A hack like this twitter hack would never be a white hat.
The use of the terms white and black hat hackers are under review by the security community. The terminology is based on the days of black and white cinema when the good guys wore white hats and the baddies black so they could be picked out.
I prefer the term ethical hacker for white hat which is effectively hacking with the permission of the owner of the system and responsibly disclosing the results to the owner so that problems can be fixed.
Black hats are simply criminals, while some may claim a moral motive any act that accesses a computer system without permission is against the law (computer misuse act) in the uk and most jurisdictions.
Semantics. Yes. The meaning of words, I was just trying to clarify the meaning of white hat hacker. A true grey hat wouldn't do what the Twitter hack did either.
As for grey hats, there are different definitions but the consensus is it that is someone with "good intentions" who crosses an ethical boundary that a "white hat" would not cross.
E.g. Breaking in to a system without permission or disclosing how a hack on a particular system works without disclosing that information to the owner of the system.
Some system owners actively encourage people to try and break their systems as long as they disclose the information to the owners and do not release details without permission and until the problem is fixed. They do this via "bug bounty" schemes.
Others will threaten legal action against anyone who admits hacking their system, even if they are trying to disclose the hack responsibly. As stated in the earlier post breaking into a system without permission is usually illegal in itself.
That article is stunning, a real eye-opener. There's a whole world out there of which I know nothing.
I need to check out Amazon Books now to see if I can find any books about this sort of stuff.
Fascinating to me too, but then I chose to work in the industry so I am a little biased.
Searching for books on cyber crime and cyber security will throw up a lot of technical books, I have a few suggestions:
Two early works on cybercrime, both a little dated now but well written. The structure of cybercrime hasn't really changed since but the tactics used do of course change over time with technology advances.
Spam Nation by Brian Krebs (who wrote the article above, he is a journalist who specialises in cyber crime)
Dark Market by Misha Glenny (author and journalist who also wrote McMafia among other things)
Most of my reading to keep up to date is online these days, researcher blogs and white papers etc and more on the technical side. I am not aware of anything equivalent to those above that are as good and more up to date.
Comments
Whether they use that info as a vehicle who knows.
Ha, it lost me, too.
Like some things about The Donald and others not as much. He has plenty of people against him so needs someone in his corner in the forum
https://krebsonsecurity.com/2020/07/whos-behind-wednesdays-epic-twitter-hack/
A hack like this twitter hack would never be a white hat.
The use of the terms white and black hat hackers are under review by the security community. The terminology is based on the days of black and white cinema when the good guys wore white hats and the baddies black so they could be picked out.
I prefer the term ethical hacker for white hat which is effectively hacking with the permission of the owner of the system and responsibly disclosing the results to the owner so that problems can be fixed.
Black hats are simply criminals, while some may claim a moral motive any act that accesses a computer system without permission is against the law (computer misuse act) in the uk and most jurisdictions.
That article is stunning, a real eye-opener. There's a whole world out there of which I know nothing.
I need to check out Amazon Books now to see if I can find any books about this sort of stuff.
And the reason why?
Some of her old tweets she's been deleting:
As for grey hats, there are different definitions but the consensus is it that is someone with "good intentions" who crosses an ethical boundary that a "white hat" would not cross.
E.g. Breaking in to a system without permission or disclosing how a hack on a particular system works without disclosing that information to the owner of the system.
Some system owners actively encourage people to try and break their systems as long as they disclose the information to the owners and do not release details without permission and until the problem is fixed. They do this via "bug bounty" schemes.
Others will threaten legal action against anyone who admits hacking their system, even if they are trying to disclose the hack responsibly. As stated in the earlier post breaking into a system without permission is usually illegal in itself.
Searching for books on cyber crime and cyber security will throw up a lot of technical books, I have a few suggestions:
Two early works on cybercrime, both a little dated now but well written. The structure of cybercrime hasn't really changed since but the tactics used do of course change over time with technology advances.
Spam Nation by Brian Krebs (who wrote the article above, he is a journalist who specialises in cyber crime)
Dark Market by Misha Glenny (author and journalist who also wrote McMafia among other things)
Most of my reading to keep up to date is online these days, researcher blogs and white papers etc and more on the technical side. I am not aware of anything equivalent to those above that are as good and more up to date.
@Phantom66
Thanks, will check those out on Amazon.
But with this latest hack, will they now claim they were hacked in the past?