Which of the following hackers is not being ethical?

• This hacker is on a pentesting assignment and he finds valuable company information out in the open. He downloads the information on his own USB drive and reports it
  • This is correct, the hacker should never save data on their own USB drive. They can never know for sure that they have not comprised themselves.
• This ethical hacker wanders out of scope on accident, she reports it and moves on
  • This can happen, be honest about it
• This ethical hacker is doing bug bounties and they see a way to potentially compromise a server and get a foothold, he checks with the target and proceeds to get the foothold PoC.
• This hacker never signed an NDA, they found a bug, and the target is not accepting it. The hacker is furious and goes to social media to fully detail the issue.
  • This is in theory not unethical, but you still should not do it. Social media is no way of getting things resolved and doing this will certainly not give you any bounty.

What are the biggest cons of unethical behavior in hacking

• You can hurt people physically
  • Incorrect though debateable
• You can hurt people mentally
  • Correct
• You can go to jail
  • Correct
• You can bring in huge amounts of money
  • Incorrect
• You don’t have a scope, anything is in scope
  • Incorrect
• You can operate much more anonymously
  • Incorrect

What are the pros of ethical hacking

• You can hurt people physically
  • Incorrect
• You can hurt people mentally
  • Incorrect
• You can go to jail
  • Incorrect
• You can bring in huge amounts of money
  • Correct, hackers are one of the best paid IT folks out there
• You don’t have a scope, anything is in scope
  • Incorrect
• You can operate much less anonymously
  • Correct