Some time ago, I wrote a blog entry that dealt with a general view of morality that I happen to possess [1]. One of the amusing and ironic aspects of this article was that it led to a philosophical discussion about hacking on a game that I had never heard of before until it started appearing as a referrer to my blog entry [2]. And indeed, the blogger who found my post to be of such surprising relevance as evidence that some people have a lassiez faire attitude towards hacking and exploits had an interesting philosophical comment to make about its passive encouragement in the game Entropia (a game which I have never played and know nothing about, except that apparently hacking runs pretty rampant in it), so I would like to comment at least a little bit about exploits, starting from my own non-computer science background with some analogs and then moving into a more specific discussion.

Early in my collegiate education I had the chance to attend a leadership conference for the American Society of Engineers with a lot of other students at California universities. The particular conference was held in Sacramento that year, and along with me was an illegal immigrant classmate of mine whose mother drove us all to the airport in her minivan (that was more than a little awkward). During the trip, I participated in an impromptou engineering competition where the goal was to use bubble gum, paper clips, and index cards to hold up saucers, with minimum requirements for dimensions and a search for the lowest cost solution that held the most saucers. Our group won, largely based on an exploit that we were quick to exploit. The rules had said nothing about cutting the cards, and when we thought to do so, we asked permission, not being told that it was okay, but not being told that it was wrong either. Being somewhat bold, we chose to take advantage of the exploit and our group ended up winning handily–we had the cheapest solution and we were one of only two groups (the other group belatedly tried to copy us) to construct a structure capable of holding a saucer at all.

For me, this particular experience was a watershed for me, in that it showed me that rules are often constructed from a particular mindset and often do not account for alternative ways of seeking the problem. Indeed, for most people rules may bias their behavior towards a certain solution because of the sorts of restrictions and rules that are made. However, those who are able to think outside of the restrictions and come up with alternate solutions may find solutions which are not accounted for in the rules. At least as far as human rulegoers are concerned, human behavior is vastly more complicated than the design of rules can account for, one of the aspects which makes computer games (and technology in general) rather appealing. Even apart from our desire to see certain rules or laws not enforced out of selfish interest (be they laws of lese majeste, illegal immigration, or age of consent, depending on one’s particular situation), there are occasions where we act in ways that are simply not taken into consideration by those who make the rules, and this is not necessarily a bad thing.

I ought to make it clear that I do not view what is an acceptable bypass of rules from a legalistic standpoint, as is frequently common. For example, there are some who would say that that which is not promptly and always punished is permitted. That is not my moral worldview. There are others who would say that which is not prevented is permitted, and that is not my moral worldview either. Neither God nor human rulemakers have the interest in removing free will by preventing the option of wrongdoing nor is there an interest in prompt and immediate punishment for all wrongdoing. Rather, given the rules and enforcement procedures that exist, we have to choose for ourselves if the wrongdoing we would wish to commit is worth the punishment. Do we drive above the speed limit knowing that the risk of punishment is low, or do we seek mercy when we are found to be above the speed limit even without intent to speed simply out of ignorance to local conditions? There is a great difference between the two, and an honest struggling sinner will generally receive more mercy than a hardened and corrupt sinner who was deliberately seeking to exploit, even if both of them committed acts that were forbidden.

Let us note, though, that exploits are generally forbidden by rules of conduct. To say that what is not forbidden is permitted, at least I mean it, would tend to have a negative view of exploits for the most part, seeing them as mere Pharisaical or legalistic arguments to avoid technicalities. The sort of exploiting that I find quite acceptable, and even enjoyable, is the kind that seeks to solve a problem in an entirely different way than was originally intended, which requires a great deal more originality of thought to accomplish. That said, there is one type of exploit that I find acceptable and that is when companies hire people or reward people for finding exploits in their software or on their web pages as a way of increasing the security of that software. The use of exploits as a way of testing defenses and improving them is an acceptable form of exploits that serves for the side of good, based on the motives of those making the exploits. As is often the case in life, motive matters a great deal. On the whole, though, my particular worldview as expressed in my blog entry [1] does not give a bland endorsement to hacks and exploits. Rather, it is a reminder that human behavior is simply too complicated to account for in regulations and rules, and that we should focus our rules not on limiting people to certain ways of behaving, but encouraging creative solutions to problems and rewarding such creativity and ingenuity with success and praise, while recognizing that it may be a different angle than we are used to thinking ourselves without any sort of malicious intent or behavior. It is the malice that ought to be prohibited, not the mere act of figuring out workarounds.

[1] https://edgeinducedcohesion.wordpress.com/2012/02/20/that-which-is-not-forbidden-is-permitted/

[2] http://entropiatrash.wordpress.com/