Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
Sinclair Research Ltd
Methodology (software...
Narrow class group
Abstract syntax
RoboHelp
AWStats
Purity test
recommendation
compare webbrowser
Freenet DSL
Who's Online
8 user(s) are online (7 user(s) are browsing encyclopedia)

Members: 0
Guests: 8

more...
browser tip
Unix Befehle
manual of unix befehle
recommendation!
Sponsored
partner

White hat

: The white hat is also one of Edward de Bono s Six Thinking Hats.

A white hat hacker, also rendered as whitehat or white-hat, is, in the realm of information technology, a person who is ethically opposed to the abuse of computer systems. Realizing that the Internet now represents human voices from all around the world makes the defense of its integrity an important pastime for many. A white hat generally focuses on securing IT systems, whereas a black hat (the opposite) would like to break into them — but this is a simplification. A black hat will wish to secure his own machine, and a white hat might need to break into a black hat s machine in the course of an investigation. What exactly differentiates white hats and black hats is open to interpretation, but white hats tend to cite altruistic motivations.

The term white hat hacker is also often used to describe those who attempt to break into systems or networks in order to help the owners of the system by making them aware of computer insecurity, or to perform some other altruistic activity. Many such people are employed by computer security companies; these professionals are sometimes called sneakers. Groups of these people are often called tiger teams.

White hat hackers often overlap with black hat depending on your perspective. The primary difference is that a white hat hacker claims to observe the hacker ethic. Like black hats, white hats are often intimately familiar with the internal details of security systems, and can delve into obscure machine code when needed to find a solution to a tricky problem without requiring support from a system manufacturer.

An example of a hack: Microsoft Windows ships with the ability to use cryptographic libraries built into the operating system. When shipped overseas this feature becomes nearly useless as the operating system will refuse to load cryptographic libraries that haven t been signed by Microsoft, and Microsoft will not sign a library unless the U.S. government authorizes it for export. This allows the U.S. government to maintain some perceived level of control over the use of strong cryptography beyond its borders.

While hunting through the symbol table of a beta release of Windows, a couple of overseas hackers managed to find a second signing key in the Microsoft binaries. That is, without disabling the libraries that are included with Windows (even overseas), these individuals learned of a way to trick the operating system into loading a library that hadn t been signed by Microsoft, thus enabling the functionality which had been lost to non-U.S. users.

Whether this is good or bad may depend on whether you respect the letter of the law, but is considered by some in the computing community to be a white hat type of activity. Some use the term grey hat to describe someone on the borderline between black and white.

The reference to colored hats comes from Hollywoods use of hats in old black-and-white Western movie film to help an audience differentiate between the good guys (white hats) and the bad guys (black hats).

In recent years the terms Whitehat and Blackhat have been applied to the Search Engine Optimization (SEO) industry. Black hat SEO tactics, also called Spamdexing, attempt to redirect search results to particular target pages, whereas white hat methods are generally approved by the search engines.

=Notable security experts=

*Ralph Echemendia — Hacking Instructor and prominent security researcher. *Fyodor — The author of Nmap & STC. *Johan Helsingius — Operated the world s most popular anonymous remailer, the Penet remailer (called penet.fi), until he closed up shop in September 1996. *Horatio Huxham — Made public a security hole in a South African banking system. *Tsutomu Shimomura — Shimomura helped catch Kevin Mitnick, the United States most infamous computer intruder, in early 1994. He is the co-author of a book about the Mitnick case, Takedown: The Pursuit and Capture of Kevin Mitnick, America s Most Wanted Computer Outlaw-By the Man Who Did It (ISBN 0786889136). *Solar Designer — Founder of the OpenWall Project. *Michal Zalewski (lcamtuf) — Prominent security researcher. *Zaraza (hacker) (3APA3A) — Russian security researcher who has located various flaws in Microsoft Windows and Unix

=Related books=

Network Security: *

=See also=

*Black hat *Grey hat *Hacker ethic *Astalavista Security Group

=External links=

*[http://www.phreak.org phreak.org: Digital Information Society] *[http://www.secureroot.com SecureRoot Directory] *[http://www.windowsecurity.com/articles/Hackers-Security-Consultants.html Hiring Hackers As Security Consultants] *[http://www.white-hat.us/ White Hat Info Tech]