There are basically three forms of hackers Black hats, White hats, and Gray hats. Each group has different motivations and reasons for hacking. The Black hats do so maliciously and their intent is evil. The White hats do so to find vulnerabilities in computer networks and address them so that they can be fixed and prevent the Black hats from doing damage. The Gray hats are a mixture of a White and Black these will also find vulnerabilities and report their findings to both the Black and White hats.
Let us first examine the White hat hackers and see why they do what they do and their motivation. When the term hacker first came into being it didn’t take on the connotations that it does today. In the begging hacker had a different meaning.
Michelle Slatalla in her article for TLC called A Brief History of Hacking tells a story of the original hackers saying,” In the beginning there was the phone company — the brand-new Bell Telephone, to be precise. And there were nascent hackers. Of course in 1878 they weren't called hackers yet. Just practical jokers, teenage boys hired to run the switchboards who had an unfortunate predilection for disconnecting and misdirecting calls ("You're not my Cousin Mabel?! Operator! Who's that snickering on the line? Hello?"). Now you know why the first transcontinental communications network hired female operators.
Flash forward to the first authentic computer hackers, circa the 1960s. Like the earlier generation of phone pranksters, MIT geeks had an insatiable curiosity about how things worked. In those days computers were mainframes, locked away in temperature-controlled, glassed-in lairs. It cost megabucks to run those slow-moving hunks of metal; programmers had limited access to the dinosaurs. So the smarter ones created what they called "hacks" — programming shortcuts — to complete computing tasks more quickly. Sometimes their shortcuts were more elegant than the original program.
Maybe the best hack of all time was created in 1969, when two employees at Bell Labs' think tank came up with an open set of rules to run machines on the computer frontier. Dennis Ritchie and Ken Thompson called their new standard operating system UNIX. It was a thing of beauty. (Slatalla)[1]
Without hackers we would have no UNIX operating system today, nor many other technological advances that we enjoy. Webopedia defines hacker as this,” slang term for a computer enthusiast, i.e., a person who enjoys learning programming languages and computer systems and can often be considered an expert on the subject(s). Among professional programmers, depending on how it used, the term can be either complimentary or derogatory, although it is developing an increasingly derogatory connotation. The pejorative sense of hacker is becoming more prominent largely because the popular press has co opted the term to refer to individuals who gain unauthorized access to computer systems for the purpose of stealing and corrupting data. Hackers, themselves, maintain that the proper term for such individuals is cracker. (Webopedia)[2]
From the begging hackers were known as gifted individuals who had knowledge and could do well. Today however the word hacker for the most part is used in negative terms by the media. Most of the time when we see the word hacker in the news today it refers to the Black hats, who are doing malicious works, and does not refer to the White hats. The motivation and ethics of the White hats is significantly different than the Black hats. The White hat hacker may be motivated by money as some are employed by corporations to find and patch vulnerabilities. The white hat hacker may also do it for the satisfaction of helping others unpaid and unglorified. This can be seen in an article by Steven L. Kleespie who addresses the white hats behavior saying,” There are two types of "white hat" hackers. One group includes individuals who are hired by a company to test their security systems. The other group pursues hacking as an avocation – they are uninvited guests who penetrate security systems for the enjoyment of being able to do it. These uninvited "white hat" hackers will, by definition, leave a message for the system administrator to advise them of the flaws discovered during their visit.
The unpaid "white hat" hackers have a very romantic vision of their role in cyberspace. Hackurity is a web page devoted to "white hat" hacking. Their home page states that, "Hacking is about pushing the envelope, using technology to its full potential, understanding technology rather than simply relying on it. These days, it’s easier than ever to use a computer without being computer literate. Just point and click. Hacking is about going beyond that, about doing things that are not supposed to be possible, about finding new things and exploring. The land is settled from one coast to the next. This is the new frontier. Hackers are the people who do this, who settle the frontiers on the edge of cyberspace."(Kleespie)[3]
White hat hackers have done much good work and Microsoft among other corporations rely upon them to find and report vulnerabilities. The ethics that these hackers embrace originated in the 1960s when two cultures evolved the hippies and the hackers. Both wanted to see a change in the world the hippies sought it through drugs, the hackers via computers. Stewart brand in his article for Time magazine discusses this saying,” As Steven Levy chronicled in his 1984 book, Hackers: Heroes of the Computer Revolution, there were three generations of youthful computer programmers who deliberately led the rest of civilization away from centralized mainframe computers and their predominant sponsor, IBM. "The Hacker Ethic," articulated by Levy, offered a distinctly countercultural set of tenets. Among them:
"Access to computers should be unlimited and total."
