Skilled Soft Blog


  • Comments: 0
  • January 09, 2014 05:58 AM
  • in Information Security
  • by martian
  • Visits: 5424
  • Last Modified: -/-

The Hacker Thinking Hats

Hackers can be defined by their motives as well as how they perform their information security rites. This article aims to demistify where a hacker falls incase you encounter one or are one but don't know what hat you wear. Not all hackers are out  for malice as is usually presumed.

The hats are:
1. White Hat Hacker
2. Red Hat Hacker
3. Yellow Hat Hacker
4. Black Hat Hacker
5. Green Hat Hacker
6. Blue Hat Hacker
7. (Others) Grey Hat Hacker

White Hat Hacker

A white hat hacker, also rendered as ethical hacker, is, in the realm of information technology, a person who is ethically opposed to the abuse of computer systems. The term is derived from American western movies, where the good cowboy typically wore a white cowboy hat and the bad cowboy wore a black one. Realizing that the Internet now represents human voices from all around the world makes the defense of its integrity an important pastime for many. A white hat generally focuses on securing IT systems, whereas a black hat (the opposite) would like to break into them — but this is a simplification. A black hat will wish to secure his own machine, and a white hat might need to break into a black hat's machine in the course of an investigation. What exactly differentiates white hats and black hats is open to interpretation, but white hats tend to cite altruistic motivations.

The term white hat hacker is also often used to describe those who attempt to break into systems or networks in order to help the owners of the system by making them aware of security flaws, or to perform some other altruistic activity. Many such people are employed by computer security companies; these professionals are sometimes called sneakers. Groups of these people are often called tiger teams.

The primary difference between white and black hat hackers is that a white hat hacker claims to observe the hacker ethic. Like black hats, white hats are often intimately familiar with the internal details of security systems, and can delve into obscure machine code when needed to find a solution to a tricky problem.



Red Hat Hacker

This simply means how the Red Hat Hacker thinks :
• Hat (Fire)
• Intuition
• Opinion
• Emotion (subjective)


Yellow Hat Hacker

This simply means how the Yellow Hat Hacker thinks:
• Hat (Sun)
• Praise
• Positive aspects (objective)
Looks for the best things that could happen. Opposite of a blackhat who looks at the negative.

Black Hat Hacker

A black hat (also called a cracker or Darkside hacker) is a malicious or criminal hacker. This term is seldom used outside of the security industry and by some modern programmers. The general public use the term hacker to refer to the same thing. In computer jargon the meaning of "hacker" can be much more broad. The name comes from the opposite of White Hat hackers.

Usually a Black hat is a person who maintains knowledge of the vulnerabilities and exploits they find as secret for private advantage, not revealing them either to the general public or the manufacturer for correction. Many Black Hats promote individual freedom and accessibility over privacy and security. Black Hats may seek to expand holes in systems; any attempts made to patch software are generally to prevent others from also compromising a system they have already obtained secure control over. A Black Hat hacker may have access to 0-day exploits (private software that exploits security vulnerabilities; 0-day exploits have not been distributed to the public). In the most extreme cases, Black Hats may work to cause damage maliciously, and/or make threats to do so for blackmail purposes.

Black-hat hacking is the act of compromising the security of a system without permission from an authorized party, usually with the intent of accessing computers connected to the network (the somewhat similar activity of defeating copy prevention devices in software - which may or may not be illegal depending on the laws of the given country - is actually software cracking).

The term cracker was coined by Richard Stallman to provide an alternative to abusing the existing word hacker for this meaning. This term's use is limited (as well as "black hat") mostly to some areas of the computer and security field and even there is considered controversial. One group that refers to themselves as hackers consists of skilled computer enthusiasts. The other, and more common usage, refers to people who attempt to gain unauthorized access to computer systems. Many members of the first group attempt to convince people that intruders should be called crackers rather than hackers, but the common usage remains ingrained.



Green Hat Hacker

The Green Hat Hacker is characterised by:
• Hat (Plant)
• Alternatives
• New approaches
• Everything goes (speculative)
This is usually a very creative hacker.

Blue Hat Hacker

The Blue hat hacker is characterised by:
• Hat (Sky)
• Big Picture
• Conductor hat
• Thinking about thinking
• Overall process (overview)
• Refers to outside computer security consulting firms that are used to bug test a system prior to its launch, looking for exploits so they can be closed.
Seems to be more of an analysts always checking both sides of a coin. e.g. the glass is both half full and half empty and justifying it.


(Other) Gray Hat Hacker

Grey hat in the computer security community, is a skilled hacker who sometimes acts legally and in good will and sometimes not. They are a hybrid between white and black hat hackers. They hack for no personal gain and do not have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

For example, attacking corporate businesses with unethical practices could be regarded as highly unethical and would normally be considered black hat activity. However, to a grey hat, it may not appear bad even though it is against that local law. So instead of tagging it black hat, it is a grey hat hack. A person who breaks into a computer system and simply "plants his flag" while doing no damage, is usually classified as a grey hat.
Share
  • Twitter
  • del.icio.us
  • Digg
  • Facebook
  • Technorati
  • Reddit
  • Yahoo Buzz
  • StumbleUpon

No Comments Yet...

Leave a reply

Name: Required Field.
Email Address: Required Field. Not visible
Website:
Captcha Code: Required Field.
Comment: Required Field.