Recently, Rob Graham wrote a blog post, Errata Security: White-hats are on the side of law, but not order, in which he called my belief that some white hat hackers would support law enforcement a “misapprehension”. Here’s my reply:
You’re generally right about the attitude of law enforcement, and it is highly short-sighted on their part that they act like this. Another absurdity is that smoking marijuana – and I mean, having smoked literally a joint in the past five years – is enough to disqualify one from getting a job as an officer. I know more than one good police candidate who has been disqualified from agencies because of that, or because they took an unprescribed prescription tablet in the past few years.
It is ultra-moronic and self-defeating.
Interestingly, this is changing. in my post to the Daily Dave asking for volunteers for the LE training, I stated:
“Your background must be clean and stand up to a law enforcement check. This typically means that you’re precluded from performing this work if you’ve been convicted of a felony or any drug charge, and misdemeanors in the past five years, but specifics vary. Basically, understand that if your arrest record is clear and especially if you have experience in law enforcement at the local, state, tribal or federal level, you’re good to go, and if not, well, not.”
Note the words “typically” and “basically”. In fact, the agency and division that is seeking the help is in this case much more open-minded. They have looked at volunteers with criminal records recently with open arms.
As to your statement that “we white hats oppose law enforcement”, the response to that post was sufficient to challenge it. I’m not saying that no white hats feel as you do, I’m saying you’re not speaking for all white hats. Not all white hats dig the fuzz. Not all cops are closed-minded assholes. I don’t think that there’s enough of a majority here to make this anything other than you don’t want to work with cops because some cops have been closed-minded with you.
Which I respect. I personally have gone the other way: the closed-minded cops act the way they do because they don’t understand computer crime, and they are scared. No one likes to not understand something. In the case of cops, it challenges their feelings of self-worth. So the less talented, less intelligent, more cynical flavor – which you and I agree are the minority – have a kneejerk reaction and close themselves off.
I’m not going to let them do that to me because it is too important. I am going to continue to be ridiculed and mocked and dismissed by people like your FBI guys. I am going to continue to offer my help and put myself literally in harm’s way because I believe that our society needs cops to transition to defense against cyber, not just physical-world crime.
And let me say this: not all cops are passive when officers break the law. Not any of the ones I know. Even in my short career in law enforcement, I have personally not been in the slightest bit passive.
Your piece is an important part of getting cops to realize that they must take help from subject matter experts, no matter how uncomfortable the subject in which they’re expert may make them.