argumentative essay on hacker ethics
TRANSCRIPT
-
8/9/2019 Argumentative Essay on Hacker Ethics
1/11
Zhou
Meizhuo Zhou
INFO 450
Term paper
Hacker ethics is a controversial topic as technology has become increasingly popular.
Spafford talked about the ethics of hacker break-ins in his article Are computer hacker
break-ins ethical? I will briefly present his premises and arguments in part 1 and refute some
of his premises in part 2. And I will object to my own critique as Spafford in part 3 and
express my opinion in part 4.
PART I
The main argument that Spafford presents in his essay is that the right is determined
by the action, not the result. In other words, the end does not justify the means. Thus,
computer hackings, even when no noticeable damage results, are unethical. The first premise
he gives in the article is that our society values the process more than the outcome. Although
there are philosophies that consider the act as the ultimate measure of an activity, our society
does not agree with that. The reason why we are concerned with issues of due process and
civil rights is because we consider the act more important. Spafford supports his premise with
the hypothetical example that if the government beheaded one hundred smokers on national
television, that would likely make other smokers quit smoking, thus improving the health of
the general populace and protecting the environment from smoking pollution. However,
everyone would consider this action to be immoral because even if most people benefit from
the activity, the execution of innocent people will always be immoral, even if only one man
dies. In this case, we would not view the end as justifying the case. Similarly, he believes that
even if hackers are bringing the right result, even in the case when someone is trying to save
a life, breaking into other peoples computer systems will always be considered unethical.
1
-
8/9/2019 Argumentative Essay on Hacker Ethics
2/11
Zhou
Spafford also demonstrates that we should not consider the results of an act as the
ultimate measure of good because it is difficult to determine the scope and long-term effects
of an action and to discern the causes. A system of morals that considers only the results of
our actions could not allow us to evaluate our current activities at the time when we would
need such supervision. Similarly, if we try to judge the ethics of computer hackings by the
total result, we would not be able to make such a judgment. And if we make any assumption
of the result, it would be wrong. For example, in the case of computer hacking, we cannot
know if increased security awareness is better for society in the long term or if it will result in
greater costs. We also do not have the capacity to trace every incident of computer break-ins
constantly. He believes that it is impossible for us to use the result of an act as a measurement
of morality because the result is too difficult to predict and understand. Thus, to determine
the morality of an action immediately, we should consider the action itself as the ultimate
measure of good instead of using the result as an indication.
Spafford then presents and debates some of the most commonly used reasons that
hackers use to explain their actions. The security argument argues that break-ins illustrate
security problems to a community that would otherwise not note those problems. This
argument explains that even though the action of breaking into other peoples computer
systems is wrong, the result in alerting people to note the flaw of their system makes the
activity morally right. In addition, hackers claim that their hackings are harmless, they are
just trying to learn from the system. Spafford disagrees with the arguments by assuming that
the purpose of computers in the first place is to serve as tools and resources, not as exercises
in finding security flaws. Exercises in security cannot become the reason for people to
constantly break into other peoples computer systems. He states that if such exercises could
2
-
8/9/2019 Argumentative Essay on Hacker Ethics
3/11
Zhou
be considered moral, then breaking into other peoples houses can also be moral because it
demonstrates that they are susceptible to burglars.
In conclusion, Spafford argues that computer break-ins are unethical even if the result
is an improvement in security, because the activity itself is immoral and disruptive.
Computers are used to protect our lives, not to make us lose our privacy and property.
Therefore, no break-in is moral and ethical.
PART 2
Although Spafford states great points to support his arguments, a few of his
assumptions are incorrect. First, he assumes that the society is running under the conception
that the action is more important than the result. He believes that to consider the result of an
act as the final measure of right is often impossible in real life because of the difficulty in
interpreting what the result is from arbitrary activities. I believe this premise is wrong. Our
society considers both actions and results equally as measures of good. Consequentialism
suggests that right or wrong depends on the consequences of an act, and that the more good
consequences are produced, the better the act. Thus people should choose the action that
maximizes good consequences. Utilitarianism also states that people should maximize total
benefit depending on the result. Correspondingly, when we perform an action, we tend to try
to predict the result of the act and assess how well it conforms to certain stable ethical
principles. This suggests that under the influence of our society, we tend to make decisions
based on the result than the act. Therefore we cant say that our society treats the act as the
measurement of morality.
