argumentative essay on hacker ethics

8/9/2019 Argumentative Essay on Hacker Ethics

1/11

Zhou

Meizhuo Zhou

INFO 450

Term paper

Hacker ethics is a controversial topic as technology has become increasingly popular.

Spafford talked about the ethics of hacker break-ins in his article Are computer hacker

break-ins ethical? I will briefly present his premises and arguments in part 1 and refute some

of his premises in part 2. And I will object to my own critique as Spafford in part 3 and

express my opinion in part 4.

PART I

The main argument that Spafford presents in his essay is that the right is determined

by the action, not the result. In other words, the end does not justify the means. Thus,

computer hackings, even when no noticeable damage results, are unethical. The first premise

he gives in the article is that our society values the process more than the outcome. Although

there are philosophies that consider the act as the ultimate measure of an activity, our society

does not agree with that. The reason why we are concerned with issues of due process and

civil rights is because we consider the act more important. Spafford supports his premise with

the hypothetical example that if the government beheaded one hundred smokers on national

television, that would likely make other smokers quit smoking, thus improving the health of

the general populace and protecting the environment from smoking pollution. However,

everyone would consider this action to be immoral because even if most people benefit from

the activity, the execution of innocent people will always be immoral, even if only one man

dies. In this case, we would not view the end as justifying the case. Similarly, he believes that

even if hackers are bringing the right result, even in the case when someone is trying to save

a life, breaking into other peoples computer systems will always be considered unethical.

1


2/11

Zhou

Spafford also demonstrates that we should not consider the results of an act as the

ultimate measure of good because it is difficult to determine the scope and long-term effects

of an action and to discern the causes. A system of morals that considers only the results of

our actions could not allow us to evaluate our current activities at the time when we would

need such supervision. Similarly, if we try to judge the ethics of computer hackings by the

total result, we would not be able to make such a judgment. And if we make any assumption

of the result, it would be wrong. For example, in the case of computer hacking, we cannot

know if increased security awareness is better for society in the long term or if it will result in

greater costs. We also do not have the capacity to trace every incident of computer break-ins

constantly. He believes that it is impossible for us to use the result of an act as a measurement

of morality because the result is too difficult to predict and understand. Thus, to determine

the morality of an action immediately, we should consider the action itself as the ultimate

measure of good instead of using the result as an indication.

Spafford then presents and debates some of the most commonly used reasons that

hackers use to explain their actions. The security argument argues that break-ins illustrate

security problems to a community that would otherwise not note those problems. This

argument explains that even though the action of breaking into other peoples computer

systems is wrong, the result in alerting people to note the flaw of their system makes the

activity morally right. In addition, hackers claim that their hackings are harmless, they are

just trying to learn from the system. Spafford disagrees with the arguments by assuming that

the purpose of computers in the first place is to serve as tools and resources, not as exercises

in finding security flaws. Exercises in security cannot become the reason for people to

constantly break into other peoples computer systems. He states that if such exercises could

2


3/11

Zhou

be considered moral, then breaking into other peoples houses can also be moral because it

demonstrates that they are susceptible to burglars.

In conclusion, Spafford argues that computer break-ins are unethical even if the result

is an improvement in security, because the activity itself is immoral and disruptive.

Computers are used to protect our lives, not to make us lose our privacy and property.

Therefore, no break-in is moral and ethical.

PART 2

Although Spafford states great points to support his arguments, a few of his

assumptions are incorrect. First, he assumes that the society is running under the conception

that the action is more important than the result. He believes that to consider the result of an

act as the final measure of right is often impossible in real life because of the difficulty in

interpreting what the result is from arbitrary activities. I believe this premise is wrong. Our

society considers both actions and results equally as measures of good. Consequentialism

suggests that right or wrong depends on the consequences of an act, and that the more good

consequences are produced, the better the act. Thus people should choose the action that

maximizes good consequences. Utilitarianism also states that people should maximize total

benefit depending on the result. Correspondingly, when we perform an action, we tend to try

to predict the result of the act and assess how well it conforms to certain stable ethical

principles. This suggests that under the influence of our society, we tend to make decisions

based on the result than the act. Therefore we cant say that our society treats the act as the

measurement of morality.

