{"id":8507,"date":"2015-07-29T10:00:46","date_gmt":"2015-07-29T14:00:46","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=8507"},"modified":"2015-07-29T10:00:46","modified_gmt":"2015-07-29T14:00:46","slug":"a-public-marketplace-for-hackers-what-could-possibly-go-wrong","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2015\/07\/29\/a-public-marketplace-for-hackers-what-could-possibly-go-wrong\/","title":{"rendered":"A public marketplace for hackers\u2014what could possibly go wrong?"},"content":{"rendered":"

Last November, Charles Tendell quietly launched a website called Hacker’s List. Its name was literal. In this online marketplace, white-hat security experts could sell their services in bite-size engagements to people with cyber-problems beyond their grasp.<\/p>\n

“Hacker’s List is meant to connect consumers who have online issues to hackers or professionals out there who have the skills to service them,” Tendell told Ars. “Consumers get bullied online, they lose personal information, they have things stolen from them, they get locked out of things, and they have people post negative things or post personal information. They didn’t have a place to go to be able to get help and make sure they’re getting the right price or the best person for a particular job. That’s what Hacker’s List is for.”<\/p>\n

The idea seemed clever enough. Soon after launch, The New York Times found the site and brought a stampede of traffic that initially caused it to go down under the strain. In the six months or so since, Hacker’s List has been running without technical hitches. (The site is also utilizing CloudFlare’s content delivery network nowadays.)<\/p>\n

However, controversy has crept in to fill the void left by backend hiccups. It’s true that Hacker’s List’s purpose remains showing the general population that “not all hackers are evil,” as Tendell puts it. His intentions for the site also continue to be noble. But many of the project requests being posted to the site show the message isn’t getting through as the marketplace scales. If anything, it seems that those who now flock to Hacker’s List have largely been people looking for evil hackers to hire. And the site is constantly looking for ways to keep up.<\/p>\n

Goldilocks filtering<\/p>\n

Whether good or bad, all the attention Hacker’s List has drawn since launch hasn’t hurt Tendell. The founder and CEO of Denver-based Azorian Cyber Security is now also the co-host of a syndicated tech radio show and a frequent go-to cyber-expert for local and national news broadcasts. Tendell insists that Hacker’s List is a separate entity from his business, but he admits that “being on the front page of a lot of things has increased Azorian’s footprint and business.” In fact, the international press coverage may be Hacker’s List’s biggest upside\u2014because it’s not clear how many actual business transactions happen through the site.<\/p>\n

According to data on the site itself, only a handful of the enrolled hackers have made any money through Hacker’s List since its November 2014 launch. For most, their earnings listed have been just a few hundred dollars. While there are more than 3,000 “hacker” accounts registered\u2014some representing security firms, others registered to individuals\u2014there’s no way to know how many are active. Some early adopters of the site who spoke with Ars quickly abandoned it as a source of projects when they saw the sorts of requests that started to come in.<\/p>\n

Logistically, Hacker’s List acts as a sort of reverse-eBay: customers post projects, then “hackers” bid on them. The customer selects someone for the job based on bids, and\u2014if the project passes as legitimate with Tendell’s team\u2014the site acts as an intermediary. It holds the customer’s payment until a project is done and they have approved the work. This escrow period also assures the person doing the work that the money is actually there. Afterwards, customers can rate the “hacker” based on their performance and write comments that appear on user profiles.<\/p>\n

In theory, this checks and balances system is the same mechanism that keeps other user-generated economies, from AirBnB to Uber, honest. But a quick survey of the kinds of requests made on Hacker’s List recently looks a lot less like someone trying to buy a used cell phone and a lot more like someone trying to hire a hit-man:<\/p>\n

Read More: A public marketplace for hackers\u2014what could possibly go wrong? | Ars Technica<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Last November, Charles Tendell quietly launched a website called Hacker’s List. Its name was literal. In this online marketplace, white-hat […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,10],"tags":[184,455],"class_list":["post-8507","post","type-post","status-publish","format-standard","hentry","category-security","category-technology","tag-charles-tendell","tag-hacking"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-2dd","jetpack-related-posts":[{"id":7464,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/01\/19\/travelers-beware-hackers-are-after-your-information\/","url_meta":{"origin":8507,"position":0},"title":"Travelers beware: Hackers are after your information","author":"NCCT","date":"January 19, 2015","format":false,"excerpt":"Frequent fliers get all the perks\u2014and all the attention from cyber criminals, apparently. United Airlines, American Airlines, and Park-n-Fly have all reported breaches in the past few days, pointing to an emerging trend of attacks targeted specifically at travelers. Travelers can be an easy mark for cyber criminals, because they're\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9031,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/09\/24\/heres-what-you-should-know-and-do-about-the-yahoo-breach\/","url_meta":{"origin":8507,"position":1},"title":"Here’s what you should know, and do, about the Yahoo breach","author":"NCCT","date":"September 24, 2016","format":false,"excerpt":"By Lucian Constantin | IDG News Service | PCWorld Yahoo\u2019s announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale\u2014it\u2019s the largest data breach ever\u2014and the potential security implications for users. That\u2019s because Yahoo, unlike MySpace, LinkedIn and other online services that\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8976,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/07\/15\/this-android-trojan-blocks-victims-from-alerting-banks\/","url_meta":{"origin":8507,"position":2},"title":"This Android Trojan blocks victims from alerting banks","author":"NCCT","date":"July 15, 2016","format":false,"excerpt":"By Michael Kan | PCWorld A new Trojan that can steal your payment data will also try to stymie you from alerting your bank. Security vendor Symantec has noticed a \u201ccall-barring\u201d function within newer versions of the Android.Fakebank.B malware family. By including this function, a hacker can delay the user\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7164,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/12\/18\/personal-information-of-current-and-former-sony-employees-leaked-by-hackers\/","url_meta":{"origin":8507,"position":3},"title":"Personal information of current and former Sony employees leaked by hackers","author":"NCCT","date":"December 18, 2014","format":false,"excerpt":"After promising a \"Christmas gift,\" hackers have leaked the social security numbers, credit card details, bank account information, healthcare information and compensation, and other employment-related information of current and former employees. Sony has warned that those affected should be on the lookout for fraudsters who might use their personal information.\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8293,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/05\/15\/uk-spy-agency-says-to-hackers-come-work-for-us\/","url_meta":{"origin":8507,"position":4},"title":"UK spy agency says to hackers: Come work for us","author":"NCCT","date":"May 15, 2015","format":false,"excerpt":"The UK government surveillance agency GCHQ needs more hackers. The normally secretive agency has taken the unusual step of posting a job advert - and a press release - about its hunt for IT security staff. It's the first time GCHQ has openly recruited for what it describes as 'computer\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8413,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/06\/16\/us-fears-second-major-breach-exposed-more-employee-data\/","url_meta":{"origin":8507,"position":5},"title":"US fears second major breach exposed more employee data","author":"NCCT","date":"June 16, 2015","format":false,"excerpt":"A second major cyber breach that might reveal far more personal and damaging information appears to have hit the U.S. government\u2019s Office of Personnel Management (OPM). The breach was apparently carried out by hackers with connections to China and targeted a database containing copies of the government\u2019s Standard Form 86,\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8507","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=8507"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8507\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=8507"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=8507"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=8507"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}