Moreover, people cant decide if an action or result is moral or not exclusively by
itself. The courts and laws exist because we need judges to decide if the situation requires us
to consider either action or result as the indication of morality. For example, if a criminal is
3
-
8/9/2019 Argumentative Essay on Hacker Ethics
4/11
Zhou
kidnapping a girl, the policeman in the end shoots the criminal and saves the girl. The action
itself is obviously bad; no one has the right to kill another human being. However, the killing
of the criminal is considered to be moral by society and supported by the law because in this
situation, the result is more important: the policeman saves the girl and prevents further
damage to happen. Thus, Spaffords assumption that society considers the action more
important is wrong.
Furthermore, Spafford assumes that our society is incapable of determining the long-
term result of an action. He states that if we only consider the result of an action, we will not
be able to evaluate our current activity. Thus, we should not consider the result of an action
as a measure of morality. This premise is also wrong. The argument for utilitarianism usually
states that We should make decisions based on what we know of the results of a given
action. It is not always necessary, however, to analyze everything based on the long-term
result. Furthermore, history and statistics are two powerful tools for people to predict the
results of certain things. We collect, analyze, and interpret real-world data and use it as a
measurement of a beginning point. Government uses statistics to arrange for health care
utilization, resource allocation, needs assessment, and quality improvement of goods and
services. People use statistics in literally everything they do. For example, we all know that if
we study hard, we will be more likely to receive better grades than if we do not study at all.
Thus, we are able to determine the long-term result of an action by previous statistical data.
For computer break-ins, we can also analyze the damage a break-in can cause and compare it
to the long-term effect. For example, if a hacker hacks a computer system successfully and
does not cause any damage to the system, the administrator of the system will come to the
realization that there are some flaws in the system, prompting them to fix those flaws. This
action can prevent future hacking and internal operation error. Furthermore, a security team
4
-
8/9/2019 Argumentative Essay on Hacker Ethics
5/11
Zhou
called Codenomicon recently discovered the security bug in open source OpenSSL, called
Heartbleed. Open source SSL is widely used by major websites including Github, Pinterest,
Tumblr, etc. If the bug was not discovered and fixed, any criminal who intend to hack these
websites using the flaw in the code would have been able to look at your private information.
Thus, harmless hackings exist and can even prevent future hacking and internal operation
error. This suggests that long-term results of hacking are not unknowable and well-intended
hacking could prevent worse results.
In conclusion, the premises Spafford offers in his essay, that the end does not justify
the means and that we cannot determine the long-term result are incorrect. Therefore, the
conclusion Spafford provides that computer break-ins are unethical is not correct.
PART 3
The critique in part 2 states that our society values both actions and results equally as
measures of good. Spafford would not agree with the statement because he believes that our
society considers the process more important than the outcome. We define ethics as the
discipline dealing with what is good and bad and with moral duty and obligation. In other
words, ethics is the indication of what we ought to do in a given situation instead of what
consequence we ought to achieve. As a society, we place more importance on how you play
the game than whether you win or lose. If we try our best to do one thing and even if the
result is not satisfying, we can learn from the experience and get better. A bad result does not
necessarily make the activity a bad activity.
On the other hand, if our society puts more weight on results than actions, people
would try everything to get the best result, even if the process is unethical. There will be no
ethics because all we care about will be the consequences. Perhaps we can do the greatest
overall if we forcibly stop people from wasting their time on useless things like watching TV,
5
-
8/9/2019 Argumentative Essay on Hacker Ethics
6/11
Zhou
drinking, partying etc., but this way of thinking is obviously inhuman and immoral. Spafford
would give a example such as if a criminal robs a bank and uses the money to help the poor,
can we say that what the criminal does is moral? No, because the action is immoral no matter
what the outcome. A moral consequence cannot justify the action. Similarly, in the case of
when hacking can bring good consequences, we still should not call it moral. Basing our
morality on results will only encourage every hacker to use that as an excuse for breaking
into other peoples computers unnecessarily.