Moreover, people cant decide if an action or result is moral or not exclusively by

itself. The courts and laws exist because we need judges to decide if the situation requires us

to consider either action or result as the indication of morality. For example, if a criminal is

3


4/11

Zhou

kidnapping a girl, the policeman in the end shoots the criminal and saves the girl. The action

itself is obviously bad; no one has the right to kill another human being. However, the killing

of the criminal is considered to be moral by society and supported by the law because in this

situation, the result is more important: the policeman saves the girl and prevents further

damage to happen. Thus, Spaffords assumption that society considers the action more

important is wrong.

Furthermore, Spafford assumes that our society is incapable of determining the long-

term result of an action. He states that if we only consider the result of an action, we will not

be able to evaluate our current activity. Thus, we should not consider the result of an action

as a measure of morality. This premise is also wrong. The argument for utilitarianism usually

states that We should make decisions based on what we know of the results of a given

action. It is not always necessary, however, to analyze everything based on the long-term

result. Furthermore, history and statistics are two powerful tools for people to predict the

results of certain things. We collect, analyze, and interpret real-world data and use it as a

measurement of a beginning point. Government uses statistics to arrange for health care

utilization, resource allocation, needs assessment, and quality improvement of goods and

services. People use statistics in literally everything they do. For example, we all know that if

we study hard, we will be more likely to receive better grades than if we do not study at all.

Thus, we are able to determine the long-term result of an action by previous statistical data.

For computer break-ins, we can also analyze the damage a break-in can cause and compare it

to the long-term effect. For example, if a hacker hacks a computer system successfully and

does not cause any damage to the system, the administrator of the system will come to the

realization that there are some flaws in the system, prompting them to fix those flaws. This

action can prevent future hacking and internal operation error. Furthermore, a security team

4


5/11

Zhou

called Codenomicon recently discovered the security bug in open source OpenSSL, called

Heartbleed. Open source SSL is widely used by major websites including Github, Pinterest,

Tumblr, etc. If the bug was not discovered and fixed, any criminal who intend to hack these

websites using the flaw in the code would have been able to look at your private information.

Thus, harmless hackings exist and can even prevent future hacking and internal operation

error. This suggests that long-term results of hacking are not unknowable and well-intended

hacking could prevent worse results.

In conclusion, the premises Spafford offers in his essay, that the end does not justify

the means and that we cannot determine the long-term result are incorrect. Therefore, the

conclusion Spafford provides that computer break-ins are unethical is not correct.

PART 3

The critique in part 2 states that our society values both actions and results equally as

measures of good. Spafford would not agree with the statement because he believes that our

society considers the process more important than the outcome. We define ethics as the

discipline dealing with what is good and bad and with moral duty and obligation. In other

words, ethics is the indication of what we ought to do in a given situation instead of what

consequence we ought to achieve. As a society, we place more importance on how you play

the game than whether you win or lose. If we try our best to do one thing and even if the

result is not satisfying, we can learn from the experience and get better. A bad result does not

necessarily make the activity a bad activity.

On the other hand, if our society puts more weight on results than actions, people

would try everything to get the best result, even if the process is unethical. There will be no

ethics because all we care about will be the consequences. Perhaps we can do the greatest

overall if we forcibly stop people from wasting their time on useless things like watching TV,

5


6/11

Zhou

drinking, partying etc., but this way of thinking is obviously inhuman and immoral. Spafford

would give a example such as if a criminal robs a bank and uses the money to help the poor,

can we say that what the criminal does is moral? No, because the action is immoral no matter

what the outcome. A moral consequence cannot justify the action. Similarly, in the case of

when hacking can bring good consequences, we still should not call it moral. Basing our

morality on results will only encourage every hacker to use that as an excuse for breaking

into other peoples computers unnecessarily.

