A Hacker's Mind by Bruce Schneier

Author:Bruce Schneier
Language: eng
Format: epub
Publisher: W. W. Norton & Company
Published: 2022-12-21T00:00:00+00:00

38

The Context of a Hack

What I am developing is a sophisticated notion of hacking. It’s not that hacks are necessarily evil. It’s not even that they’re undesirable and need to be defended against. It’s that we need to recognize that hacks subvert underlying systems, and decide whether that subversion is harmful or beneficial.

For example, I’ve talked a lot about hacking the tax code. Most of the examples involve hackers (accountants and tax attorneys) finding inadvertent vulnerabilities (loopholes) in the tax code.

Loose language in the American Jobs Creation Act of 2004 created several vulnerabilities in the tax code, which well-heeled firms were able to exploit to great effect. Most notable among these was the domestic production activities deduction, which was supposed to help domestic manufacturers compete internationally; it defined manufacturing so broadly—“combining or assembling two or more articles”—that all sorts of companies took the credit. World Wrestling Entertainment claimed it for producing wrestling videos. Grocery stores claimed it because they spray ripening chemicals on their fruit. Pharmacies claimed it because they had photo printing booths. A maker of gift baskets claimed it because it combined wine and chocolate into a single box. The government took that company to court over the deduction, and lost.

It’s impossible to know for sure, but this problematic wording seems to have been deliberately inserted into the law by legislators responding to lobbyist pressures and the need to get enough congressional votes to pass it. It was just one of the many tax breaks in that law, albeit the one that seems to have had the most inadvertent effects. It was such a popular tax break that it stayed around until 2017, when it was replaced with the qualified business income deduction.

As we’ve moved from simpler to more complex examples, it’s become harder to determine if any particular hack is good. What, exactly, is the “intent” of the rules of hockey, and are they furthered or impaired by curved sticks? Curved sticks make for a faster puck and a more exciting game. But a faster puck is more dangerous, and results in more injuries. When the National Hockey League established rules specifying just how curved a stick could be, it tried to balance both safety and sportsmanship considerations. And those rules have changed since 1967, as the league tweaked that balance: first a one-and-a-half-inch maximum curvature was allowed, then one inch, then half an inch, and currently three-quarters of an inch.

It’s even harder to determine the intent of the legislative staff who crafted that overly broad tax deduction for manufacturing. Did some lobbyist hack the legislative process, giving some member of Congress or that member’s underlings deliberately vague language that the lobbyist knew would be abused? Did the member of Congress believe corporate taxes were inherently bad and slip in language that the member knew would be overlooked as the bill moved through committee and into debate? Was the law just poorly written?

Whether or not a hack is an improvement also depends on who sits where. A clever entrepreneur might use a regulatory loophole for their own gain.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.