The term ‘hacker’ is an ambiguous one. It’s been around since the 1930s, although in those days it didn't come with the digital associations. Even when computers became prevalent, a ‘hacker’ was originally simply someone who programmed and understood the complex systems behind computer hardware and software.
As the term became more widespread, it took on darker connotations, commonly becoming known as someone who subverts computer security for malicious reasons. These people, the bad guys of the hacking world, are called “black hat” hackers. The good guys who fight them by plugging security holes - and are constantly trying to stay up to speed with the bad guys - are aptly named “white hat” hackers. This list is comprised of the good guys, but there are indeed far fewer good guys than there are villains in the modern hacking world.
Groups like Anonymous often do controversial things in the name of what they perceive as the great good; democracy, human and civil rights, and protection. Some see them as evil, some as just. In this group's case it's difficult to make a blanket judgment, as many and varied individual actions define each different campaign.
Other famous whistleblowers and hackers, like Ed Snowden and Julian Assange, can't be distinctly qualified as the good guys either, as there's huge controversy surrounding the potential good they did: Are they heroes, traitors, vigilantes? It's all too murky, so most people would refrain from granting them the status of white hats.
The actions and people on this list are far less controversial. These are ten largely ethical and good things that hackers have done, in spite of the bad rap their activities often get.
10 Operation Free Korea
In 2013, tensions between the US, Japan, and North and South Korea escalated after the UN Security Council Resolution condemned North Korea for launching their first satellite. The crisis escalated further from North Korea’s despot Kim Jong-un’s increasingly aggressive rhetoric that suggested imminent nuclear attacks against South Korea, Japan, and the US.
On April 2, 2013, hacker group Anonymous started 'Operation Free Korea,’ which called for 'controversial leader Kim Jung-un to resign,’ to 'install free democracy,’ 'abandon its nuclear ambitions,’ and for 'uncensored Internet access.’ Anonymous proclaimed that if North Korea did not meet their demands, they would rage 'Cyber War.’
The next day, Anonymous claimed it had stolen all 15,000 user passwords as part of its war against the DPRK, and threatened to wipe out the government’s data. A few days later, North Korea’s main administrative website showed a subversive cartoon image of Kim’s face with a pig-snout and a drawing of Mickey Mouse on his chest. Two months later, on June 22, Anonymous claimed that they’d stolen military documents from North Korea.
9 The Steubenville Sexual Assault Case
In 2013, Anonymous leaked an incriminating video, photographs, and tweets from the Steubenville High School football team that was accused of a gang assault on an underage girl in Ohio. They also released a number of emails and photos hacked from the email account of one of the football program's boosters, whom they claimed helped cover up the case.
The nature of the case and the leaked information led to accusations that the school and its coaches knew about the sexual assault and failed to report it to protect their football program. A separate grand jury indicted the school’s IT director, William Rhinaman, and the school’s superintendent, Michael McVey, with several felony indictments, including hindering the investigation, tampering with evidence, and grand jury perjury.
One of the hackers, Deric Lostutter, was later indicted under the federal Computer Fraud and Abuse Act, after donning a Guy Fawkes mask and interviewing with CNN. He was raided by the FBI for his involvement in hacking a site, even though someone else had already acknowledged being responsible for the hacking.
The case brought national attention to the problem of rape culture. A Lifetime channel movie, “The Assault,” was loosely based on the incident.
8 Judge Rotenberg Center Tortures
The Judge Rotenberg Center (JRC) is a residential facility that uses Applied Behavior Analysis (ABA), educational services, and other methodologies to work with children and adults with severe developmental disabilities. They have a near-zero rejection and expulsion policy, despite the severity of behavior or disability, and use active treatment and aversives.
After a video was released on CNN that showed a boy being tortured at the JRC, Anonymous announced in a March 22, 2012 YouTube video that the JRC and its affiliates were targets. Through their hacking, Anonymous found out that the school had legally tortured hundreds of others, and five had died. The hackers publicly posted the names and addresses of JRC’s sponsors, lawyers, lobbyists, and supporters, as well as the founder and principal himself.
In 2002, a mother of a former student launched a civil suit after it was discovered that her child had been restrained for seven hours and skin-shocked many times. Concerns about JRC’s treatment regimen prompted a 2005 investigation by the New York State Education Department, which found that the shocks were used for minor episodes of noncompliance.
The Executive Director, Dr. Israel, resigned after a deferred prosecution deal, and a 2011 ruling imposed rules that students and residents entering JRC since 2011 may not have the GED included in their treatment plan.
7 Operation Ice ISIS
In another act of war for the greater good of mankind, Anonymous began to attack the Islamic State of Iraq and the Levant on February 9, 2015. They attacked ISIS’s social media accounts and Internet-based recruitment stations and drives, destroying “months of recruiting work.”
Anonymous released a statement, saying “ISIS: We will hunt you, Take down your sites, accounts, emails, and expose you. From now on, no safe place for you online... You will be treated like a virus, and we are the cure... We own the internet... We are Anonymous; we are Legion; we do not forgive, and we do not forget. Expect us.”
Within three days of operation, 1,000 ISIS websites were brought down, and over 800 ISIS-affiliated Twitter accounts were destroyed. The war between the biggest “terrorist” cyber-group and the biggest physical terrorist group seen in the last decade still wages.
6 Operation DarkNet and Operation Death Eaters
Anonymous have always claimed to be big proponents of civil rights, free speech, and democracy. They’ve also strongly condemned underage explicit material. In 2011, the collective hacker group campaigned against child explicit material protected by anonymous hosting techniques.
