White hat hacking is subject to many misconceptions. A lot of people feel that hacking is unethical regardless of whether it is done by the “good guys” or “bad guys.” The US Copyright Office recently introduced changes to the DMCA to allow for security researchers to hack cards, medical devices, and other hardware to discover vulnerabilities. In doing so, affected devices and software can be patched in time to avoid consumers becoming a victim of hacking attempts.
DMCA Changes Face A Lot of Criticism
Given the recent attacks executed by IoT devices, it became apparent something will need to change. A lot of Internet-connected devices suffer from vulnerabilities that could have been patched by the manufacturers. In most cases, devices can be accessed through default logins and passwords, which is not acceptable by any means.
Giving white hat hackers carte blanche to breach IoT and medical devices in search of exploits may not be the best course of action either.While it is important to ensure devices adhere to security standards, there are different ways to go about things. Due to these DMCA changes, white hat hackers will not face any legal repercussions when they gain unauthorized access to devices.
To put this news into perspective, this new ruling allows white hat hackers to bypass device encryption. While the judgment only applies to ethical hacking methods, it is impossible to tell if these hacking attempts have the consumers’ best interests at heart. Additionally, this also gives the real hackers carte blanche to breach devices as they see fit, as it is virtually impossible to distinguish between “good” and “malicious” hacking attempts these days.
Thankfully, the DMCA exemptions will only be applicable for a two-year duration. In 2018, the US Copyright Office will review the progress being made due to this decision, and propose changes if needed. For now, the exemptions apply to made different technologies, ranging from video games to cell phones and tablets. Additionally, medical equipment and cars are also on the list since they seem very prone to hacking attempts.
For now, it remains to be seen what these changes will lead to in the long run. It is good to see white hat hackers given the option to address security vulnerabilities at an early stage. However, opening the doors for these types of hacking attempts will also invite black hat criminals to try their worst. It seems an “arms race” between the good and bad guys is looming on the horizon. Unfortunately, is it doubtful the good guys will be able to remain one step ahead.
Header image courtesy of Shutterstock