Journal article

The regimes of ethical hacking: moral projects and the emergence of a market for vulnerability

BP2-STS

  • 2025
Published in:
  • Information, Communication & Society. - Taylor & Francis. - 2025, p. 1-18
English This article examines the historical evolution of ethical hacking and vulnerability disclosure practices from the 1990s to the present day. It analyzes three key disclosure regimes and their emergence: full disclosure, responsible/coordinated disclosure, and bug bounty programs. The full disclosure regime is characterized by an adversarial relationship between hackers and companies, with hackers publicly releasing vulnerability information to pressure companies to improve security. The responsible/coordinated disclosure regime formalizes collaboration between hackers and companies, introducing standards and policies to manage the disclosure of vulnerability information. Finally, the bug bounty regime established a market-based model of disclosure that partially commodified vulnerabilities and transformed ethical
hacking into a form of gig work. The analysis reveals how these regimes while building upon existing models, enact distinct moral projects and govern interactions between hackers and companies. It highlights how ethical hacking has been transformed through processes of normalization, standardization, and economization and argues that these transformations resulted from complex interactions between hackers and companies shaped by broader socio-cultural trends and preexisting practices rather than being the result of a simple cooptation by corporate interests. In doing so, this nuanced historical perspective on vulnerability disclosure regimes demonstrates how a political economy perspective contributes to developing a critical cybersecurity research agenda.
Faculty
Faculté des lettres et des sciences humaines
Department
Département des sciences sociales
Language
  • English
Classification
Anthropology, ethnography
License
CC BY
Open access status
hybrid
Identifiers
Persistent URL
https://folia.unifr.ch/unifr/documents/331752
Statistics

Document views: 15 File downloads:
  • theregimesofethicalhackingmoralprojectsandtheemergenceofamarketforvulnerability-2.pdf: 21