Monday 20 April 2009

What is Black Hat?

A black hat (also called a cracker or Darkside hacker) is a malicious or criminal hacker. This term is seldom used outside of the security industry and by some modern programmers. The general public uses the term hacker to refer to the same thing. In computer jargon the meaning of "hacker" can be much broader. The name comes from the opposite of White Hat hackers. 

Usually a Black Hat is a person who uses their knowledge of vulnerabilities and exploits for private gain, rather than revealing them either to the general public or the manufacturer for correction. Many Black Hats promote individual freedom and accessibility over privacy and security[citation needed]. Black Hats may seek to expand holes in systems; any attempts made to patch software are generally done to prevent others from also compromising a system they have already obtained secure control over. A Black Hat hacker may have access to 0-day exploits (private software that exploits security vulnerabilities; 0-day exploits have not been distributed to the public). In the most extreme cases, Black Hats may work to cause damage maliciously, and/or make threats to do so as blackmail. 

Black-hat hacking is the act of compromising the security of a system without permission from an authorized party, usually with the intent of accessing computers connected to the network (the somewhat similar activity of defeating copy prevention devices in software - which may or may not be legal depending on the laws of the given country - is actually software cracking). The term cracker was coined by Richard Stallman to provide an alternative to using the existing word hacker for this meaning. Use of the term "cracker" is mostly limited (as is "black hat") to some areas of the computer and security field and even there is considered controversial. A definition of a group that calls themselves hackers refers to "a group that consists of skilled computer enthusiasts". The other, and more common usage, refers to those who attempt to gain unauthorized access to computer systems. Many members of the first group attempt to convince people that intruders should be called crackers rather than hackers, but the common usage remains ingrained. 

Techniques for breaking into systems can involve advanced programming skills and social engineering, but more commonly will simply be the use of semi-automatic software, developed by others - often without understanding how the software itself works. Crackers who rely on the latter technique are often referred to as script kiddies. Common software weaknesses exploited include buffer overflow, integer overflow, memory corruption, format string attacks, race conditions, cross-site scripting, cross-site request forgery, code injection and SQL injection bugs. 

The reference to colored hats comes from Hollywood's use of hats in old black-and-white Western movies to help an audience differentiate between the good guys (white hats) and the bad guys (black hats). The 'hat' terms do not fall under common use. Even inside the computing field they are very controversial. 

A grey hat commonly refers to a hacker who releases information about any exploits or security holes they find openly to the public. They do so without concern for how the information is used in the end (whether for patching or exploiting).

No comments:

Post a Comment