When we are interested in computer security, we are quickly confronted with the color of the hat. White and black supposed to indicate, among the hackers, who are the good ones and which are the bad ones. It's actually a lot more complex than it sounds and also a lot less serious than it's claimed.
For a neophyte, hackers all look alike. Beyond the hoodie in a dark room, they are mostly seen as computer wizard capable of anything. Their competence and the more or less legal side of their activities make them mysterious and can generate admiration and attraction see fear and fear ...
Just as genres of metal music (french desencyclopedia), as required by narcissism of small differences, the hackers needed to distinguish themselves from each other. Opposed to each other for some, forming a whole color chart for others, we would have on one side the white hat and on the other the black hat, the good against the bad.
For our french speaking readers. These terms are entered into jargon and are used as is; in English. Using them translated into French (chapeaux blancs and chapeaux noirs) is not recommended unless you want to sound particularly ridiculous. Mainly because using them seriously is already a bit ridiculous in itself.
Its false consensual air could make one think of absolute criteria - established by ethnologists following a scientific approach - but it is a subjective point of view: each group has its own definition and, ethnocentrism requires, these groups consider themselves better than the others...
Each group, regardless of the color of their hat, therefore considers themselves to be the good, the others being the bad.
White hat, the nice guys
Let's start with the tip of the iceberg: the white hats who, living publicly in the light of day, have been able to spread their Manichean point of view everywhere, right down to wikipedia. For them, the world is the scene of a war between good and evil:
Black hats are ill-intentioned and work illegally by exploiting systems for their own benefit or to harm others. Ransom and vandalism are their key words.
White Hats are ethical and use their skills to ensure the security of systems and to protect the population against these barbaric scourges.
These terms (white and black hats) and definitions are rooted in cowboy movies where, for ease of reading by viewers, the good guys wore white hats and the bad guys wore black hats. It's very ingenious and I wonder why we didn't do this in real life...
In fact, these definitions are written by IT security professionals. Those who make a living by selling services, services, products, ... This dichotomy of good versus evil through which they define themselves has always served them to deploy a two-step commercial strategy:
- Scare you, by communicating regularly about the bad deeds of black hat and the consequences for the victims. The world is dangerous and you will not survive it.
- Reassure you, by posing in white hat and offering services or products to counter these threats. Don't worry, we're managing.
We find this communication strategy in the sharing of cyber news on social networks. Like all news items, these articles are originally published to satisfy our morbid curiosity but by promoting them, these white hat professionals only consolidate their Manichean vision (the outside is full of bad guys) to in fine sell their products.
Black hat, the initiated
In the Manichean world described by the white hats, it is difficult to want to pretend to be black hat. Yet many hackers prefer to think of themselves as such and would take it as an insult to be treated as w8h8 (read aloud: "weight height"). Because for them, what sets each other apart is above all the nobility of their quest.
- White Hats are venal and use the feeling of cyber insecurity to sell unnecessary but very expensive trinkets to people who would do better if they bothered to learn.
- The black hat, they are in search of knowledge and see hacking as an initiatory journey. Their approach is esoteric; they believe that knowledge can only be acquired if you deserve it.
"Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for."
Source : The Mentor, The Conscience of a Hacker, January 8th 1986.
The adherence to the same terms on both sides is in fact no accident and stems from the historical context. The 1960s and 1970s saw the emergence of many anti-conformist, anti-authoritarian and libertarian groups (e.g. May 68 in France) and whose hacker movement would be one of the echoes. Since the white hat are on the side of authority, incompatible with the values of freedom and curiosity of the hackers, the latter will then adopt the term black hat.
In their view, bypassing security measures and breaking into systems does not constitute an act of vandalism because nothing will be broken and no one will be harmed (ideally of course). It is, for them, an exploit; an achievement in their initiatory journey, an extraordinary fact to add to their record.
Basically, this exploit will prove the superiority of the hacker over his opponent of the day who could not firbid him access; and by generalization, its superiority over all its potential adversaries, including the hated white hat. Too weak to defend themselves, they are no longer worthy of consideration and somehow deserve the consequences of their incompetence, thus justifying the hacker's actions:
"I am right because I am the strongest".
Gray Hat, the seducers
Much more recently, a shade of color has appeared, often enough to deserve to be mentioned, and consensual enough to say something about it: the grey hat who seek their place in the shade between the whites and blacks. Most often, they are defined as follows:
- White hat by day, because they are the good guys who work publicly to clean up cyberspace and protect the weak from the bad guys,
- Black hat at night, because they are also keyboard geniuses talking to the matrix in dark rooms and because I was told that having a bad boy side would appeal to girls.
Some also include whistleblowers and other anonymous therein: forced to carry out illegal actions in the general interest such as during the disclosure of Panamanian documents.
But this is an exclusively Manichean point of view and they should be considered black hat (in both meanings of the term). They are also aware and do not pretend to wear a hat, which makes any debate about color pointless.
