Episode: 325
Title: HPR0325: RoundTable Ep 2: Is There such a thing as Ethical Hacking?
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0325/hpr0325.mp3
Transcribed: 2025-10-07 16:25:05

---

MUSIC
This is Hacker Public Radio, round table episode number two.
The topic today is, is there such a thing as ethical hacking or are we all just evil?
I've got three panelists on with me.
I've got 330 from LinuxCranx.info.
Hello.
I have Nick from the Open Source Musicians podcast.
I've got AJ from Linux Geekdom Podcast.
Hey there, guys.
Actually, I think, I mean, 330, I know you've been on HPR a couple of times.
Nick, is this your first HPR episode?
It is.
Cool.
And AJ, this is your first HPR episode.
Yes.
Great.
So, that's cool.
So, I guess, first, we should probably start by defining what exactly we are talking
about when we say hacking.
There's, I know, there's penetration of networks.
Let's see.
There's crackers.
Let's say, as far as I figure it, there's only two groups that ever call themselves hackers.
There are hackers who are people that sit down at a problem and pound on it until they find
a solution.
Yeah.
And then there are criminals, which do the exact same thing, but do it for a criminal
reason.
I believe they are called crackers and crackers.
A lot of them fit of hackers.
Yeah.
I just call them criminals.
They already have a name.
And yet, there is, but there is a concept of an ethical hacker.
Yeah.
Well, usually an ethical hacker is someone who does a criminal act, but for a good reason.
Like, people that did us child porn sites and things like that.
It's really, it's basically direct action.
It is absolutely illegal, but you're doing it for a higher reason.
And then there's people who work at different security companies that are basically glorified
beta testers, but are hacking networks, so it's to find loopholes, so it's to patch
stuff.
Right.
Yeah, yeah.
But that's usually their own internal network that they're hacking.
Usually, yeah, but not always.
Sometimes they're hired by outside companies to hack it, but it's still usually a sanctioned
network.
It's not like they're sitting out on the internet trying to break things.
Yeah.
They have written permission and all that good stuff.
Yeah.
And when I think of hacking, especially on the hardware side, you know, I think of making
something to what it's not meant for it.
Yeah.
And that can be a lot of fun.
Hardware hacking.
Yeah.
And that's a whole other dimension.
And strangely enough, there's a criminal element to that, too.
At least if you follow the letter of the law, because companies don't want you messing
with their intellectual property, which is kind of weird and ridiculous to me, but I guess
that's the question.
It kind of makes you wonder, though, it's you bought the hardware.
They're never really going to get it back.
Why would they go and care?
Say a lot of times they don't, unless there's a service attached to it, like a Tivo.
Tivo is a GPL V2 device.
By the GPL, you can do pretty much whatever you want with it as long as you don't restrict
anyone else from doing it.
But because there's a network service behind it, if you hack your Tivo and then put it
on the Tivo network of software and stuff, they can make your Tivo no longer work.
Well, and the thing was purely for the game consoles, too.
Okay.
Hack your game console.
You can no longer play online games, that's for sure.
So I mean, that is.
That's them definitely telling you that you're not allowed to do something with your hardware
that you purchased.
And if you do anything out of that they can detect that is out of the realms of their
intention, you don't get to play ball with them.
See, I think the whole hacking industry, you could say, is just whether it be software
or hardware, the whole thing really just depends on your motives behind it.
Like it was brought out earlier.
Like if you're trying to find, like they said, shut down the child porn sites.
I remember some guy in the, I'm trying to remember when, this fight, I don't remember
exactly, but he hacked the WPA security standard and he basically had found a hole by hacking
it.
But then he reported it so they fixed it and really saved a lot of people because that
could have opened up a really, really big hole in the entire Internet security.
Yeah, so the whole full disclosure kind of thing.
Yeah.
As long as you notify everyone after you've destroyed or found the problem with whatever
you're hacking on, then it's okay.
And I think there is hacking that's kind of harmless.
I've heard of people who have hacked targets internal network and started messing with
the lights, so it just goes on and off.
I mean, that's the kind of stuff that might they be like, what's going on?
