Home Upgrade Search Memberlist Extras Hacker Tools Award Goals Help Wiki Follow Contact

HF Rulez the UniverseHF Rulez the Universe
MavenGradle
[root@mvngradle.net]
hacking hat terms terminology hacking terminology

Pick your hat

Posted 08-16-2019, 08:49 AM
I'd like to talk a little bit about hacking. More specifically, I'd like to talk about these so called hats the hackers put on their heads.

If you're not aware, there are three types of 'hats' in the hacking community: black hats, white hats and grey hats.
The term black hat refers to a person or entity that performs malicious computer acts for either personal gain or simply because they can. The term white hat refers to hackers who prefer to keep their security-breaching activities within the boundaries of the law. Most security researchers could thus be seen as white hat hackers who use their knowledge and power for the greater good. Grey hats are somewhere in between, somewhat comparable to an anti-hero, who can sometimes use his or her powers for good and other times, well...

The black hat persona

The hacking scene has only grown since the conception of the internet. This should come as no surprise to anyone, because hacking is a very lucrative business. It's easy to make money online if you have the proper skills and knowledge. Most people don't think of themselves as inherently bad, that is a trait of human psychology that holds true for most men. There are exceptions to this case, for example psychopaths, who know they perform morally bad actions, yet they refuse to let their moral compass guide or influence them unless it suits their current goal. I generally regard black hat hackers as the online psychopath. They might very well be the nicest person you could possibly meet on the streets but online they wreak havoc and destruction. Spreading ransomware, looking at your every move through your webcam, stealing money out of your bank account, pretending to be a girl so they can get your naked pictures and extort you. The list goes on and on.

If you speak to any black hat hacker, chances are: they will not regret their actions, they will not doubt their actions and they will not be persuaded from their ultimate goal. For some, that goal is money, for others the goal is to get a laugh due to a twisted sense of humor. Truth is, this is nothing new, crime has been going on since, well, forever. These are the type of hackers you generally read about in the newspapers.

The best of both worlds

The grey hat on the other hand, does have a sense of justice. Albeit a very twisted one that can turn at any moment. They are sometimes driven by money, and other times they feel the need to protect the public. They are very much the deadpool of the online hacking scene.

Imagine the following scenario:
A hacker manages to take control over a server. He finds out that the server he hacked actually belongs to a hospital and said hospital really needs this server to remain operational because it holds a lot of sensitive information about their patients and the treatment plans for those patients. The grey hat will not only know that what he is doing is wrong, but he has already performed an unlawful act by taking over the server in question.

At this point, the hacker might sell access to this server or he might just inform the hospital about what happened and how they should increase the security of their computer systems. He could just as well take the third option: Sell access to the server to a third party AND inform the hospital about the data breach.

With great power, comes great responsibility

The white hat hacker is the person who will do everything he/she can to operate within the boundaries of the law and the rules of the game. He or she will attend bug bounty programs, hacking contests organized by companies to find security flaws in their systems or he/she might very well be working for an antivirus company.

The white hat hacker is guided by his or her moral compass to do the right thing. They will do anything they can to operate lawfully and generally adhere by the rules.

Some final notes
All in all, the hacking scene is a complex one. It is not impossible to change your mind about something at any point in your life, it's not all that uncommon to 'change your hat' in the hacking scene either. For example: A grey hat hacker might one day decide to leave his illegal activities behind, much like Marcus “#” Hutchins and become a full time white hat hacker.

Anyway, now that you know what the terms refer to, I can't help but wonder. What hat will you put on today?