Black or White Hat?
Posted by unbrand on 30 April 2005 | 0 Comments
I came across a really good site rescently called Zone-H. They claim they are not black nor white hat focused; they just report on the hacking, um, gestalt. The site is an excellent roundup of what’s going on with exploits, defacements, and general security issues across a wide variety of OS’s. They also have a Hall of Shame that ranks the number of website defacements by crew. I wonder how many members of the various crews listed think “Hey, I really want us to be listed higher, dammit! #23 sucks. I want to be in the top 5 at least.”
I do think sites like Zone-H serve a useful purpose. They have an interview with the author of nmap, Fyodor, in which he states:
I don’t agree that Nmap is used more by blackhats than white hats, although I have no statistics. In any case, I support full disclosure. Any tool of this nature is subject to use by people on all sides of the fence, and attempts to restrict distribution to only the “good guys” are futile. A huge number of systems administrators without the right connections would be deprived of a tool to help evaluate and secure their systems. Meanwhile, many of the ostensibly whitehat “security professionals” have alternate personas engaged in illicit network activity.
Well put. I agree that a tool like nmap should be out there, and should be open-source. To me, it’s like guns. Some people think that to clean up society, guns should be banned. Well guess who likes that the most? The criminals! Not to mention that gun bans are the trademark maneuvers of dictators (hey, gotta prevent the people from rising up against you!). It’s also like the legislation of morality. When a government starts getting into issues like gay marriage, it’s a Bad Thing. Legislation and morality just don’t mix. Governments really shouldn’t be in the business of forcing moral stances on people.
Hacking tools, guns, gay marriage. That’s right.