-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 
              The Myth of the "White Hat Hacker"
              By: Mercenary

 The White Hat Hacker does not exist. I propose that this classification
is a myth. This can be proven with a definition, a brief analysis of why 
the term was created, and why this ridiculousness is still flung around 
in the media and hacker communities. 

 First, lets look to see what the term "Hacker" means. 

 The term "hacker" has been misused by the media since the mid 1980's. 
True Hackers are totally different people than what we have been represented 
as. One of our main ethics is to allow no harm to come as a result of our 
actions. For our purposes here, I will refer to "True Hackers" as 
"Classic Hackers".

 Classic Hackers are explorers, individuals whose sole interest is 
learning as much as possible about the electronic systems that fascinate us. 
Some hackers might take excursions into other computer systems, but 
Classic Hackers take the utmost care to disturb nothing. 
 A Classic Hackers goal is not destruction, nor profit, nor revenge.
Our goal is the pursuit of knowledge and the pursuit of conquest. 
A Classic Hacker believes that information should be free, and that pushing 
the envelope of what is possible should be a daily occurrence. 
We believe that every system is ripe for improvement, whether the 
system is a computer, a program, a set of traffic lights, or a government. 

 The term "White Hat Hacker" is a self-proclaimed title of the Hacker
turned businessman. It is a term created in an attempt to justify 
selling out to the business community"

The most classic example of this is the "L0pht".

 If we look at their FAQ from 1998 we will see that they defined 
themselves as "just a bunch of hackers who got together and started 
working on projects together". They also claimed that "We're not in 
this for the money, or the glory".
 But as is the case with many former hackers, MONEY is the deciding
factor when push comes to shove. As we can see in their latest FAQ
they totally disregard their roots and now claim "We strived to be 
(and achieved) a pure R&D environment. Unfortunately pure research 
and development is not a very profitable arena."
 Of course hacking is not profitable. Nobody ever said it was.
Unless you cross the line and become an actual "criminal", you
can expect to make nothing off your activities.
 I have no problem with Hackers switching to security consulting.
But if you become a security consultant, you are no longer a Hacker.
 By attempting to label yourself as a "White Hat Hacker" you are 
just trying to gain your acceptance to possible customers (victims). 
 Security consultants are businessmen first and foremost, and they 
know their prey well.
 
Can you see the pattern? 

A security consulting firm's job is not to protect your company, 
a security consulting firm's job is to make money selling protection to 
you from demons, real or imagined. 
 In plain words, when they are working for you they are working for 
themselves and this is the case in the entire free market world. 
 The security consultant title is designed to facilitate the deception 
that if you have enough money, someone will take care of your problem 
rather than you learning how to solve our own security issues.

 Now I am sure you have heard by now that the government is waging a 
major propaganda war against the on-line hacker community with the help 
of the socialist media.
 The government and the media are experts on psychology, psychological 
warfare, and brainwashing. Between the two groups they know more about 
the human mind and behavior, and how to control both.
 The anti-hacker movement's main propaganda themes seem to be that 

(1) Hackers are the root of all on-line evil.

(2) That the government, (through more restrictive legislation) 
    is the business community's only hope against the spreading 
    plague of computer crime. 

 To understand the anti-hacker movement, we must understand what 
propaganda is. 
 Simply put, propaganda can be outright lies, distorted facts, and/or 
truth, combined to change a person's thoughts on a subject.
 
 Now it has been known for sometime by the Central Intelligence Agency 
that countries such as Russia and China are developing tools to attack 
commercial computer networks.
 Even FBI Director Louis Freeh says that we face a "very serious" espionage 
threat from China. Organized Chinese fraud rings on the mainland and overseas
are hacking databases to compromise credit and identity details.
 "The Chinese gangs have moved into the electronic age where they're using 
hacking techniques and Internet theft," US Secret Service Special Agent 
Gregory Regan explained in testimony before the Senate Judiciary 
Subcommittee on Technology, Terrorism and Government Information.

 Yet with these undeniable allegations by the governments own lackeys,
Janet Reno wants to go after the so called "evil 15 year old hackers",
when it looks like they should have their sights targeted elsewhere.

 What makes this all so much worse is that the "White Hat Hackers" who 
once claimed that "We're not in this for the money, or the glory" are 
testifying before the Senate and strolling up to every TV camera they
can find supposedly speaking for a community they have actually have no 
part in anymore.

 The main problem with the media is that they glorify what I like to call
"hacking misfits". The only hackers, crackers, or script kiddies who get
glorified by the media are those who messed-up and got caught.
 The media loves the term "White Hat Hacker", it lets them put across
the propaganda of community cannibalism. 

Hackers turn against their own kind. 

 Lets get the story right folks, these are not hackers, they are paid
Security consultants out to make money selling protection to you for 
something you could easily correct yourself". 
 If you have problems with a "hacker", it's not a Classic Hacker.

        You have a computer criminal on your hands. 

 Hackers do not brag in public IRC channels. Hackers do not testify in
front of Senate committees. If you've been hacked by a "Classic Hacker"
and he's done it right - you'll never even know it.

 So lets get the terminology straight.

 1. Security Consultant - what former hackers become when they sell
                          out their ideals and community.

 2. Computer Criminal   - anyone who uses a computer for monetary gain
                          or illegal activity resulting in damage.

 3. White Hat Hacker    - no such animal or mammal.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-