Avast CISO Jaya Baloo discusses the good side of hacking with security experts Katie Moussouris and Chris Roberts
The annual SXSW conference takes place this week, and, thanks to the pandemic, nobody need fly to Texas to attend. The entire event is digital: SXSW Online 2021. This year, in addition to the film festival, music festival, and creative exhibition, the conference will feature special on-demand content hosted by our very own CISO Jaya Baloo.
In a panel discussion called “Ethics of Hacking: Doing Good with Security Skills”, Jaya brings in two of her favorite guests from Avast Hacker Archives, Founder & CEO of Luta Security Katie Moussouris and CISO & Chief Hacker at Hillbilly Hit Squad Chris Roberts. While all three are highly respected professionals, not one is a stranger to having had their hand slapped over a hacking incident. They have what Chris Roberts calls “the hacker mentality” – a natural calling to break things open to see how they work, if improvements can be made, if fun can be had. “Hacking is questioning,” Chris says. “It’s something I wish we as humans would do much more of. It’s just asking one more question.”
In the session, Jaya steers the conversation toward the all-important question every hacker must ask themselves – whether or not to use their power for good. Even well-intentioned hackers can have it hard, the panelists agree. Take the most common scenario: Hacker finds vulnerability in Company’s software, Hacker discloses vulnerability to Company, then, in lieu of gratitude, Company serves Hacker with legal papers.
All hackers have the hacker mentality, and all want to see if they can access information that is supposed to be off-limits to them, but, as Katie says, “It’s really a matter of what you decide to do with that information that truly defines your ethics in hacking.”
Other topics discussed in the session include the “brain work” Chris has been doing, which has reached a stage where he can turn on devices in his lab simply by thinking about them. Katie shares a very funny anecdote about taking her family to Disney World. We won’t give away the whole story, but it ends with her standing in the Epcot Center Imaginarium with a security guard behind her commanding, “Ma’am, step away from the computer!” The guests also offer their most valuable advice for budding hackers just entering the field.
SXSW registrants can access the session Ethics of Hacking: Doing Good with Security Skills for the duration of the week, until the conference closes Saturday, March 20.
In the eighth episode of our podcast Avast Hacker Archives, security expert Dave Aitel demystifies the NSA, explains the fallacy of the term “zero-day,” and tells Avast CISO Jaya Baloo what started him down the hacker’s path.
In the seventh episode of our podcast Avast Hacker Archives, Avast CISO Jaya Baloo talks with Phil Zimmermann, creator of the PGP email encryption package and longtime activist for privacy and human rights.