But as long as they don't destroy stuff, feel like employee records and stuff or credit
card numbers, I mean, that can be kind of harmless, so I wouldn't say it's ethical, but
I wouldn't really say it's unethical.
You know what I would almost, I would argue that it was ethical because those people are
furthering their knowledge about something and you never know what they're going to go
on to do because they're starting out hacking targets, you know, internal lighting system.
Yeah.
To be safe.
But by turning the lights off and on though, you could actually, there are problems with
that.
Yeah.
People in safety hazards.
Yeah.
People inside the store could, you know, run into something, run into one of those shells
and cut themselves or something like that.
Yeah, or panic or something.
Or, yeah.
All right.
So it's unethical.
But I still think the spirit is ethical because you are furthering your knowledge.
I mean, I guess it's not ethical or unethical that I'm talking about.
It's just like being responsible, I guess.
Yeah.
Because, you know, I know how to change the traffic signal outside my house.
Am I going to do it?
It's probably not.
But the fact that I learned how to do it and know how that just works.
Exactly.
You know, there's nothing wrong with that.
Yeah.
There's nothing wrong with the knowledge and obtaining a knowledge is how you obtain
the knowledge and what you do with it later.
Information isn't inherently better good.
It's just information.
Yeah.
I know a lot of the stuff hackers use to be honest is the stuff.
The same information that a lot of networkers use when they're establishing a business network
say.
So, I mean, the same principles and information that go into that, it goes back to the whole
what are you doing with it?
Like you said, information is information.
It's what you make of it or what you do with it.
What about in cases where someone does find something big?
I know that I guess the one that I keep thinking of is Dan Kaminsky when he found this
DNS issue that he found over the summer, I guess.
Like there was this big hubbub about it and then there was a race to find out exactly
what the issue was and then he was going to present the findings at Black Hat or something
like or Defcon and, you know, it was this big deal and I mean, if he'd released this
information earlier, people say, oh, everyone could have exploited it and it would have been,
it would have been horrific.
When you find out this information, how do you, how do you choose to keep it to yourself
and if you're not Dan Kaminsky, how do you get it to the proper channel?
You know what I'm saying?
It is responsible disclosure.
But once you find that exploit, you go to the people who own that hardware who are in
charge of making sure it's secure and say, look, I found this and if they don't believe
you, you show them you found it and you say, you guys need to fix this and you don't
paste it all over the internet before it has been fixed.
What Dan did was went to all the people that make DNS serving software.
He got them all together.
I think it, Microsoft's campus and Redmond and went, you guys, this isn't a trick.
I actually know how this works.
Here's how it works.
He did a demonstration for him and he said, you have to fix this and it took him nine
months to even do anything about it.
Yeah, which is ridiculous, but it's also, I mean, how do you get that if you're not
Dan Kaminsky, you know, I guess you probably wouldn't have found the DNS hole if you weren't
Dan Kaminsky.
I mean, I'm just thinking, I mean, how does an average hacker who did find a big security
hole?
How would you call someone together?
I don't know how that works.
I guess you just shoot some emails off to the people who own it, huh?
Yeah.
And if, you know, if there are bug tracking systems reported as a bug, but hoping that those
bug tracking systems are much more effective than Windows bug tracking systems.
Yeah.
Really, the problem is, if you're the idea that people have of a hacker, you know, the
greasy-haired punk sitting in your mom's basement, you know, I have a coupler anymore, but
the war games type hacker, you're not going to get listened to.
And at that point, you have to try everything you can.
And then when no one listens to you, you just kind of have to release it to everyone.
Yeah.
It's kind of one of those things where if you go through the proper channels and try and
get things worked out, and nobody listens to you, and then you try again, and still nobody
listens to you, then it's one of those things you've done your part, then they're not going
to listen to you, then maybe they'll listen to the entire internet effort work.
Right.
Yeah.
Sometimes it almost seems like we're exposing like these weird little things that no one
wouldn't even know about if we didn't really, like, pound away at it.
Well, here's the thing.
Human beings aren't that clever.
People come up with the same exact idea independently of each other all the time.
That's why software patents and stuff like that exist.
Two people could have come up with the wheel at the exact same time.