To discuss the example in part 2, although it is true when a criminal is kidnapping a
girl, the police have the right to kill the criminal, Spafford would argue that it is a very
special case that cannot be used to draw conclusions about the ethics of results in different
circumstances. Police and soldiers are the only groups of people who are allowed by the law
to kill someone. It is beyond the scope or intent of this paper to discuss why police have the
right to kill other human beings. In most cases in court, judges determine the guilt of a
potential criminal based on his or her actions, not the result. The law suggests that an
American citizen cant deprive any other person of the right to live. Nobody has the right to
kill a serial murderer unless out of self-defense. Therefore, the example you used in your part
2 does not defend your critique; you do not have enough evidence to show that our society
and courts base their judgments on results.
For the second objection of Spaffords premise, he would argue with an ancient
Chinese philosophy called a loss, not bad thing. This philosophy supports the idea that we
cannot predict outcomes. This story is about an old man who once accidentally lost his horse,
so everyone consoled him. But he said, why should I conclude that it is not fortunate? Several
months later, the horse came back accompanied by another stallion, so everyone
congratulated him. But he said, why should I conclude this could not be unfortunate? Several
6
-
8/9/2019 Argumentative Essay on Hacker Ethics
7/11
Zhou
months later, the son fell off the horse and broke his leg. So everyone consoled the man. But
the man said, why should I conclude that this is not fortunate? One year later, the war started
and the army chose nine out of ten men in the village and they all died. The only man who
was not chosen was the mans son, because of his broken leg. This story suggests that it can
be difficult to foresee anything, that the fortunate can turn out to be unfortunate and vice
versa. Although sometimes the long-term results could be a reflection of the short-term result,
the result can change dramatically over time and be entirely unpredictable. People are often
unable to see the full scope of an activity and the truth behind the result. When judging
whether the results of an action are positive or negative, it is not practical to wait until every
possible result has occurred before we judge the action as good or bad.
Although the critique in part two suggests that we can use historical and statistical
data to help us to predict the outcome, Spafford does not think we can always predict the
correct outcome using those data. As Marxism suggests, different cases require different
ways of analyzing. Every activity has different consequences; no one has the ability to
guarantee a given outcome. For example, I studied hard and practiced a lot for my math exam
and received a really good grade in the end. I then learned that in order to get a good grade, I
should practice a lot. Then this quarter, Im learning philosophy; I practiced a lot of old
questions but I did not receive a good grade. This is because philosophy requires more
memorizing than math. Thus, I cant use my previous experience to predict the same result.
Many philosophers share this opinion. Kantian ethics suggests that consequences cannot be
predicted. To determine if an activity is right or wrong, we should always look at the actions.
Consequentialists also agree that we are able to predict the tendency of an activity but that not
always is reflected in the outcome. Lastly, Edgar Morin proposes that, Most consequences
7
-
8/9/2019 Argumentative Essay on Hacker Ethics
8/11
Zhou
are out of our hands. Some are because of the actions of others, some due to our cognitive
inability to know everything (Morin).
Therefore, because we are unable to foresee the overall result of an activity, we
cannot use the result as the measurement of good. As for computer break-ins, we cant treat
them as ethical just because they produce good results. You may say that computer break-ins
can increase security awareness, but they can also attract more hackers to break into the
computer system and cause further damage.
PART 4
From my perspective, I agree with the authors opinion. I think that computer
break-ins are always unethical and we should forbid people from breaking into other peoples
computer systems.
First of all, I think that hacking is a violation of privacy and a disrespect of the
ownership of data. Therefore, it is unethical. Every individual or company has the right to
secure sensitive data and prevent other people from seeing or using it. Information is a part of
our property rights; items like bank balances, medical records, personal journals, and even
childhood pictures are our own property. Clearly, you do not want unauthorized persons to
gain access to your personal information. Even if a hacker is not an identity thief, most
people will not feel comfortable knowing that someone who is completely a stranger to you
knows everything about you. Moreover, companies have confidential information such
employee records, financial records, etc. If hackers can control and alter information, we
would no longer be able to trust the correctness of that information. Even if the hacking does
not cause any harm to the company, the information will not be trustworthy and may cause
chaos and unnecessary spending.
