Grey Hat Hacker

From Clinfowiki
Revision as of 15:29, 14 November 2015 by MarinaAlcoff (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

A Grey Hat Hacker is a proficient hacker that hacks purely for offensive purposes, either out of personal good will or for defensive purposes mainly to test and monitor systems while performing such duties with anonymity. A grey hat hacker as the term implies is an intermediary hacker with functions of both a white hat hacker and black hat hacker. [1]

Grey hats operate on the fringe of civil and criminal liability to report security vulnerabilities. They contribute an essential element of self-governance and consumer protection. The term “grey hat” first appeared in the media in 1999 when the New York Times ran an exposé on the hacker collective, L0pht. L0pht adopted the term “grey hat” to represent independent hackers that publish online advisories upon discovering security flaws in commercial-network software. [2]

Although grey hats expose security flaws in the name of the public good and Internet safety, law enforcement and white hats condemn their activity for the self-serving humiliation of corporate entities. The current legal environment affords grey hat hackers no protection as all hacking is illegal under the dominate federal statutory framework: the Computer Fraud and Abuse Act (“CFAA”).[2]


References:

  1. 2.0 2.1 C. Kirsch. THE GREY HAT HACKER: RECONCILING CYBERSPACE REALITY AND THE LAW. http://chaselaw.nku.edu/content/dam/chaselaw/docs/academics/lawreview/v41/v41_no3/8-Kirsch_v2.pdf