How I hate the term «Ethical Hacker» !
_Be nice to me please, that's my first post and I don't have extraordinary English skills so feel free to correct me !_😁
Nowadays, security has become an essential issue in the world. Whether in the real world or in the virtual world.
Today, we only talk about cyber-crime, cyber-war, data theft, ... Hacking has become a sad reality from which no one can escape. Whether it is a person, a small or large company like Facebook or Google. We are all susceptible to be attacked by a malicious hacker, whether it is to get money, data, for fun, etc...
The demand for IT Security analysts, ethical hackers, … has exploded. And that's a good thing because security and privacy take priority over everything else. (and that's also a good thing for me when I will finally leave school 😆)
But if there is one thing that bothers me, it is the term "Ethical hacker" used every time because it implies that the hacker is unethical by nature. Once again, we will have to go back to the real definition of the hacker (at least my definition).
For me, a hacker is a person who is curious, a person who instead of just using his toaster will use it, but also open it, understand how it works and finally customize it (for example, add a little voice that wishes us a good day). A great idea and very useful, in my opinion 😂.
A computer hacker, therefore, will follow the same principle.
In this case, there are different types.
There are the:
Black hats who are motivated by money and the pleasure of entering other people's systems without authorization. ← the real unethical person
grey hats who acts more or less in an "ethical" way. These are usually the kind of people who enter a system, without authorization again but without damaging it, for the pleasure of doing so or later inform the company that they have just hacked, so that they can fix the flaw.
white hats who are the "good guys" of the story. I think the definition of Wikipedia is very good, so I'll put it as it is: A white hat is a computer security expert who performs intrusion tests and other test methods to ensure the security of an organization's information systems.
So I prefer the terms "IT security expert", "pentester", etc...
That's all for today, I hope you enjoyed this little article and you'll fight against the expansion of the The thing that should not be named 😂.
And of course, don't hesitate to give your opinion on the subject !