"All information should be free."
"Mistrust authority - promote decentralization."
"You can create art and beauty on a computer."
"Computers can change your life for the better."
Nobody had written these down in manifestoes before; it was just the way hackers behaved and talked while shaping the leading edge of computer technology.
In the 1960s and early '70s, the first generation of hackers emerged in university computer-science departments. They transformed mainframes into virtual personal computers, using a technique called time sharing that provided widespread access to computers. Then in the late '70s, the second generation invented and manufactured the personal computer. These nonacademic hackers were hard-core counterculture types - like Steve Jobs, a Beatle-haired hippie who had dropped out of Reed College, and Steve Wozniak, a Hewlett-Packard engineer. Before their success with Apple, both Steves developed and sold "blue boxes," outlaw devices for making free telephone calls. Their contemporary and early collaborator, Lee Felsenstein, who designed the first portable computer, known as the Osborne 1, was a New Left radical who wrote for the renowned underground paper the Berkeley Barb.
As they followed the mantra "Turn on, tune in and drop out," college students of the '60s also dropped academia's traditional disdain for business. "Do your own thing" easily translated into "Start your own business." Reviled by the broader social establishment, hippies found ready acceptance in the world of small business. They brought honesty and a dedication to service that was attractive to vendors and customers alike. Success in business made them disinclined to "grow out of" their countercultural values, and it made a number of them wealthy and powerful at a young age. (Brand)
After reviewing this article by Stewart it is easy to see the sixties way of thinking as the hackers like other young people at the time lived in an era when the Vietnam War was an issue. Yet this way of thinking remains even to this day among many White hats and is still prevalent in their culture. The laws on hacking have also changed since the sixties mostly as a result of the Black hats exploits and thus unless paid by a company to hack these other White hat hackers must remain anonymous and keep a low profile as the Black hat does or face prosecution by civil authorities. Such was the dilemma of Adrian Lamos also know as the homeless hacker who many times made the news by breaking into corporations and then showing them their vulnerabilities . His last known exploit was breaking into the New York Times and they did not appreciate it as the others did and Adrian faced criminal charges. For reasons such as this the White hat hackers are becoming as elusive as the Black hats and are becoming harder to understand as they are not in public view.
What we know of the Black hats depends on what kind they are. There are professional Black hats and those who are Black hats for fame. One seeks control and becomes euphoric from the power over another. These tend to run in clans like street gangs do.
The other is professional and they are the most elusive because they do not do it for the rush as much as for the money. We can learn much about the Black hat hacker when one repents and becomes a White hat. Kevin Mitnick and Frank Abagnale Jr. are examples of Black hats that have turned and offer much help in understanding the others. If you watched the movie catch me if you can you are familiar with Frank but what many do not know is today he runs a security company and deals with issues such as the Black hats on a daily basis. Kevin Mitnick also turned over a new leaf and runs a security company and has published a book called the art of deception. I would highly recommend reading this book as it deals mainly with social engineering a term many are not familiar with but has great meaning. Personally I think the book should be required reading for all employees of companies and corporations that deal with security issues. Hacking has two sides the technical side and the social engineering side. Many are only aware of one side yet the social engineering is as effective as the technical side at times even more so.
Originally the term Gray hat was defined by the L0pht but has meant to mean one who gives his sources to both Black and White hats since that time. The laws that are being enacted today may further change the definition as it seems to be making clearer distinctions between White and Black hat hackers.