They attacked 40 offending illegal websites with distributed denial-of-service (DDoS) attacks. This attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. They temporarily disabled the sites, and then published the usernames of 1,500 people frequenting those sites, and invited the FBI and Interpol to follow up. The offending website owners, who were highly technically-savvy and knew how to hide themselves, were no match for the combined efforts of Anonymous: They went out of business.
Four years later, on February 14, 2015, Anonymous launched a sister campaign, Operation Death Eaters. They described this as, “an international day of protest against child abusers, and those who support child abuse on underground p*rnography rings through networks such as Tor and I2P.” Anonymous claimed that this operation had been in the works for years.
5 Johnny Long, Google Hacking Pioneer
Johnny Long, known also as “j0hnny,” or “j0hnnyhax,” is a well-known computer security expert, public speaker, and author. He is best known for his background in hacking the monolithic search engine Google to find vulnerable servers and security holes in the configuration and computer code that websites use.
In 1996, Long formed the Computer Sciences Corporation (CSC) Strike Force, as a vulnerability assessment team. He also dedicates his time to the Hackers for Charity organization, and is a well-publicized speaker at many annual security conferences around the world.
After his work with CSC’s Strike Force, he became an early pioneer in the Google hacking field. He was able to locate servers on the Internet that ran vulnerable software through his carefully crafted search queries. From there, it was possible to find security holes on websites that were openly sharing personal identification info such as Social Security numbers and credit card numbers.
The efforts of Johnny Long enabled the creation of the Google Hacking Database, where hundreds of Google hacking search terms are stored. While many (business owners especially) are not fans of the opaque, vague terms and massive global control of Google, it is safe to say that everyone is better off if black hat hackers can't poach people’s personal information from Google's databases, and Long has contributed to this safeguarding.
4 Charlie Miller, Apple Security Expert
Charlie Miller spent five years working for the National Security Agency before joining Twitter as a computer security researcher. Over the years, Miller has publicly demonstrated the security flaws of tech-giant Apple’s products. Apple, who revealed their recent quarterly income as the most by any company ever, should have Miller to thank for pointing out their products’ many flaws - but it has been a largely thankless task.
In 2008, Miller won $10,000 at the hacker conference Pwn2Own for being the first to find a critical bug in the MacBook Air. In 2009, he cracked Safari. That same year, he also demonstrated a processing vulnerability in the Apple iPhone that allowed for a complete compromise and denial-of-service attacks on other phones.
In 2011, he found a security hole in the iPhone and iPad, where an application could contact a remote computer to download new, unapproved software that could execute any command and steal personal data.
As a proof-of-concept, he designed an app called Instastock and was approved by Apple’s App Store. He then informed Apple about the security hole, who promptly expelled him from the App Store. Rather than reprimanding him, Apple should consider themselves lucky that Miller wasn't using his knowledge for potentially disastrous malicious purposes.
3 Richard Stallman, Free Internet Hippie Guru
Richard Stallman, known also by his initials, rms, is a software freedom activist and computer programmer. He is best known for launching the free software platform the GNU Project; for developing the GNU Compiler Collection; for founding the Free Software Foundation, and for writing the GNU General Public License.
His dream is for software to be distributed to users with the freedom to use, study, distribute, and modify said software.
He launched the GNU Project in 1983 to create an operating system composed entirely of free software. This became the start of the free software movement. He also pioneered the concept of copyleft, which uses the principles of copyright law to preserve the right to use, distribute, and modify free software.
Since the mid-1990s, Stallman has spent his time advocating free software and to campaign against software patents, digital rights management, and other legal and technical systems that he feels takes away users’ freedoms, such as activation keys, non-disclosure agreements, and copy restriction. He has received 15 honorary doctorates and professorships.
2 Barnaby Jack, ATM Jackpotting Pioneer
Barnaby Jack, who unfortunately died in 2013 at the young age of 35, was a New Zealand hacker and security expert. He was renowned among industry experts in the medical and financial security fields, and took a classic approach to hacking: Buy a new software or device and pick it apart with attack code.
In 2010, at the Black Hat computer security conference, Jack became famous when he demonstrated how, using just a laptop, he could wirelessly reprogram ATMs to spit out cash. It's basically everyone’s dream, and this guy figured it out. Jack’s programming code was displayed on one side of a giant screen, while the two ATMs being exploited were on the other.
Within minutes, the crowd erupted in cheers at the sight of cash spewing out from the machines. Jack dubbed the technique “jackpotting.” Rather than use his powers for evil, Jack worked with the ATM manufacturers to create stronger safeguards and software updates.
He later worked on exploiting various medical devices, including insulin pumps and pacemakers, and his 2012 testimony led to the FDA to change regulations regarding wireless medical devices. With the knowledge that he presented, Jack would have been able to pump insulin repeatedly, wirelessly, into the pump's owner, delivering its max dose of 25 units until its entire 300-unit reservoir was depleted - which would amount to a grisly death. The eye-opening discovery gave a new, literal meaning to the phrase ‘cyber assassin’.
1 Dan Kaminsky, Could Have Brought Down the Whole Beast
Dan Kaminsky is a security researcher and the Chief Scientist of White Ops, a firm that specializes in detective malware activity. He has worked for Cisco, Avaya, and IOActive. In 2008, he gained worldwide fame for finding a security hole that affected the entire Internet.
If he had been a black hat, the information he'd found could have fetched multi-million dollar sums. As it were, he worked with Microsoft, Cisco, and other tech companies to fix the flaw. That flaw would have allowed hackers to undermine the Domain Name System (DNS) that the entire Internet runs on.
Kaminsky found that by adding bad information to cables flowing through the DNS network - which consists of millions of servers that translate numerical addresses into website domain names - he could direct people to fake sites without their knowing. His work, which he helped fix, became known as the DNS cache poisoning, and it became one of the most significant hacking disclosures of all time.