I did see that episode and Space Rogue is right and I agree with what he said. He said "you either are a hacker or you aren't, there's nothing ethical about it. But prefacing the term with ethical you give the illusion that all hackers are bad, or somehow unethical. Hacker does not equal criminal"
Space Rogue is referring to the original term Hacker and not what it is known as today. If anyone mentions hacker most people think "bad guy, criminal". Sadly, the real bad guys' original term was cracker but I guess that term never caught on.

I also think Space Rogue is misinformed, he asked why if the DoD had to pick an official certification, did they "pick one from the EU" instead of one of the US based certifications.
EC Council does not have any offices in the EU: https://www.eccouncil.org/contact_us.aspx 
 

Data_Raid -

Dead on!


It's very true, that being a hacker IS being a hacker.  It's the mindset and reasoning BEHIND behind a hacker that qualifies the actions as ethical or not.  I only caught part of the episode, as I got pulled away on a critical issue, for a customer.  But I would really like to catch the rest at some point.  I've never looked for it, though, but is there an archive I can catch the rest at?

TIA.

I'm not to sure about that (just watched the segment again). The show is called HNNCast (as in Hacker News Network), and it's mostly about computer security.

It's really no different than saying White Hat (light side, ethical, etc) Hacker or Black Hat (darkside, unethical, etc) Hacker.

But I learned the word hacker from the Jargon file.

@Hayabusa hackernews.com

@Don Thanks for moving the thread, I wasn't sure where to put it when I wrote it yesterday.

Great thread, so I thought I'd chime in as I've been part of this conversation for a while. Especially running a site named The Ethical Hacker Network. 

chrisj makes an excellent point. It's more that the phrase 'ethical hacker' is a subset of the larger group 'hacker.' Just like black hat or criminal hacker is also a subset. We're all hackers.

I just recently did a video for CompTIA on the basics ethical hacking. One of the areas I cover is what 'ethical hacking' is and what it is not. 2 things I mentioned in the section on what it is discusses a) there's more than 1 accepted definition of hack as being negative. Mostly in academia. Take a look at this from dictionary.com on the def of the noun 'hack':


Members of the media also have their own definition with a negative connotation:


http://dictionary.reference.com/browse/hack

And then B) When identifying themselves, criminals don't mention their subset, they simply call themselves hackers.

So add the definitions with negatives tones used in academic circles and the media (which BTW come from academia themselves) to the bad guys calling themselves hackers, and it was doomed to be hijacked.

So legitimate industry came up with a way of describing their subset. They've tried 'auditors,' 'researchers,' 'pen testers'... maybe it's simply because the word 'hacker' is sexy that 'ethical hacking' stuck. No matter what you call yourself, a rose by any other name...

So ethical is just a way of describing yourself. Apollo makes a great statement about being ethical and only experience and reputation can prove that you actually are. I don't completely agree with his art vs porn argument, but I see his point. A cert can clearly let the world know that you have a baseline of technical knowledge. But can it truly claim that you are ethical? The way I see it is that a certification attemtping to certify ethical behavior can only help the individual claim that their intention is to go down the legal path. As mentioned, experience and reputation is the only true way of proving it.

Then again, can't the same thing be said of the technical side? One may have the book knowledge to be able to pass a cert, but experience and reputation in the practical use of that knowledge is what sets you apart from the rest.

There's my $.02.

Don