Human beings aren't that clever.
So if you can think of it, someone else is going to.
The best thing you can do is hope to God that you're the first person that found it, and
that you can get it fixed before the next guy thinks of it.
You know, because the DNS flaw that Dan Cominsky found wasn't that brilliant.
He thought, hey, I wonder if this is giving out information in a linear fashion, and it
was.
And all you have to do is randomize the ports and then, hey, it breaks that whole flaw.
But anyone else could have thought of it.
If someone other than Dan Cominsky would have thought of it, we've all would be in a very
bad situation right now.
And so why aren't more hackers being payrolled by these big companies, I wonder?
Probably because the average hacker can find the small bugs, but it's the deeper, in-depth
holes that the big companies are going to be looking for, or the things that the average
hacker just, it's over their heads.
And the number of real elite hackers out there, I know personally, I've never really done
any hacking.
I'd love to learn how, but there's so much involved, but the number of real elite hackers
out there is just very, very small.
There's a lot of the average hackers and the better an average, but the real elite is
a very, very small group.
Yeah, but what is hacking then?
I mean, isn't it just basically obsessing over something?
That's true.
Yeah.
So I'm going to be someone who sits in front of videos all day and figures out how to
transcode and edit differently and stuff like that, I'm a video hacker.
Right.
Yeah.
I mean, you have people that are, you know, life hackers that sit there and obsess about
how they exist, you know, you have GTD nerds or hackers.
Right.
How do I do these four things and make myself a million times more productive?
It's all still hacking.
It's still the same mindset.
It's basically altering something from one form to another.
I guess it would be the best definition of hacking because you're taking something as
it is and changing it or modifying it in some way to serve a given purpose.
Right.
But I really do think it takes that obsessive mindset about it.
Oh, yeah.
And people who hack hardware, they know exactly where all the connections are and how they
work.
And that's how people learn to take a rig like a computer that most people would be able
to get extra formance out of and get so much more out of it just by tweaking a couple
of things.
They know how to, the inner workings work because they've looked at it and studied it
and done research on it and then maybe edited the speeds of things and maybe even tweaked
the hardware a little bit, something to make it work more efficiently than what it had
done before.
Yeah.
And I think that kind of sums up like the methodology of hacking to me.
I mean, you have to have the hard knowledge.
Like if you're going to do a hardware action, for instance, you probably need, like if
you're really going to do serious hardware hacking, you need like electrical engineering.
You need that understanding.
And just having the, by the book, understanding of it is only going to get you so far, it's
going to help you build a computer.
But then going deeper than that and like obsessing over something and saying, well, what if I
reroute this one connection over here or what if I overclock this by attaching this
wire?
You know, whatever.
That's the kind of, the obsession I think is what gets you into the really cool discoveries
I guess.
I was just going to bring it back to the why aren't companies paying people to do this.
There are companies that are paying a hardware hack or not hardware hackers, but criminal
hackers.
And it's organized crime, you know, the old, you know, what still exists of the Russian
mafia hires high school college kids in America that, you know, are that know about these
exploits and pay them to write software that any idiot can run.
And I mean, that's why all these, um, these botnets and stuff are around, you know, it's
not because, hey, wouldn't it be funny too?
It's, hey, I bet you I can make $100,000 in a week by selling this to the Russian mob.
So you're seeing all those spam comments I have on Unix porn from.ru email addresses aren't
really people who are fascinated by my site.
Sorry.
There is a way to make money in it, but it's the same way that people make money dealing
drugs and human trafficking.
It's all still extremely hardcore criminal elements of things.
I think the way you're talking people that are paying, but they're not people you want
to be involved with.
The way you're talking though, it makes it sound like the only kind of hacking is criminal
hacking.
No, no, I hack things all day.
I mean, I'm a very obsessive person else that they're in beat my head on something until
it finally cracks, but there are people that they use the hacker ethos, you know, the
obsession, and then really it's all exactly the same until the end point where they, instead
of going, oh crap, I need to tell people about this, they go, I'm going to shut up, and
I'm going to sell this.
Okay.
That's the point where it becomes evil hacking when you're not being responsible with knowledge
that you get.
