First off, remember that anything that you learn in this blog is to be used ONLY for educational purposes and if you use this information for malicious purposes, you may face legal prosecution.
There are many different types of hackers, but lets first define what a "hacker" is. The media defines a "hacker" as someone who breaks into systems and steals data for their own greedy purpose.
In the hacking world, people who actually do this are called "crackers". They crack passwords and many other things. From this you can see how the name fits, but this world expands more than this.
We can classify these people into 3 categories:
- White hat
- Black hat
- Grey hat
White hat "hackers" are people who know have hacking skills and know how to exploit computers in the same fashion as "crackers", but their goal is to break into a system to better understand how to secure it.
Black hat "hackers" are people who break into a system to steal data and sell the data. These people may break into many different systems, deploy viruses, delete critical data and just flat out take out a service; they may cause havoc on a network.
Grey hat, these people are on the line of black and white. These members may use their skills for the side of good of helping other people out, but at the same time on another note use their skills to break into systems to steal data and resell it.
I just talked about these three terms in the global world as far as the terms go, but we can talk about these terms in the world of Penetration Testing or PenTesting. Corporations may hire people to test their network. A white hat person is greatly associated with this scenario, but grey hats are people who can also be hired. Grey hats in this scenario are people who know very little about the target network. Black hat members hired to perform a PenTest know nothing about the network.
When corporations hire these members, they need to have an established set of permissions and a Non-disclosure Agreement (NDA) signed with the hiring corporation. This means that when the hired hackers find data that could compromise a company's network, they can not share it with anyone, but the company. If they share it with an outside entity, then they may face legal repercussion.
Ethical hackers can be hired for this specific kind of testing. Ethical hackers need to follow protocol in order to provide a corporation with the necessary information they require about their network while maintaining a code of ethics.
With all of this being said, not everyone is out to get you and not all hackers are bad. Some are out there to help you. So just remember you don't have to be on the dark side in order to know cool stuff!
No comments:
Post a Comment