To discuss the example in part 2, although it is true when a criminal is kidnapping a

girl, the police have the right to kill the criminal, Spafford would argue that it is a very

special case that cannot be used to draw conclusions about the ethics of results in different

circumstances. Police and soldiers are the only groups of people who are allowed by the law

to kill someone. It is beyond the scope or intent of this paper to discuss why police have the

right to kill other human beings. In most cases in court, judges determine the guilt of a

potential criminal based on his or her actions, not the result. The law suggests that an

American citizen cant deprive any other person of the right to live. Nobody has the right to

kill a serial murderer unless out of self-defense. Therefore, the example you used in your part

2 does not defend your critique; you do not have enough evidence to show that our society

and courts base their judgments on results.

For the second objection of Spaffords premise, he would argue with an ancient

Chinese philosophy called a loss, not bad thing. This philosophy supports the idea that we

cannot predict outcomes. This story is about an old man who once accidentally lost his horse,

so everyone consoled him. But he said, why should I conclude that it is not fortunate? Several

months later, the horse came back accompanied by another stallion, so everyone

congratulated him. But he said, why should I conclude this could not be unfortunate? Several

6


7/11

Zhou

months later, the son fell off the horse and broke his leg. So everyone consoled the man. But

the man said, why should I conclude that this is not fortunate? One year later, the war started

and the army chose nine out of ten men in the village and they all died. The only man who

was not chosen was the mans son, because of his broken leg. This story suggests that it can

be difficult to foresee anything, that the fortunate can turn out to be unfortunate and vice

versa. Although sometimes the long-term results could be a reflection of the short-term result,

the result can change dramatically over time and be entirely unpredictable. People are often

unable to see the full scope of an activity and the truth behind the result. When judging

whether the results of an action are positive or negative, it is not practical to wait until every

possible result has occurred before we judge the action as good or bad.

Although the critique in part two suggests that we can use historical and statistical

data to help us to predict the outcome, Spafford does not think we can always predict the

correct outcome using those data. As Marxism suggests, different cases require different

ways of analyzing. Every activity has different consequences; no one has the ability to

guarantee a given outcome. For example, I studied hard and practiced a lot for my math exam

and received a really good grade in the end. I then learned that in order to get a good grade, I

should practice a lot. Then this quarter, Im learning philosophy; I practiced a lot of old

questions but I did not receive a good grade. This is because philosophy requires more

memorizing than math. Thus, I cant use my previous experience to predict the same result.

Many philosophers share this opinion. Kantian ethics suggests that consequences cannot be

predicted. To determine if an activity is right or wrong, we should always look at the actions.

Consequentialists also agree that we are able to predict the tendency of an activity but that not

always is reflected in the outcome. Lastly, Edgar Morin proposes that, Most consequences

7


8/11

Zhou

are out of our hands. Some are because of the actions of others, some due to our cognitive

inability to know everything (Morin).

Therefore, because we are unable to foresee the overall result of an activity, we

cannot use the result as the measurement of good. As for computer break-ins, we cant treat

them as ethical just because they produce good results. You may say that computer break-ins

can increase security awareness, but they can also attract more hackers to break into the

computer system and cause further damage.

PART 4

From my perspective, I agree with the authors opinion. I think that computer

break-ins are always unethical and we should forbid people from breaking into other peoples

computer systems.

First of all, I think that hacking is a violation of privacy and a disrespect of the

ownership of data. Therefore, it is unethical. Every individual or company has the right to

secure sensitive data and prevent other people from seeing or using it. Information is a part of

our property rights; items like bank balances, medical records, personal journals, and even

childhood pictures are our own property. Clearly, you do not want unauthorized persons to

gain access to your personal information. Even if a hacker is not an identity thief, most

people will not feel comfortable knowing that someone who is completely a stranger to you

knows everything about you. Moreover, companies have confidential information such

employee records, financial records, etc. If hackers can control and alter information, we

would no longer be able to trust the correctness of that information. Even if the hacking does

not cause any harm to the company, the information will not be trustworthy and may cause

chaos and unnecessary spending.