Yeah, because I think that's when you cross that line.
You're screwing over other people essentially to make money instead of helping to fix
problems.
I mean, they're fairly say evil because evil has other things attached to it.
You're just being a douchebag.
Yeah, there we go.
I mean, you know, evil has some kind of religious tone to it, and there's multiple sides.
To them, they're not evil.
They are just trying to make a buck, but I think most people can identify a douchebag when
they see it.
Yeah.
You mean the pops collar?
It's the pop collar of hacking, yes.
What about the people, I don't know, like, at least like me, I'm not making any big
new discoveries.
You know, I'm not exposing any new ways, you know, transcoding a video or a big hole in
something, you know, but I still think of myself a bit of a hacker because I sit there
and obsess over, well, what if I do it this way or what if I do this or how do I set up
it?
Well, like you, 330, I mean, you spent, I don't know how long setting up that server
with the open-goo server on it and the iOS, you know, I mean, it took you a while.
I would consider that hacking, even though it's not like, it's not discovering anything
new.
Is that still hacking, do you think?
Well, yeah, not everyone writes the hottest new insert your favorite application here.
Yeah.
There are a lot of people that sit around hacking on code, and it's never going to be
amazing.
You know, people aren't going to clamor for it, no one's going to pay $10,000 a seat
for it.
But you put the same amount of effort into it, and it doesn't make it any less awesome
to you or any less hacking.
I don't think that you need other people's approval for it to be hacking or to be useful.
As long as you find it useful and you work your ass off on it, you hacked it.
You know what I mean?
That's like going up to someone with an iPhone and they say, yeah, I hacked my iPhone.
I mean, big deal you hacked it.
What you did was you downloaded like a little installer and you double-cooked on it and
it did it for you.
It jail-broke it.
It doesn't mean you hacked anything.
It just means you're a script kitty for your iPhone.
Yeah.
I mean, that's where the media's use of the term hacking has really screwed everything up.
And everybody comes back to this, you know, do we need a new word for it?
The media screwed it up, not us.
I don't know.
I consider, I guess I think of a hacker with a capital H and a hacker with a lower case
H.
And people like me or a lower case H and people like, I don't know, Dan Kaminsky or
a capital H or something like that.
Well, I just, I kind of think about it like punk rock.
All right.
You've got, you've got black flag, which is by far one of the greatest punk rock acts
ever to exist.
Sure.
And they are no more punk than the 15-year-old kid, you know, hanging out with his buddies
in the garage playing punk rock.
It's all punk rock.
Yeah, yeah.
I get it.
I can relate to that, actually.
I don't, I don't think that it really needs to have a hierarchy.
Right.
And people really want, are spending way too much time of their life classifying things.
They categorize, and they sub-categorize, and they sub-categorize, they sub-stop
waiting for that time and go hack something.
That is hacking, that's hacking categorization without those people, without those people
we would have nothing but just, you know, everything would be lumped in together.
I can't argue with that.
I can't argue with it.
Okay.
What about this?
What about companies, you know, getting back to the hardware stuff, because that's kind
of interesting to me.
What about these companies that are saying, you can't hack this?
I mean, is it unethical for them to say that we can't hack their hardware?
Oh, absolutely.
I mean, you think about it, they're basically saying, we're the only ones who can make progress
in the computer industry for a graphics card, a sound card, a motherboard, a hard drive,
anything.
I mean, they're basically trying to monopolize the industry by controlling the progress
based on how they make it, so that when the next great thing comes out, it wasn't released
by some guy who figured out a better way to do it, from Idaho and his basement.
It was figured out by a big company who can then really profit from it.
Let's say I don't think that a lot of companies are actually telling people you can't do
this.
You know, they tell you, go right ahead and have fun, but you'll void your warranty.
Or you'll break your device, little demo cases.
Like I said, there aren't many, but there are some, you know, without naming names, companies
like that tend to do that across the board of their entire product line, and actually
into other product lines that may converge with their product line.
There are a lot of companies out there that, when they release a firmware upgrade, they'll
add this great nice feature, but they've learned about this hack that a ton of people
have done to their device.
