Ferreting out vulnerabilities for fun and profit. An ethnographic journey into ethical hacking

David Bozzini (University of Fribourg): öffentlicher Vortrag im Rahmen des Forschungskolloquiums Ethnologie

Datum: 20. April 2021
Zeit: 16.15 Uhr bis 18.00 Uhr
Ort: per Zoom

Zoom Link:

Meeting ID: 969 8041 0248
Passcode: 500274

Ferreting out vulnerabilities for fun and profit. An ethnographic journey into ethical hacking

For the last few years I have been conducting research on digital (in)security and hacking. In current times, vulnerabilities in computer systems can significantly challenge modern society. Such vulnerabilities could allow unauthorized access to systems, data leaks as well as a wide range of ways to sabotage, including denial of service or various kind of damages on assets, services or reputation. For the last decade, the cybersecurity industry has been booming, developing both offensive and defensive capabilities, thereby giving rise to such a vast and global digital (in)security social field that it is impossible to fully comprehend.

As a way to explore the current fabric of digital (in)security, I am taking an ethnographic approach to what is called ethical hacking and bug bounties. Ethical hackers disclose the vulnerabilities they find in order to harden the system they are probing. In order to scale such a long-established hacking practice, bug bounties have emerged in recent years in which vendors offer cash rewards in exchange for vulnerability information affecting their systems, products or services. After a short rationale about the importance of taking an anthropological approach to digital (in)security, I will present the practice of ethical hacking in more detail to delineate some principles it relies upon before examining how it developed into recent bug bounty programs. I will also discuss some of the dynamics at play in bug bounty operations and the impact they have on the digital industry and beyond. Finally, I would like to reflect on how digital infrastructures force us to rethink the way we engage in ethnographic research.