The problem with grey hat definitions is that you can't be both white and black on the same axis:
- For white hat, no legal action erases illegal action, an intrusion remains an intrusion, even if you have good intentions,
- For black hat, their spiritual quest transcends morality and is incompatible with a venal state of mind. For a real black hat, the only criterion is "who takes precedence between the greed and the search for knowledge?"
In this sense, you will only encounter two kinds of grey hat:
- Impostors who seek media fame by playing on two fronts because it is mysterious and reassuring. You could think of them as white hat in both senses of the word, the complete opposite of the whistleblowers they claim to identify with. To avoid unless you have second degree and popcorn.
- Shy people who do not assume their black hat side in search of knowledge (because it is true that said like that, it is a little naive) and therefore add a touch of white to tell that they are not evil. Avoid unless you like rainbows, paillettes and unicorns.
If you are worried about your position between light and dark, start by breathing slowly. Then repeat to yourself over and over: “these dichotomies are polysemous”. Finally, remember that nobody cares so why bother?
Likewise, tomatoes are fruits AND vegetables and since learning that strawberries, potatoes and salads don't care, they live it better. When in addition we learn that the jackfruit is eaten like meat, is it really necessary to worry?
Because some are not able to appreciate a monochrome photo, they needed to introduce other colors and other subgroups…
Defined by minorities lacking recognition or from pseudo-taxonomist bloggers lacking ideas, we meet everything and especially its opposite. I will therefore only present the three main ones: Reds, Greens and Blues.
Although it is tempting, unfortunately we cannot define all the colors of rainbow (hackers) with these three colors...
The legend… This color would be used by hackers whose goal is to clean up cyberspace and expurgate the bad guys. A sort of knight paladins, crusaders without a flag, who would thus choose colors.
Even though they don't identify themselves as red hats, this type of hacker really does exist and under the guise of their good intentions, these vigilantes are in fact dangerous to the society they claim to be protecting.
- By disseminating the identities of "suspected culprits", they destroy the lives of innocent people (because there are some), prevent the culprits (who can thus destroy evidence) and hinder ongoing investigations (i.e. #OpPedoChat operation or [ORE operation](https: / /en.wikipedia.org/wiki/Operation_Ore)).
- Their fraudulent access, when they do not already interfere with ongoing operations, destroy and invalidate digital evidence (i.e. released for the benefit of the doubt).
Unless you want to live in a totalitarian regime where a simple intuition is enough to put a person in prison, let the professionals do it. The procedures may be cumbersome but they are there to guarantee our safety.
"No one shall be subjected to arbitrary arrest, detention or exile."
Source: article 9 of the Universal Declaration of Human Rights.
And if you really want to clean up the Internet and put your skills at the service of justice, you have plenty of solutions, like [the N-Tech] (https://www.lagendarmerierecrute.fr/metiers/unite-de-police-judiciaire/gendarme-n-tech) or like judicial experts. It may be less lucrative than other careers but, believe us, it is much more rewarding.
The reality… This is mainly one of the oldest GNU/Linux distributions (Red Hat Linux, released in 1994) and the name of the company that publishes it. The color was chosen somewhat because it evokes freedom (reminiscent of the Phrygian cap) but above all because it was that of the co-founder's hat (in the colors of his sports club).
The legend… for some english speaking people, this term was used to define novices who are just starting out in their quest for knowledge. This would then be a way for initiates to show their superiority over the new ones by introducing ranks.
I don't think it was really used. The black hat movement is deeply egalitarian when it brings together enthusiasts and the feeling of superiority is not linked to skills but really to the nobility of the quest. Affectionately, we can call a beginner "newbie" but we are more likely to denigrate the lamers because they strut or the script kiddies because they do not try to understand.
The reality… there is a group of French hackers who considered themselves green hat and operated briefly between 2014 and 2015.
Their definition is completely different and comes from the so-called six hats management method in which green corresponds to lateral thinking and creativity.
Normally, this method involves wearing successively each hat to solve a problem by addressing each corresponding way of thinking (white for the factual side, red for the emotions, black for the negative, yellow for the positive, green for the creativity and blue for the organization). Claiming only one color is therefore not compatible with the method.
On the other hand, even if the name suggests it, I did not find any group of environmental hackers sporting this color.
The legend… For some bloggers, this term is supposed to group together the surly hackers who work mainly for revenge. This is once again a very Manichean point of view that does nothing for the already bad enough black hat. I have not found any trace of this use outside of these rare blogs.
Reality… this term is only found at Microsoft, which uses it as the name for its conference on computer security Blue Hat which takes place once or twice a year. It is then used to define hackers who look for vulnerabilities in software (mainly Windows) and thus allow their correction.
A bit like gray hats (looking for loopholes to help) but with color...
Among the Arsouyes, we stopped wearing hats around 8 years old because after a unanimous vote, we determined that we are not schizophrenic and even if we have self-mockery, we find that wearing a cyber hat is a bit ridiculous.