The Ethics of Hacking: Should It Be Taught? (1512.02707v1)

Abstract: Poor software quality can adversely affect application security by increasing the potential for a malicious breach of a system. Because computer security and cybersecurity are becoming such relevant topics for practicing software engineers, the need for educational opportunities in this area is steadily increasing. Universities and colleges have recognized this, and have started to offer programs in cybersecurity. At face value, these new programs may not appear controversial, but developing their curriculum requires answering a complex ethical question: Should programs teach hacking to their students? Even though there are different types of hackers, media reports of cybersecurity incidents tend to reserve the "hacker" label for cyber criminals, which overlooks the value in hacking (and, by extension, teaching students to hack). This article examines the full spectrum of hacking behavior, as well as arguments for and against including hacking in education programs, and recommends that hacking skills be considered an essential component of an education and practice in software quality assurance.