The social construction of risk and value in information security: recuperation versus détournement
Paper short abstract:
This presentation narrates how risk and value is constructed in the infosec field through a series of small case studies. Hackers work in conjunction with state, capital and academia to sustain a common ecosystem around shared concerns for the material resistance of digital infrastructures.
Paper long abstract:
Information Security (infosec) is a field where software vulnerabilities are often found by unaffiliated hackers, who can choose to use them for financial gain, reputation building or political leverage - with a wide range of consequences. States, capital and academic actors work in conjunction with these independent researchers to sustain these ecosystems, producing a shared language of common concerns around risks and opportunities inherent in technological innovation. During the last decades hacker scenes worked to legitimise offensive security research and transform vulnerability reports from a criminal offence to a valuable commodity on the market. The implementation-recuperation of these demands partly integrated the alternative engineering cultures at the periphery of the industry into the product life cycle of firms, while it also justified repression of its more politically disturbing elements. This presentation narrates how risk and value is constructed in the infosec field through a series of small case studies.
Outlaw innovation and the invention of the outlaw