Taking a stand on hackers

What should our relationship with the hacking community be? You may remember a news item in last month's 'Security Views' that concerned 'ethical hacking' and 'benevolent hacking'. Recall, please, that a young man from India who once defaced a website and then told the owner how to close the site to attacks was later hired as a security consultant by a US Government agency. Then the 'Dynamic Duo' hacked the FAA to expose its vulnerability to external attack. Somehow, I cannot get these stories and the issues behind them out of my mind, so I'll wrestle with them in this month's editorial. The main issue to be addressed is the type and level of relationship with the hacking community we as information security professionals should maintain.