White hat
Encyclopedia : W : WH : WHI : White hat
- The white hat is also one of Edward de Bono's Six Thinking Hats.
The term white hat hacker is also often used to describe those who attempt to break into systems or networks in order to help the owners of the system by making them aware of security flaws, or to perform some other altruistic activity. Many such people are employed by computer security companies; these professionals are sometimes called sneakers. Groups of these people are often called tiger teams.
The primary difference between white and black hat hackers is that a white hat hacker claims to observe the hacker ethic. Like black hats, white hats are often intimately familiar with the internal details of security systems, and can delve into obscure machine code when needed to find a solution to a tricky problem.
An example of a hack: Microsoft Windows ships with the ability to use cryptographic libraries built into the operating system. When shipped overseas this feature becomes nearly useless as the operating system will refuse to load cryptographic libraries that haven't been signed by Microsoft, and Microsoft will not sign a library unless the U.S. government authorizes it for export. This allows the U.S. government to maintain some perceived level of control over the use of strong cryptography beyond its borders.
While hunting through the symbol table of a beta release of Windows, a couple of overseas hackers managed to find a second signing key in the Microsoft binaries. That is, without disabling the libraries that are included with Windows (even overseas), these individuals learned of a way to trick the operating system into loading a library that hadn't been signed by Microsoft, thus enabling the functionality which had been lost to non-U.S. users.
Whether this is good or bad may depend on whether one respects the letter of the law, but is considered by some in the computing community to be a white hat type of activity. Some use the term grey hat or (very rarely) brown hat to describe someone on the borderline between black and white.
In recent years the terms Whitehat and Blackhat have been applied to the Search Engine Optimization (SEO) industry. Black hat SEO tactics, also called spamdexing, attempt to redirect search results to particular target pages, whereas white hat methods are generally approved by the search engines.
Notable security experts
- Fyodor — The author of Nmap & STC.
- Johan "Julf" Helsingius — Operated the world's most popular anonymous remailer, the Penet remailer (called penet.fi), until he closed up shop in September 1996.
- Kevin Mitnick — World famous Black Hat-turned-White.
- Tsutomu Shimomura — Shimomura helped catch Kevin Mitnick, the United States' most infamous computer intruder, in early 1994. He is the co-author of a book about the Mitnick case, Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw-By the Man Who Did It (ISBN 0786889136).
- Josip Juhasz — Founder of Slovenian WhiteHats Community.
- Solar Designer — Founder of the Openwall Project.
- Michał Zalewski (lcamtuf) — Prominent security researcher.
- Zaraza (3APA3A) — Russian security researcher who has located various flaws in Microsoft Windows and Unix
Related books
Network Security:
See also
External links
- [phreak.org: Digital Information Society]
- [White Hats and Black Hats in SEO]
- [SecureRoot Directory]
- [Hiring Hackers As Security Consultants]
From Wikipedia, the Free Encyclopedia. Original article here. Support Wikipedia by contributing or donating.
All text is available under the terms of the GNU Free Documentation License See Wikipedia Copyrights for details.