That firmware upgrade will try to disable your device completely if you've done that,
just because it no longer gives them complete control over what you're allowed to do with it.
Yeah, the thing I'm thinking of with that is like the Sony PSP.
You buy a brand new game and it reloads your firmware and all of a sudden you can't play,
what we'll call them home brew games, but really what they're trying to stop is software
piracy.
And you know, that really bugs me there to say, no, it would come up, as you are allowed
to legally make one copy of every game you are.
But if, you know, they disable any way that people come up with, you need to play that
legal backup.
But if there are, if the original source is encrypted, which I can't think of a game
that doesn't come unencrypted, except for maybe a world of goo at this point, maybe
some independent stuff, but all that is encrypted.
And due to the Digital Millennium Copyright Act, if you circumvent encryption, you don't
even have to break it.
If you can copy it in place with the encryption, you've still broken the idea of encryption
and you're still in violation.
No, you're not violating it if you don't script it.
That's being debated in court right now.
Really?
Yes.
Yeah.
Basically, the idea is that if you made a copy of a DVD as a full ISO file, for bit exactly
the same, what you've done is circumvent the idea of the encryption, the intent of the
encryption.
Yeah.
And we may, we as in people that actually don't want this kind of thing to happen, may
lose this fight and lose it hard.
Oh, that would be, then basically they're saying, if you lose your disc and you wanted to
make backups, you can't make backups, and if you lose your disc, you're out of luck,
you'll just have to go buy another one.
Well, they tell you to go buy a backup.
Why don't you have two copies of it?
Go buy two copies.
Oh, yeah.
Which, I'm taking the devil's advocate on that point.
I want everyone to know that I think that's bullshit, and I think that it's just unfathomable
how someone could actually think that, but playing devil's advocate, why don't you just
go buy two copies?
People that buy comic books that want a one to read and one to save forever, they go
buy two.
They don't make a copy of their comic book to read and then have the one that they bag
and board.
Yeah, but that's different.
DVDs aren't exactly something you're going to save forever as, unless it's like some
special collector set of Star Wars signed by George Lewis or something.
I mean, it's one of the things to these companies, it is.
A product is a product.
They don't care what format it's in.
It's like, it's like empty free.
If you download an empty free, that's DRM, you have no reason to want to back that up.
And you see, I think the, by the industry doing this and causing all this encryption on
data and saying, we don't want you to back it up or do this.
Basically, by trying to prevent piracy, they've increased it and things like the pirate
band.
It said this past year, they just got to over seven million users and that's not counting
all the people who don't sign up for it, but still get torrents from there.
You think about that?
These companies are saying, we don't want to lose money.
We don't want people stealing our data.
But if they were to keep it unencrypted and available to people, then they wouldn't
have as big a problem with this, because people would be like, okay, I buy a song and
I buy tunes.
I can put it on as many devices as I want.
But now it's like, you can put it on like just a couple of devices and if something happens
to your collection or those devices, you're screwed.
So here's a question.
Are the guys at the pirate bay hackers?
Yes, I would have to say it.
I would say yes as well, because they're getting around something, yeah, they're getting
around some of the problem, the roadblock.
To be honest, I think anyone who uses torrents is a hacker, but kind of like the lower case
H type hacker, not the...
Oh, you're categorizing again.
No, come on, not at this point.
Look, any mouth breather can use a torrent site.
It's not that hard.
Not a mouth breather, but yeah, most.
No, believe me, I spent several hours with a mouth breather a couple days ago and he was
torrenting.
All right.
I am talking lowest common denominator here and he could do it.
If you actually like listen to discussions with the guys from the pirate bay, they are
absolutely hackers.
It's a totally decentralized thing.
No one knows who did any of it.
They have like, they have this admin account that anyone that asks can get the password
to and you just make your change and walk away from it.
That's how it became the number one greatest store with no price on the internet.
Well, it's kind of like they've basically taken what Napster did and fixed all the mistakes.
Napster's mistake was just having a centralized location.
So basically you're saying they decentralized location, so what torrenting does and that
if you lose one person, you still got 100,000 to back it up.
Say, but it's not even the location that they decentralized.
There's no chain of command in their recent court case.
They kept going, who is the man on top?
