It costs governments and companies worldwide over a trillion dollars annually. It can get you arrested. But it can also get you hired.
Hacking is a prevalent part of modern technological society, yet at the academic capital of technology, we reduce the topic to just a few academic settings — several courses taught by Professor Dan Boneh, and one by Professor Bahman Bahmani. When asked about our offerings in this area, Professor Boneh also noted that the CS department is hoping to hire another security professor to expand.
Stanford does, however, invest a lot of money in security through IT Services. The breach of Stanford’s information systems last summer, which was one of the main reasons for implementing two-step authentication, epitomizes the importance of security on campus.
Stanford students are some of the best computer scientists in the world, and their labor while enrolled is relatively cheap. If Stanford hired its own students to fix tech glitches, a positive synergy would ensue: the school could solve web problems cheaply, and students would have practical jobs on campus that make them more employable in the future.
One way to get students involved is to require outside contractors to involve Stanford students in their work. This could take the form of an internship, or even a class.
For simple glitches like those in Explore Courses, this scheme would involve a training about how the back-end of some of these websites are coded, and students would receive projects as glitches occur. This would give students access to the mainframe of sites, so were they to make a mistake, it could have serious consequences for website functionality, but this concern exists for website maintenance employees anyways. And because such a program would be selective, the likelihood of such a mistake would diminish greatly.
For security specific problems, there are always concerns of trust and ensuring that information is not leaked. In the initial implementation of such a policy, the school would have to start students on low-level maintenance, and from which to build a repertoire of privileges. The NSA implements such a system, but it is clear that it is not without some security faults from internal workers (read: Snowden).
There are not many venues for students to legally hack websites, yet it is a skill that security employers seek. In a United Kingdom survey, more than 50 percent of employers would hire hackers to improve their IT security. If Stanford provided an avenue for students to legally break into their system, working with a company that tests for such breaches on an inactive form of the site, student job prospects in IT might increase — an excellent application of the knowledge they’ve learned in the classroom.
By putting the power in student hands, Stanford would also be increasing transparency. Students often know about glitches and errors before anyone else, giving them the ability to identify problems, report them to the university, fix those problems, and get paid for their work. The administration can often seem like an amorphous organization that we have no influence over as students. But putting student accountability and further feedback into the system has the added benefit of creating a more open relationship between students and the technology they use on campus.
Let’s improve our cyber security and the quality of our Stanford web experience. In doing so, we’ll improve student job prospects too.