UNIT 14 – Hats, Hats, Hats: What’s the Color of Yours?

One of the misunderstandings among people who are not in I.T. is the word
“hacker”. The word itself comes from the verb “to hack” or “cut with rough or heavy
blows”. So, a hacker is someone who works on software like a logger works on a
tree – hacking until they reach their goal. A person who is a hacker is not inherently
bad – the term does not mean “criminal” or “bad guy. It all depends on what “hat”
they wear – white, black, gray, red, blue, and who knows what new color they come
up with. A hacker may be someone who compromises computer security (black
hat) or a skilled developer in the free software or open-source communities (white
hat).

Many of the values and tenets of the free and open source software movement come
from the hacker ethics that originated at MIT and at the Homebrew Computer Club.
These can be described as:

• Access to computers-and anything that might teach you something about the
way the world works-should be unlimited and total
• All information should be free
• Hackers should be judged by their hacking, not false criteria such as
degrees, age, race, or position.
• You can create art and beauty on a computer
• Computers can change your life for the better
• Hacker ethics are concerned primarily with sharing, openness, collaboration,
and engaging in the hands-on development

Linus Torvalds, one of the leaders of the open-source movement, who also
developed the Linux kernel, notes that these principles have evolved from the
known Protestant ethics and incorporates the spirits of capitalism, as introduced in
the early 20th century by Max Weber.

Let’s look at each of these types of hackers.

White Hat

For those of you who are in the Cybersecurity

program, this is what we would expect you to
be. White-hat hackers are the “ethical
hackers,” experts in breaking into computer
security systems and using their abilities for
good, ethical, and legal purposes rather than
bad, unethical, and criminal purposes.

Many white-hat hackers are employed to test an organization’s computer security

systems. The organization gives the white-hat hacker permission to attempt to
compromise their systems. The white-hat hacker uses their knowledge of computer
security systems to compromise the organization’s systems the same way a black
hat hacker would. However, instead of using their access to steal from the
organization or vandalize its systems, the white-hat hacker reports back to the

122
UNIT 14 – Hats, Hats, Hats: What’s the Color of Yours?

organization and tells them how they gained access. This allows the organization to
improve their defenses. This is known as “penetration testing”.

A white-hat hacker who finds a security vulnerability would tell the developers, thus
allowing them to patch their product and improve its security before it’s
compromised. Many organizations pay “bounties” or award prizes discovering
vulnerabilities.

Black Hat

Black-hat hackers, or “black hats,” are the

type of hacker the popular media focuses
on. Black-hat hackers violate computer
security for personal gain or for pure malice.

Black hats fit the widely-held stereotype that

hackers are criminals who do illegal activities
for personal gain and attacking others.
They’re the computer criminals.

A black-hat hacker who finds a new “zero-day” security vulnerability would likely
sell it to criminal organizations on the black market or use it to compromise computer
systems.

Gray Hat

As in life, very few things in life are clear

black-and-white in I.T. A gray-hat hacker
doesn’t work for their own personal gain or
to cause damage, but technically may
commit crimes and do unethical things.

A gray-hat hacker might attempt to break

into a computer system without permission,
informing the organization after the fact and allowing them to fix the problem. The
gray-hat hacker didn’t use their access for bad purposes, but they broke into a
security system without permission, which is illegal.

A gray-hat hacker may disclose the flaw publicly instead of privately to the
organization and giving them time to fix it. They wouldn’t take advantage of the flaw
for their own personal gain — that would be black-hat behavior — but telling the
public could cause damage as black-hat hackers tried to take advantage of the flaw
before it is fixed.

123
UNIT 14 – Hats, Hats, Hats: What’s the Color of Yours?

These hacker terms have appeared in general culture. “Black hat,” “white hat,” and
“gray hat” can also refer to behavior – if someone says, “That seems a bit black hat”,
they are saying that the action in question seems unethical.

In addition, there has been a proliferation of terms in the hacker world, some have
gained general use, others only in a small subset. Let’s look at a few of these.

Blue Hat

A blue-hat hacker is someone from an outside

computer security consulting firm who is used
to bug-test a system prior to its launch. They
look for exploits so they can be closed.
Microsoft also uses the term BlueHat for a
series of security events.