Who's the admin?
And they went, everyone, there is none.
The courts can't get their heads around an idea that it may just be something that exists.
No one owns it.
It's just there.
And I think it's just out in cyberspace.
That's the biggest hack.
It has nothing to do with the software or enroading around laws or any of that.
They hacked the way people think.
That's the most important part of that is changing your hardware, your software, any of that.
Those are all in goals, but really hacking is about changing the way you think about something.
I'm going to say I'm impressed, these guys, yeah, it is just a thing that exists on
its own.
What's also really cool is, right now, they still need the pirate bait up as a tracker.
Well, they're working on ways for decentralized tracking.
So if their servers got blown up tomorrow, all those torrents are still available.
And it could just move anywhere in the world they wouldn't back.
So here's the really interesting thing is, and you'll have to go back into other HPR episodes
because I don't remember the name of the broadcaster, but the same broadcaster that put out all
the Beatles tracks a couple months ago on BitTorrent, they are actually using the software
that the guys from the pirate bait created to run their own tracker site instead of,
you know, like in the US, all the media companies put it up in streaming flash.
You go to CDS and you can watch pretty much whatever you want, but it's in flash and it's
only there for as long as it's there.
These guys are actually putting this out on BitTorrent and going, have at it.
I don't know if they have ads or anything in it, but if they do, you can sell the ad
as this ad will be seen forever because we're going to put this out here and people are
going to be able to share this thing.
So you're going to get between 10,000 and 600 million views.
I mean, that's a really smart way of doing it, and you're going to get that media out there
to anyone who would ever want to listen to that music because it's an old video.
Right.
You don't have to pay for it.
We'll say or watch that TV show, you know, because I think it's a national, like a
nationalized media thing, you know, it's kind of like a PBS in America.
Well, it's more like the BBC in England, where it's paid for through tax money or, you
know, some kind of TV license or something, for the benefit of everyone in that country.
So they've already made their money off of it.
The taxes were already collected.
It's just stuff now that's sitting around and they don't have like the BBC where they're
exporting it everywhere because not everyone speaks.
I think it was Swedish.
It might have been.
I thought it was Norway, but yeah, whatever.
They're just giving it away because there's no, they don't really have another revenue
source.
And they're not really interested in waiting for one to show up.
So why not just give people the thing they already paid for?
And I personally, I love the idea of the perpetual ads, like just going, we can guarantee
you that it'll get this many downloads because everything else did.
But after that, you could grow tenfold.
So you know, pay us for what we know you'll get and hopefully we can negotiate a little
bit more and you'll probably get a million times more than you ever paid for.
Yeah, well, it's a brilliant scheme, I think, and it's, you know, the whole open source
model in a way because you're just saying, here's, here's the information, take it whenever
you want it.
I mean, that's kind of, I don't know if that's open source or hacker ideal or whatever,
but it's the same idea, I think.
Well, I think it has real work with a hack.
The whole idea of free software and open source.
It was a hack.
It was a hack, and again, it was a hack of the way people thought of things, yeah, because
people were just trying to wrap their mind around.
Yeah, yeah.
Because I mean, people are still thinking in a lot of ways that open source was somehow
be piracy, but I think you're, you hit the nail right on the head with the idea that
open source is a hack because you think about programs like Microsoft's Office Suite and
then you think of things like openoffice.org where they do all the same things, whereas
one several hundred dollars, the other's free, obviously there's got to be some similarity
and code there.
So obviously, at some point, it's been a hack to get that code, maybe I'm doubting it
was illegal, but it was obviously someone hacked it so as to say, you know, I don't feel
like buying that.
I still want the feature and services.
They basically just said, hey, I'm going to write a program to do what I need it to do.
And then when they got it working, they put it out on the internet and now pretty much
everyone who uses Linux uses OpenOffice and they released a version for Windows.
So now openoffice is kind of a bad example there, but you know, that's how a lot of software
came about.
But OpenOffice started StarOffice, which is bought by Son later open source and then renamed
OpenOffice.
Yeah.
And really that again goes back to my point that people aren't clever, how many different
people had the idea of a word processor, which is basically some kind of markup language
that formats a page for printing.
