Recently, I authored an article on this very website entitled How to hack the windows password of your boss’ laptop. My inbox has been abuzz over ethical issues to do with the act of hacking. I took the burden to explain to my colleagues in the profession the intention of my article and also encouraged them to read the article in its entirety. I noticed that not many had a reasonable idea about hacking.
To get a better understanding of this, lets visit the definition. According to Wikipedia, a hacker is a person who, with their technical knowledge uses bugs or exploits to break into computer systems. Unfortunately, the meaning of the word hacking has evolved so much to mean unethical access to computer systems and networks. In short, it is illegal in the eyes of a lay man.
When is hacking ethical?
Some day in 2014, a year after his retirement, Mr. Mpoza Joseph Mary called me requesting for assistance. He had failed to gain access to his laptop – he had forgotten his password. He either had to drive the 100 or so kilometers from Masaka to my Internet café in Nabbingo or download a tool from the internet using another person’s computer. He chose to drive. Using a tool from passcape, I managed to reset his password. In Mr. Mpoza’s case, we later realized that one of the keys on his keyboard was faulty.
In another example, Christine manages one of the computer labs at St. Peter’s SSS Nsambya. She once couldn’t gain access to one of the PCs because the students had put a password. This disorganized the entire afternoon session since the resources to be used for the next lesson were on the locked PC. If it weren’t for the knowledge I shared with her, all of the resources on the PC would have been lost after a fresh installation of the OS.
In both cases, you notice that it is sometimes the legitimate owner that is locked out. To get back into the system, knowledge of system penetration becomes a must. In this day and age, it is ideally safer to stay ahead of the bad guys by learning how they do it and how to prevent future access.
Differentiating between the different types of hackers
There are primarily 2 types of hackers: White Hat Hackers and Black Hat Hackers. White Hat Hackers are the good guys in the hacking world while Black Hat Hackers are the bad guys. Black Hat Hackers are the ones we hear of in the media. They illegally gain access to information from Banks and the like for their personal benefit.
White Hat Hackers do what is commonly known as Ethical Hacking. They help identify potential threats and loopholes in networks and computer systems in order to help organisations address vulnerabilities. Ethical hackers follow rules like obtaining permission to gain access, respecting privacy and notifying developers of any vulnerabilities found.
What one ought to know is that companies like banks, telecom companies and the like employ ethical hackers on a permanent basis just to test their systems and make sure their clients are safe from the wrong guys. In fact, every serious programmer is some kind of hacker, the difference is on which side of the game they are.
Ethical hacking is a much sought-after service by organisations both big and small. In 2018, google awarded Ezequiel Pereira, a teenager 36,000 USD after he found a security flaw that would allow him make changes to the company’s systems. Companies like google keep the security of their systems in check by offering bug bounties like this program here where a big reward is offered to anyone who discovers a flaw and reports it to them.
Ethical Hacking Courses
Here in Uganda, you can find courses in ethical hacking at UTAMU, Greenbridge School of Open Technologies and Aptech. Personally, I sought the advice of Egesa Ronald Leonard of Magezi Solutions a certified and time tested hacker who encouraged me to sign up for this course on cybrary. This has helped me get a deeper understanding of cyber forensics and helped rectify many flaws in the porous school IT environments.
The Institute of Forensics and ICT Security in Ntinda is also a good local option that provides a comprehensive approach in form of consultancy and training in forensics where you are trained to become a certified ethical hacker.
Being in the business of computer repair, forgotten passwords are a common scenario and therefore I have to keep myself abreast with the latest trends in the world of ethical hacking. This means being able to access even the latest operating systems before the clients come in with the same challenge. However, due to the controversy of the topic, industry specialists are now using the word pen-testing to mean the ethical practice of gaining access to systems and networks.
So, next time you talk about hacking, first look at the other side of the coin.
E-zone School of Computing
+256 752 111 223 / +256 772 111 223