Red Hat
These term is not to be confused with
RedHat, the company that puts out
RedHat Linux. When referring to hackers,
these are the vigilantes of the hacker world.
They are like White Hats in that they halt Black
Hats, but instead of reporting the malicious
hacker, they shut them down by uploading
viruses, DoS, or breaking into someone’s computer to destroy it from the inside out.
They use multiple aggressive methods that might force the Black Hat to need a new
computer.

Script kiddie

In hacking culture, a script kiddie is an unskilled person

who uses scripts or programs developed by others to
attack computer systems and networks and deface
websites. Most script kiddies are juveniles who don’t have
the ability to write sophisticated programs or exploits on
their own. Their objective is to try to impress their friends
or gain credit in computer-enthusiast communities.
However, the term does not relate to the actual age of the
person and is considered very derogatory. Script-kiddies
think what they are doing is fun. It’s not. It’s illegal and
they can go to jail.

124
UNIT 14 – Hats, Hats, Hats: What’s the Color of Yours?

Hacktivist

Many hackers are disappointed by the mass media and general public's usage of the
word hacker to refer to security breakers. They call them "crackers" instead. This
includes both "good" crackers ("white hat hackers") as well as those more "evil”
crackers ("black hat hackers"), and all the other “hats” listed above. The
programming subculture of hackers, in contrast to the cracker community, generally
sees computer security-related activities as against the ideals of the original and true
meaning of the hacker term. This term, however, has been used by “black hat”
hackers who see themselves as doing good by “exposing” what they feel is “evil”.
WikiLeaks is a good example. The people who exposed the “secrets” did so without
thinking about the damage and the deaths that it would cause.

As you can see, there is a wide variety of hacking and hacking terms in I.T. The
meanings given in this Unit are those as of 2018. They may change with time. The
main choice you have is – What hat will you wear?

SOURCES:
https://www.howtogeek.com/157460/hacker-hat-colors-explained-black-hats-white-
hats-and-gray-hats/

https://en.wikipedia.org/wiki/Security_hacker

https://en.wikipedia.org/wiki/Hacker_culture

Hall et al. “CS1300: Introduction to Computing”. Textbook, St. Mary’s University

Computer Science Press (2010), San Antonio, Texas.

125
UNIT 14 – Hats, Hats, Hats: What’s the Color of Yours?
VOCABULARY
TECHNICAL
cracker – зломщик; компьютерный
взломщик; специалист по раскрытию
шифров и кодов
hacker – хакер; компьютерный пират
hacktivist - хакер-активiст; хактивiст;
хактивист (лицо, использующее
компьютерные сети для
распространения той или иной
идеологии
open-source - відкрите джерело;
общедоступный, бесплатный
penetration testing - випробування на
проникнення; тест на защиту от
несанкционированного доступа
script kiddie - скрипт kiddie; хакер-
дилетант; взломщик-дилетант;
(начинающие или совершенно
неквалифицированные хакеры, часто
с большим самомнением,
использующие для атак на сети
готовые хакерские инструменты
(hacking tools), не понимая как они
написаны и как работают.)
zero-day vulnerability - уразливість
“нульового дня”; уязвимость
"нулевого дня" (уязвимость, атаки на
которую проводят в тот же день,
когда она обнаружена, т.е. пока
отсутствует "заплатка" от
разработчика ПО)
126
NON-TECHNICAL
bogus (adj) – фіктивний; підроблений;
фальшивий; фальшивый
bounty (n) – щедрість, дар; щедрость,
дар
compromise (v) - піти на компроміс,
компроміс; пойти на компромисс
consulting firm - консалтингова фірма;
консалтинговая компания
criminal (n) – злочинець; преступник
criterion/-a (n) – критерій, критерії;
критерий; критерии
deface (v) – затемнювати; псувати;
стирати; повредить; портить; портить
поверхность
depend on (v) - залежить від; зависеть
от
derogatory (adj) – зневажливий, що
применшує, принизливий;
уничижительный, пренебрежительный,
умаляющий
disclose (v) – розкривати; виявляти;
обнаруживать; раскрыть (особенно
конфиденциальную информацию)
ethical/unethical (adj) – етичний/
неетично // моральный/ неэтичный
hack (v) – рубати; рубить
impress (v) – вразити; производить
впечатление
improve (v) – поліпшити; улучшать
UNIT 14 – Hats, Hats, Hats: What’s the Color of Yours?

