WASHINGTON -- White hat hackers unite!
The Hacker Foundation, a nonprofit organization of ethical security researchers, is trying to extend its reach and encourage more people to join its ranks to help further codify the United States hacking community.
Many people working on important security research programs need financial help to allow them to pay their bills and maintain their efforts to improve IT systems defenses, Hacker Foundation leaders explain. In addition to giving seed money and grants to researchers, the group also raises funds for any legal defense fees incurred by white hats as they bend rules to help test the concepts they build.
By fostering a closer relationship within the white hat hacking population and bringing people together to raise funds and organize new channels for research, the growing community of individuals who engage in ethical hacking can form a more unified front to the outside world and back new projects that keep vital research moving forward, founders of the effort said in their presentation at the ShmooCon convention on March 24.
Founded in 2002, the Hacker Foundation primarily serves as a source of funds for financially challenged security researchers, but the group is hoping to begin opening facilities across the country where people can carry out their experiments and find other hackers with whom to share their work.
Hackers tend to be a solitary crowd or come together in small, tightly-knit groups, but there is much to gain by collecting input and funding from people across the U.S. white hat industry, said Nick Farr, treasurer and co-founder of the Hacker Foundation.
"We're trying to create a base of expertise within the community to give independent researchers access to things they normally wouldn't have access to," Farr said. "Many security researchers are doing work out of the goodness of their hearts. It would be great if we could get resources to allow to them to do their work full time and pay their bills; that's one of the big things we started the foundation for."
For instance, the Hacker Foundation has already set up a fund and is providing resources to the Metasploit Project, an open source computer security effort that aims to provide information to people who perform penetration testing, intrusion detection signature development, and exploit research.
Led by researcher H.D. Moore, among others, Metasploit has already made a name for itself by publishing details of a number of serious flaws in high-profile software programs, including products made by Microsoft and Apple.
Unlike in other countries such as Germany, where that country's Chaos Computer Club -- another national white hat hacker group -- receives government funding, U.S.-based hackers have few resources to turn to, according to Farr and Jesse Krembs, president of Hacker Foundation.
Other projects backed by the Hacker Foundation include efforts to get younger researchers into the wider community at a younger age to teach them the right way to go about their work, and a program to send people across the country, and even the world, to help rebuild IT systems after natural disasters such as Hurricane Katrina.
One of the groups' more significant goals, beyond generating more industry financing through donations, is to open the series of "hacker spaces" it would like to see established in different regions of the country to give researchers someplace to work freely, and in unison.