WHITE & BLACK

WHITE HATS Vs BLACK HATS

The white hat is also one of Edward de Bono's Six Thinking Hats.

A white hat hacker, also rendered as ethical hacker, is, in the realm of information technology, a person who is ethically opposed to the abuse of computer systems. The term is derived from American western movies, where the good cowboy typically wore a white cowboy hat and the bad cowboy wore a black one. Realizing that the Internet now represents human voices from all around the world makes the defense of its integrity an important pastime for many. A white hat generally focuses on securing IT systems, whereas a black hat (the opposite) would like to break into them — but this is a simplification. A blade hat will wish to secure his own machine, and a white hat might need to break into a black hat's machine in the course of an investigation. What exactly differentiates white hats and black hats is open to interpretation, but white hats tend to cite altruistic motivations.

The term white hat hacker is also often used to describe those who attempt to break into systems or networks in order to help the owners of the system by making them aware of security flaws, or to perform some other altruistic activity. Many such people are employed by computer security companies; these professionals are sometimes called sneakers. Groups of these people are often called tiger teams.

The primary difference between white & black hat hackers is that a white hat hacker claims to observe the hacker ethic. Like black hats, white hats are oftenintimately familiar with the internal details of security systems, and can deleve into obscure machine code when needed to find a solution to a tricky problem

 An example of a hack: Microsoft Windows ships with the ability to use cryptographic libraries built into the operating system. When shipped overseas this feature becomes nearly useless as the operating system will refuse to load cryptographic libraries that haven't been signed by Microsoft, and Microsoft will not sign a library unless the U.S. government authorizes it for export. This allows the U.S. government to maintain some perceived level of control over the use of strong cryptography beyond its borders.

 

While hunting through the symbol table of a beta release of Windows, a couple of overseas hackers managed to find a second signing key in the Microsoft binaries. That is, without disabling the libraries that are included with Windows (even overseas), these individuals learned of a way to trick the operating system into loading a library that hadn't been signed by Microsoft, thus enabling the functionality which had been lost to non-U.S. users.

 

Whether this is good or bad may depend on whether you respect the letter of the law, but is considered by some in the computing community to be a white hat. type of activity. Some use the term grey hat or (very rarely) brown hat to describe someone on the borderline between black and white.

 In recent years the terms Whitehat and Blackhat have been applied to the Search Engine Optimization (SEO) industry. Black hat SEO tactics, also called spamdexing, attempt to redirect search results to particular target pages, whereas white hat methods are generally approved by the search engines.