inherently (adv) - за своєю суттю; по

своему существу, по сути
juvenile (n, adj) - підліток; подросток
logger (n) - реєстратор; программа
записи; самописец; лесоруб
malice (adj) – злість; злоба
medium/-a (n) – середовище; среда
misunderstanding (n) – непорозуміння;
неправильное понимание
objective (n) – мета; цель
sophisticated (adj) – витончений;
позбавлений простоти; высокой
сложности
stereotype (n) – стереотип
subculture (n) – субкультура; культура
отдельной этнической или социальной
группы
subset (n) – підмножина; подмножества
technically (adv) – технічно; технически
term (n) – термін, навчальний семестр;
срок, продолжительность, семестр
to be employed (v) - бути зайнятим;
работать по найму
vandalize (v) - по-варварському
ставитися, нівечити; бесчинствовать
vigilante (n) – прихильник; комитет
бдительности, непримиримый борец
violate (v) – порушувати, зневажати;
нарушать, преступать

ACTIVITIES:

1) What “hat” do you wear and why?

2) Find at least five (5) more terms used by the hacker community and explain
what they mean.

3) Why do you think “script kiddies” are looked down upon by the hacker
community, no matter what color “hat” they wear?

4) What do you know about the DARK WEB (don’t go there – do research)?

127
UNIT 14 – Hats, Hats, Hats: What’s the Color of Yours?

Vocabulary exercises

Exercise 1. Match the word/phrase with its definition

1) vigilante a) software is free to use, and the original program can

be changed by anyone
2) term b) he quality of being vulnerable (= able to be easily hurt,
influenced, or attacked), or something that
is vulnerable
3) subset c) a large amount of something or a sum of money paid as
a reward
4)subculture d) involving or having the character of a crime
5)stereotype e) a condition or fact used as a standard by which something
can be judged or considered
6) objective f) of, by, or for a young person who is not yet an adult
7)misunderstanding g) the material through which a wave or other force travels
8) medium h) a failure to understand, or an argument resulting from
the failure of two people or
two sides to understand each other
9) juvenile i) something that you aim to do or achieve
10) criterion j) an idea that is used to describe a particular type of
person or thing, or a person or thing thought to
represent such an idea
11) criminal k) the way of life, customs, and ideas of a particular group
of people within a society, which are different from the
rest of that society
12) bounty l) a set of numbers or things that is part of another, larger set
13) vulnerability m) the fixed period of time that something lasts for
14) open-source n) a person who forces obedience to the law without legal
authority to do so, or a member of a group that decides
to force obedience to the law without official authority

128
UNIT 14 – Hats, Hats, Hats: What’s the Color of Yours?

Exercise 2. Fill in the blanks with the words/phrases from the Unit.

hacker hacktivist bogus compromise deface derogatory ethical

1) _______________ are a major defense department concern.

2) A ___________________ attacked the bank’s site this week.
3) He produced some
___________ documents to support his application.
4) This piece of equipment is the ideal ____________
between power and portability.
5) They used spray paint to _______________ the sign.
6) She was upset by __________ comments made about
her presentation.
7) The awards recognize companies, individuals, and nonprofit
organizations__________ behavior.

Grammar

Exercise 3. Focus on the QUANTIFIERS (some, any, no, not any,

every, etc.) and DEMONSTRATIVES (this, that, these, those,
etc.). Study the tables below and then in your notebooks write
down your own examples.

Adjectives Pronouns Adverbs

People Things Places
Positive some Someone/ Something Somewhere
somebody
any Anyone/ Anything Anywhere
anybody
Interrogative any Anyone Anything Anywhere
/anybody
Negative no / No one / not Nothing / not Nowhere /
not any anyone / anything not anywhere
nobody / not
anybody
Positive/ every Everybody Everything Everywhere
Negative/ (all people) (all things) (in all places)
everyone
Interrogative

129
UNIT 14 – Hats, Hats, Hats: What’s the Color of Yours?
Demonstratives are used:
This/ - for people or things near us;
these
- for present or future
situations;
- when the speaker is in or
near the place referring to;
- to introduce people;
- to refer to something we are
about to mention.
That/ - for people or things not near
those us;
- for past situations;
- to refer back to something
mentioned before;
130
This gadget here is the Your
newest one. own
We’re having a test this example
term.
This museum was
opened 10 years ago.
“Hi. This is Ben
speaking.”
Try this. It’s really
marvelous.
That woman over there
is our IT lecturer.
That year was the
toughest of my life.
“I have passed all my
exams!” “That’s cool.”