I doubt Microsoft was the first one to have it.
I mean, you know, we can all sit around, you know, as soon as I said that everyone started
going, I could do it, you know, little XML here and there and it spits out a page the way
you put it on the screen, you know, and there are probably a million ways to do it.
So I'm sure that there are similar things between Office and OpenOffice.
They're probably functionally completely different and actually it's a good thing.
No one ever has the perfect idea.
They just have the idea that was good enough to make the damn thing work.
True.
And that's where people use the program and when reason open open source is still successful
because people go or people write a program, people use it and go, you know, I would really
like this feature, that feature in it.
And then people are like, hey, that's not a bad idea.
They integrate it, updates release, it's installed and boom, now you've got exactly what
you were looking for.
And then you have a hundred other people going, that feature is awesome, but you totally
did it wrong.
Exactly.
So that's why open source is so beautiful because you can customize it exactly the way
you are.
And at that point, they submit the patches for what they think it should be.
If they're not accepted, they can fork and have their own project do it the way they
envision it.
Okay.
So hacking so far is being judged ethical because it brings all of us free stuff, like
stuff that we don't want to pay for.
It reveals security problems and it possibly reveals advancements in like either hardware
or software progress or just kind of the way everyone thinks.
Hacking in itself is ethical, the act of learning something new by being obsessive and just
pounding your head at it, there's nothing unethical about that.
It's what you do with your end result and that's just like everything.
If you build a firework in your backyard, if you shoot it up in the air and it explodes,
it's a firework.
But if you pointed it at someone and it explodes and kills someone, you've made a grenade.
You've made a rocket explosive.
The same exact thing can do two separate things and one is ethical and one isn't.
It's how you use it and people use things a lot of times, not for reasons not designed
or not intended by the maker.
People will take something like say a knife that was designed to chop vegetables and use
it to murder someone.
Setting up a server in my own house and breaking in through SSH because of some vulnerability
and let's say I had an old Debian box and I could break the key because it was only 16
bit.
If I do it to myself, there's nothing wrong with it.
I agree.
But here's the question, because I agree with what is being said, but it sounds like
some of our quote ethical, yeah, it's ethical, unquote, it is based on our particular moral
basis.
So we're saying, well, it's ethical because it skirts taking advantage of people who can't
afford an office suite or it's showing these companies that they don't control their
own hardware or whatever.
You know, I mean, who decides whether this is a good thing or a bad thing?
Like, might a hardcore capitalist say, well, this free software stuff is, you know, basically
copying an idea from someone else and giving it away for free and that's bad or something
like that.
I mean, why are we saying it's ethical or was the question wrong anyway?
I know you just said, you know, you said someone's coming from the point of, okay, will this
make me money?
Well, I think the question should be, is will this benefit humanity?
To that back, take a look at it as a whole, you know, in a hundred years, will it matter
if that guy made money or if we did something that benefited everybody?
Right.
So I think that's more of a viewpoint as you're pointing from.
Okay, cool.
Well, thanks for being on Nick from Open Source Musician's Podcast.
Thanks for being on.
For having me.
No problem.
Thank you, AJ, from Linux Geekdom Podcast.
I love being here.
Thanks.
Yeah.
I mean, both of you, since this was your first HPR episode and anyone else listening, if
you ever want to contribute a hacker public radio episode, it is an open forum.
It's a community-based podcast.
All you have to do is email either me or Enigma or, you know, just get on the website,
hackerpublicradi.com and find the email link to submit a show.
And generally speaking, we're really happy to get them.
Thank you, 330, and you're from Tilt now, right?
Something kind of tacky.
What a free Linux helpline.
Free Linux helpline.
What's the site for that, by the way?
FreeLinux helpline.mit.
Okay.
FreeLinux helpline.net.
That's a really cool new podcast that helps people with Linux questions, and it can be a live
college, or even.
Yeah.
Cool.
All right.
So this has been the second round table for hacker public radio.
My name's Klatsyu, and thanks for listening.
Thank you for listening to hacker public radio.
HPR is sponsored by tarot.net.
So head on over to C-A-R-O dot N-E-T for all of us in need.
Thank you.