I just read an interesting article by Peter Pachal in Mashable's tech section, in which Mike Calce, the former hacker known as "mafiaboy," says most of today's hackers are motivated by the desire to make a quick buck. Calce makes some decent points, but I think he's unfairly swiping the entire hacking community with the same, big brush.
From Pachal's article:
“The hacker motivation has changed immensely,” Calce told Mashable in an interview. “It’s much more about monetary gain, whereas in my era, it was about pushing the status quo.” Calce’s era was circa 2000, when he pulled off major denial-of-service attacks on several major tech companies, including Amazon, Dell, Yahoo, eBay and CNN — all when he was 15 years old. Calce was eventually caught and arrested for the attacks, serving eight months in a “group facility,” he says. After doing his time, Calce laid low for years, but now he works as a digital security consultant and keynotes at IT conferences. He wrote a book about his experiences in 2008, 'Mafiaboy: How I Cracked the Internet and Why It’s Still Broken.'"
It's somewhat ironic that he talks about hackers going for monetary gain, since he's made a living as a security consultant and author since his arrest and incarceration. To be fair, though, I don't think he's suggesting it's all bad to go for the money over an idealistic crusade.
Also from the article:
With the shift from mischief-making to financial motives, the risk has shifted as well. Whereas 10 years ago hacking was more of a danger to large companies with big online operations, the risk today to individuals is much greater, Calce says.
I agree the risk to individuals is much greater, but Calce makes a bit too much of that as supplanting the risk to big corporations. If anything, the risk to big online corporations is as great if not greater than it was 10 years ago, partly because breaching their systems is the way to steal the most sensitive data on those individuals (credit card and Social Security numbers, etc.).
My biggest critique is over his suggestion that it's all about making a quick buck these days. That's certainly true for some, and hacking has become much more respectable and lucrative than it was back in the day. And we all have to put food on the table and pay those rents and mortgages, right?
The thing is, hackers are still pushing the status quo. The difference is that now they can make a living doing it.
I know many in the profession who are passionate about getting big companies and individuals to be more proactive about their own security. They make their living hacking into their clients' systems but go further with projects that make them no money. They blog. They make podcasts. They write unpaid and paid guest columns for a variety of publications, and if they see wrongs in the private sector they call out the offending entities.
That IS pushing the status quo.
Let's not forget about the hacktivism phenomenon, where the likes of Anonymous and LulzSec do what they do all in the name of making statements. I often don't agree with their methods, but I don't see how their activities earn them a "quick buck."
Idealism is alive and well in the hacking community. It leads to a lot of good work, and some stupid stunts. The optimist in me chooses to believe there's more of the former than the latter.
There is indeed money to be made. But if the job is legitimate and for the good, what's wrong with that?