it did not press charges against Swartz, the government nevertheless came down hard on him to deter others from acting similarly.