Ethical Hacker Community Forums

Can anyone explain me what actually ethical hackers are??What are the differences with black hats and what respect they gain?I am asking these because I ahve seen people blaming ethicalhackers and telling that they are shit infront of Black Hat people,I want a solid discussion on it with all facts and points.Where we exist in this Infosec world among with Black Hats?I ahve heard people telling -

Black Hat //"True Hackers"
- Gray Hat //Diplomats
- White Hat //Media-whores, Greedy ass-craps who buy exploits from Blackhats.

and even Black Hats are proud of having better money,cars and amazingly hot chicks :o,so I wANT to know about us about ETHICAL HACKERS.

Why we are needed,whats the pluc point and all....Please post and make our Ethical world more stronger. :)


Regards
Rok.

Black Hat = malicious
White Hat = pentester / security analyst
Grey Hat = Black Hat turned good

Black Hat hackers are the guys you see going to jail for some big cyber crime.
White Hat hackers are us. We are in the security field, not the anti-security field.

A lot of people will tell you that Black Hat hackers know more about real hacking, but the truth is that a lot of that experience might not even be any good for a pentest, because there are certain rules you must follow while doing a pentest (such as, you can not use viruses on the companies servers/workstations).

A hacker is someone who knows how to exploit computer vulnerabilities, wether it is by using tools or making their own buffer overflows. A black hat will do this to make money, to piss someone off, etc.. A white hat will patch this so a black hat cannot.

If you get a way from the computer topic, a hacker is simply one who sees a problem or challenge, and finds a way to overccome it. Using lockpicks instead of breaking a lock is hacking. Social engineering doesn't involve computers at all, and it is a form of hacking.

A hacker is not a bad title. It is a good one.
Your reputation on how you use it is what sets you apart.

So rok, my question to you is, what do you want it to be?

And honestly, I hate labels like these.

How about we forget all the hats, and simply use terms with no ambiguity:

Criminal
Professional
Hobbyist

Let the debate begin...  ;D

Don

Don,

that might be the first sensible naming convention I've come across, if nothing else should remove the debate (at least until someone starts arguing the criminal/morality points).

i think the olny argument you can make for the criminal, is if there were none of them, would this site even exsist??

i hope nobody takes that in the wrong way, i do not support any sort of criminal activity.

pjayes

Good 'simple' and non-jargonish definition Don.  I'm not sure how much I want to touch the topic though.  I'm white hat to be sure, though I am no saint. 

The tone of the begining post cracks me up though.  Black hats being called: "True Hackers" is funny, since as Eth3real pointed out... a hacker is someone who enjoys tinkering with, and or solving a problem in a non standard way.  My old A+ teacher from college is one of the coolest hackers I've ever known.  Guy has built more circuit boards, and linux programs than anyone I've ever known.  He litterally ENJOYS spending all weekend creating a new piece of hardware.  He was excited one Monday, because he had built a nice speaker for his boat from spare parts over the weekend.  A true.. uber geek. 

Most Black Hats from my experience fall into a few catagories. #1 Pimple faced script kiddies trying to compensate for lack of testosterone and social graces by abusing computers with pre-made programs.  #2 People lacking basic respect for others, and instead enjoying malicously annoying others to feel better about their lifes.  (often #1 after a few years past teendom)  #3  Those just out to make money, I would estimate still the minority, but DEFINATELY growing in poorer countries.

Grey Hats, like my A+ teacher... arn't going to be malicious persay, but love to learn.  My teacher didn't like the college infringing on his freedom to surf the net, or that of his students... so as a project we learned proxies and how to cercumvent the schools firewalls and monitoring programs.  Was it legal persay?  No.  Was it intended for harm?  No.  My German roomate would probably fall into that camp as well.  He did hack sites, though he always sent them an email after telling them what holes he found.  He was out to learn, not to destroy or annoy.  He did get his computer remote wiped once, which was funny.

White hats... like black hats has different facets as well.  Professional security, highly morally convicted hobbyists, those deathly affraid of going up the river to a "Burrito in the 4ss" jail cell but wanting to learn to hack... you know, things like that.

Yup, explains why I'm not in the 'black' camp :D