HackerOne calls on Cambridge Dictionary to change its 'negative' definition of hacker
Popular white-hacking, bug bounty platform HackerOne is calling on Cambridge Dictionary to change its "negative" definition of hackers. Published by the 484-year-old Cambridge University Press - the world's oldest publishing house - the Cambridge Dictionary currently defines a hacker as a "person who is skilled in the use of computer systems, often one who illegally obtains access to private computer systems."
With the advent of white-hat hackers and security researchers who look for vulnerabilities and report them directly to companies to resolve them before they are exploited by malicious actors, HackerOne argues the word "illegal" should be removed.
At the recent Infosecurity Europe, HackerOne surveyed 261 IT professionals attending the event, 70% of whom believed Cambridge Dictionary should remove the word "illegally" from its definition of hacker. Meanwhile, 7% of respondents said they were still unsure.
"Hackers play an essential role in keeping the internet safe by leveraging their creativity and intelligence to find complex security flaws often missed by traditional methods. There are more people hacking for good than ever before," Hackerone said in a blog post. "There are far more ethical hackers in the world than criminal hackers, and they are rallying behind organizations that welcome their contributions to cybersecurity."
"Getting the vulnerability report into the right hands is the first step in resolution," it added.
Multiple major companies including Google, Microsoft, Facebook, Twitter, Uber and Apple have established bug bounty programs offering monetary rewards to white-hat hackers and researchers who uncover and report flaws or holes in their systems and software. Even the US Department of Defense and the US Army launched their own "Hack the Pentagon" and "Hack the Army" bug bounty programs to offer rewards to hackers who find security vulnerabilities in specific infrastructures.
According to HackerOne's survey, 51% of IT professionals said their organization had a defined process for hackers to report vulnerabilities. About 63% said their company would respond to a vulnerability report sent by an external researcher or hacker.
"The world of cybersecurity is evolving," HackerOne said. "With it, so should the definition of such key contributors, hackers. There is no such thing as 100% security, but together we can work towards the goal of getting as close to that as possible. Together, we hit harder!"