The hacker and the Saudi spies
What do you do when you're a hacker specializing in secure communications protocols, and you get a request to help the Kingdom of Saudi Arabia spy on its own people? For San Francisco's Moxie Marlinspike, a respected computer security expert, the experience provoked a thoughtful examination of the current state of hacker culture.
Not so long ago, hackers often perceived themselves as standing in opposition to authority and governments. Moreover, the subcategory of hackers who specialized in discovering and publicizing security vulnerabilities -- referred to as "exploits" in the security trade -- did so out of a belief that the best way to improve the integrity of our communication systems was by publicizing dangerous security holes.
Times have changed. As Joseph Menn documented in a breakthough special report for Reuters last week, today's security-minded hackers often end up working directly for defense contractors, hand in hand with the U.S. government. Identifying exploits and selling them off the highest bidder has become a lucrative business. Worst of all, the buyers of these exploits aren't interested in improving security, but instead often plan to deploy these vulnerabilities for their own purposes.