8
-
8/9/2019 Argumentative Essay on Hacker Ethics
9/11
Zhou
Second, I have the same opinion as Spafford, that we should use actions as the
measurements of morality. I do not agree that the end justifies the means. This theory will
only encourage people to achieve their goals through any means necessary, no matter how
immoral, illegal, or unpleasant those means may be. We should not let good consequences
be the excuse for an immoral activity like hacking. Moreover, it is often difficult to know
what the ends are. In chaos theory, the butterfly effect suggests that one small change in one
place can cause a large effect in another. The butterfly may never know that it can cause the
tornado in another place. Similarly, some hackers initiate hacking only to cause internal
system failure or system algorithm disclosure. Hackers dont have the ability to control the
overall consequences of hacking. In order to prevent any damage to systems, we should never
allow hacking to be moral or legal.
Lastly, there is a group of people called ethical hackers who claim that hacking is
ethical. Before discussing my opinion on ethical hacking, I would like to define the term. An
ethical hacker is a computer expert who attacks a computer system to loo for vulnerabilities
that a criminal hacker could exploit. An ethical hackers commitment is to test the system and
report the problem to its owner instead of taking advantage of it. Ethical hacking is to help a
company or individual identify potential threats to the computer system. The owners of the
system can then use what the ethical hacker finds to improve their system security. In order
for hacking to be ethical, ethical hackers must follow the rules for hacking: to have
permission to hack the computer and identify potential security risks; only look for security
flaws; and report the security vulnerabilities instead of letting the system remain insecure.
Although it may seem that what ethical hackers are doing is completely ethical and
can justify the behavior of hacking, I dont think ethical hackers are hackers at all, but merely
tech employees. Therefore, my argument that all hacking is unethical is still supported. It is
9
-
8/9/2019 Argumentative Essay on Hacker Ethics
10/11
Zhou
the same concept of your hiring a locksmith to unlock your door when you forget the keys.
You never really think about if the locksmith is ethical or not. You trust the locksmith to
break your lock and you know that he will not do more or less than his job. Breaking into
someone elses door without permission is obviously unethical and it is called breaking and
entering or theft. But do we call a person with permission to break the door an ethical
thief? No, we call him a locksmith. Calling the locksmith ethical does not make the activity
of breaking in ethical. It is just two completely different terms. Thus, why should we hire a
hacker by calling him or her ethical? The ethical hacker should just be a temporary
employee or security company rather than a hacker. Calling someone who is hired to break
into your computer ethical does not make computer hacking ethical. Ethical hackers are
called that because they use same tools and methods that other hackers do. Thus what makes
them ethical hackers is the end, not the means. Therefore, since ethical hacking does not
belong to the activity of real hacking, my argument that all hackings are ethical is still
supported.
In conclusion, Spafford suggested that hacking is unethical because the action itself is
unethical. He supported his argument with the premises that our society considers the action
instead of the result as the measurement of morality and that we are unable to foresee the
long-term result of an activity. A critique for Spaffords argument could be that our society
considers both action and result when determining what is ethical, and we can predict the
result by evaluating the current consequences. Spafford would defend his argument by stating
that if we always consider the result as the indication of morality, we would be dishonest and
society would be in a state of chaos. He would also argue that the result could be
unpredictable and surprising. We should not risk evaluating things depending on the result.
Lastly, I agree with Spaffords opinion on computer hacking; I think computer break-ins are
10
-
8/9/2019 Argumentative Essay on Hacker Ethics
11/11
Zhou
unethical and a violation of privacy. Hacking with good motivation and permission should
not be considered hacking. Therefore, all hackings are unethical.
Notes
1. Morin, Edgar. On complexity.Hampton Press, 2008. 38-59
2. Spafford, Eugene. Are computer break-ins ethical? Journal of Systems Software 17
(Elsevier Science Inc., 1992).
11