8


9/11

Zhou

Second, I have the same opinion as Spafford, that we should use actions as the

measurements of morality. I do not agree that the end justifies the means. This theory will

only encourage people to achieve their goals through any means necessary, no matter how

immoral, illegal, or unpleasant those means may be. We should not let good consequences

be the excuse for an immoral activity like hacking. Moreover, it is often difficult to know

what the ends are. In chaos theory, the butterfly effect suggests that one small change in one

place can cause a large effect in another. The butterfly may never know that it can cause the

tornado in another place. Similarly, some hackers initiate hacking only to cause internal

system failure or system algorithm disclosure. Hackers dont have the ability to control the

overall consequences of hacking. In order to prevent any damage to systems, we should never

allow hacking to be moral or legal.

Lastly, there is a group of people called ethical hackers who claim that hacking is

ethical. Before discussing my opinion on ethical hacking, I would like to define the term. An

ethical hacker is a computer expert who attacks a computer system to loo for vulnerabilities

that a criminal hacker could exploit. An ethical hackers commitment is to test the system and

report the problem to its owner instead of taking advantage of it. Ethical hacking is to help a

company or individual identify potential threats to the computer system. The owners of the

system can then use what the ethical hacker finds to improve their system security. In order

for hacking to be ethical, ethical hackers must follow the rules for hacking: to have

permission to hack the computer and identify potential security risks; only look for security

flaws; and report the security vulnerabilities instead of letting the system remain insecure.

Although it may seem that what ethical hackers are doing is completely ethical and

can justify the behavior of hacking, I dont think ethical hackers are hackers at all, but merely

tech employees. Therefore, my argument that all hacking is unethical is still supported. It is

9


10/11

Zhou

the same concept of your hiring a locksmith to unlock your door when you forget the keys.

You never really think about if the locksmith is ethical or not. You trust the locksmith to

break your lock and you know that he will not do more or less than his job. Breaking into

someone elses door without permission is obviously unethical and it is called breaking and

entering or theft. But do we call a person with permission to break the door an ethical

thief? No, we call him a locksmith. Calling the locksmith ethical does not make the activity

of breaking in ethical. It is just two completely different terms. Thus, why should we hire a

hacker by calling him or her ethical? The ethical hacker should just be a temporary

employee or security company rather than a hacker. Calling someone who is hired to break

into your computer ethical does not make computer hacking ethical. Ethical hackers are

called that because they use same tools and methods that other hackers do. Thus what makes

them ethical hackers is the end, not the means. Therefore, since ethical hacking does not

belong to the activity of real hacking, my argument that all hackings are ethical is still

supported.

In conclusion, Spafford suggested that hacking is unethical because the action itself is

unethical. He supported his argument with the premises that our society considers the action

instead of the result as the measurement of morality and that we are unable to foresee the

long-term result of an activity. A critique for Spaffords argument could be that our society

considers both action and result when determining what is ethical, and we can predict the

result by evaluating the current consequences. Spafford would defend his argument by stating

that if we always consider the result as the indication of morality, we would be dishonest and

society would be in a state of chaos. He would also argue that the result could be

unpredictable and surprising. We should not risk evaluating things depending on the result.

Lastly, I agree with Spaffords opinion on computer hacking; I think computer break-ins are

10


11/11

Zhou

unethical and a violation of privacy. Hacking with good motivation and permission should

not be considered hacking. Therefore, all hackings are unethical.

Notes

1. Morin, Edgar. On complexity.Hampton Press, 2008. 38-59

2. Spafford, Eugene. Are computer break-ins ethical? Journal of Systems Software 17

(Elsevier Science Inc., 1992).

11

argumentative essay on hacker ethics

Documents