• floofloof@lemmy.ca
    link
    fedilink
    English
    arrow-up
    7
    ·
    8 months ago

    The ethical route, ie “white hat”, is to contact the owners about the exploit with a fixed period disclosure. Ie, “fix this in 30-90 days, or we will publish our method”.

    I’m not sure that is the ethical route when you’re talking about disrupting the operations of a Nazi-led government.

    • towerful@programming.dev
      link
      fedilink
      arrow-up
      3
      ·
      8 months ago

      Hmm, maybe I mean moral?
      Like, there is a correct way to go about something regardless of context.
      As opposed to doing something because of the context.

      Any exploit should be notified to the software/platform maintainers with a proper disclosure timeline to ensure it gets fixed in a timely way.
      That is the correct way.

      Abusing the shit out of a poorly implemented nazi government is the moral thing to do, but would go against a white hat’s ethics. Collectively a good thing to do, but not the correct thing to do as a white hat.

      Are gray hats more ethically and morally true?
      This is getting to deep for me.

      • Ashelyn@lemmy.blahaj.zone
        link
        fedilink
        arrow-up
        2
        ·
        8 months ago

        I guess you could consider someone who is staunchly whitehat with no exceptions to have a creed/code, where they consider the rules transcendent of any specific situation (e.g. nazi websites).