How I hate the term «Ethical Hacker» !
_Be nice to me please, that's my first post and I don't have extraordinary English skills so feel free to correct me !_😁
Nowadays, security has become an essential issue in the world. Whether in the real world or in the virtual world.
Today, we only talk about cyber-crime, cyber-war, data theft, ... Hacking has become a sad reality from which no one can escape. Whether it is a person, a small or large company like Facebook or Google. We are all susceptible to be attacked by a malicious hacker, whether it is to get money, data, for fun, etc...
The demand for IT Security analysts, ethical hackers, … has exploded. And that's a good thing because security and privacy take priority over everything else. (and that's also a good thing for me when I will finally leave school 😆)
But if there is one thing that bothers me, it is the term "Ethical hacker" used every time because it implies that the hacker is unethical by nature. Once again, we will have to go back to the real definition of the hacker (at least my definition).
For me, a hacker is a person who is curious, a person who instead of just using his toaster will use it, but also open it, understand how it works and finally customize it (for example, add a little voice that wishes us a good day). A great idea and very useful, in my opinion 😂.
A computer hacker, therefore, will follow the same principle.
In this case, there are different types.
There are the:
Black hats who are motivated by money and the pleasure of entering other people's systems without authorization. ← the real unethical person
grey hats who acts more or less in an "ethical" way. These are usually the kind of people who enter a system, without authorization again but without damaging it, for the pleasure of doing so or later inform the company that they have just hacked, so that they can fix the flaw.
white hats who are the "good guys" of the story. I think the definition of Wikipedia is very good, so I'll put it as it is: A white hat is a computer security expert who performs intrusion tests and other test methods to ensure the security of an organization's information systems.
So I prefer the terms "IT security expert", "pentester", etc...
That's all for today, I hope you enjoyed this little article and you'll fight against the expansion of the The thing that should not be named 😂.
And of course, don't hesitate to give your opinion on the subject !
5 Comments
Ben Halpern
6 years agoSame. You can't really control what the mainstream does with technical terms and titles, but it's worth trying to use good descriptive vocabulary where possible.
2 Replies
Max Ong Zong Bao
6 years agoTo me, it just branding or marketing which it's newsworthy whenever it comes out in the news or when you're selling a security certificate.
The various hats that you had mentioned are just the difference in mindset, intent and circumstances on applying your skills for the good or the bad guys.
Which you can easily get tons of autobiographies of ex-hackers who turn into "ethical hackers" or WWII spies turning into double agents due to circumstances decided to use their skills to work for the good guys.
Here's a list of biographies of those "ethical hackers" and WWII double agents
1) Art of Deception: Controlling the Human Element of Security - amazon.com/Art-Deception-Controlli...
2) Agent Zigzag: A True Story of Nazi Espionage, Love, and Betrayal - amazon.com/Agent-Zigzag-Story-Espi...
2 Replies
Younes
6 years agoThey swapped their hoodie for a shirt and a tie 😢😆
Nathanael Demacon
6 years ago"IT security expert" or "pentester" are very good terms, "Ethical Hacker" seems to be used by beginners or peoples who don't really know what an hacker do, which is very common and isn't a problem. Peoples who does head hunting doesn't necessarily know a lot about the domain they are recruiting for.
However, the deeper I go in IT security the more I find that the peoples who works in this domain are too much sensible about terms used to define a hacker, sometimes even the word "hacker" can be argued, which is literally a good term.
It's the same thing about the dark web, peoples who knows a little about security think that it's a "noob" term and must not be used, instead they use terms like the "Tor network", which is not really the dark net but a darknet, literally a private network.
1 Reply
Ali Sabri Sır
6 years agoI agree ...