Why Does Society Need White Hat Hackers?
Here in MyHackerTech, we make a point to keep tabs on our hacker friends who chose to share with us. We want to see how they’re doing and maybe ask if they can share some more wisdom. Our friend David, who was once a self-described gray hat black hat turned white hat shared a lot of himself with us a while back.
He was once a computing dabbler, doing some games modding, tinkering and some coding until an incident let his hate flow through him and made him seek the dark side and hacked a scam site to oblivion. He was more of an anti-hero than a true villain as he sought justice in his own way by taking down various evil-doers while hob-knobbing with other hackers who do black hat stuff.
Things took a turn to the extreme, seeing stuff that could end most people, leading David decided that becoming a straight white hat is the way to go. But we see that such a change of shade as wisdom, not cowardice. We pick up where he left off and see how he’s doing; if his anxiety and paranoia has calmed down and what his thoughts are now in this new life as a white hat.
Why does society need white hat hackers?
If you think about it, White hat hackers are basically the founding fathers of hacking. Back in the days where hacking was the main expression of doing anything computer related, may it be programming or creating a web page / network structure, there wasn't really anything that separated types of hackers despite skill level or language / field of interest. Only after the crackers arrived, the separation of different colored hats were implemented. At least that’s how I see it. Crackers, the rather shady people of the hacking area were infiltrating the hacking areas to the point, where the two terms "Hacker" and "Cracker" weren't really separated anymore. Technically, you should say White hat hacker and black hat cracker. But how do we call Grey hats then?
If I take the biblical analogy you've had in our first interview... Hacking basically originated from the light, the white hats, but was more and more tinted by darkness. More and more people started creating and more and more people started to look for ways to use it to their advantage. May it be the people trying to secure their networks and others trying to break in or people trying to connect people, others trying to gain as much data as possible....
It's always a game between the two. Lately, there's an imbalance (or it’s just the section I have in my active perception... I'm not sure at this point). Many people do ransomwares, ddos, phishing, cracking, new exploits etc etc pp. The Web has shifted its war to the digital world. Some claiming to be white hats are just so cause their agenda portrays them as such and vice versa. It's all a big gray-red-ish mudpuddle from an outside perspective...
And all originated from the White Hat Hackers. The ones trying to create, serve... the ones with strong morals and ethics. The "Founding fathers"...
Not only to I assume that without White Hat Hackers, many things wouldn’t be possible in the first place, I also think that, if white hat hackers suddenly ceased to exist, society as such would only get worse. Even worse as it is of right now in the digital world.
I truly hope as long as there is darkness, there will be people choosing the light.
What's easier? Catching a fish or stealing someone's identity?
Give a man a fish and he won't go hungry for a day. Teach a man how to fish and he'll be asking why ngrok is not working...
Phishing has become such an "easy" task that everyone and their grandma can now grab tools and start doing so. Some more or less successful.
But where's the difference sometimes? I'm not talking about phishing scripts, you know, the ones that made hackers debate whether phishing should still be considered hacking at this point of overflowing skds using them. (Don't, I'm doing A LOT of research on how reuploaded scripts can be poisoned and got shockingly creative with it...And it's a lot more serious than just ignoring the fact that the Authtoken which is already conveniently connected to the script can give the reuploaded access to all your traffic and captured information...), I mean a really sophisticated phishing scam. You're basically stealing someone’s identity as well, may it be a real person or a fictional one. The outcome depends on your roleplay skills basically. But sometimes it's easier to convince a machine rather than a human. Humans aren't that smart, but aren't that dumb either. And they're easily scared off. Code isn't. Code has its work pipe. It has security measures that need to match, no matter if it's really you or not. Imagine introducing yourself to a person. A normal person will just remember your name and that’s it. Maybe they even forget it. If you ask a person for their bank details, why should they give it to you? If you tell them "I'm you, I have a right to know" they'll think you're crazy! If you have a copy of their ID They still don't believe you.
Now imagine code as a person. They know your name. They just want to know if you know it before they spill the beans. even if it’s you and you introduced yourself before they will look at you dumbfounded next time you meet them. Unless you have proof. Proof is everything. And if you appear with someone else’s ID or whatever in front of them, They'll accept you like NPC's in in the Hitman series. Personally, I rather try to convince a machine than a Human. Doesn't mean it's easier. It's just more predictable.
Are you ever tempted to return to your work as a black hat hacker?
Always. Sometimes feels like I do. Like an addict who's having a fallback. I tend to combine it with my moral compass though. As I said before, never really went out of my way to profit personally of it. Just to make some change. When the system's intoxicated, the power overwhelms the restriction, never the morals though. It's just so interesting.
In what ways does your past influence how you approach security today?
I'm getting paranoid yet sometimes sloppy. I hate to think that I could have missed something that could bite me way later... But truth is that most people don't really care.. sometimes even authorities. Unless you're doing a mega-crime which I tend to stay away from (crime in general tbh). This paranoia is mainly the reason I'm still doing this. But in terms of data security, I struggle between "Tape your cam, unsolder your mic, don't own anything at all in the first place" and "They know it anyway already" which messes with you on a different level. Been connecting with a few others now on a different, more professional, and legal level. It's fun. Really is. You learn so much more of the ways I'd never dare to use in real life cause I KNOW it'd get me in trouble. I stick to my methods and use the extra knowledge to adapt once the way I used got patched out which, due to my frequent absence, is happening more often now than I'd like to admit.
To be really honest... I'm scared.
Is Social Media Impacting Your Mental Health? Should we be concerned that many people seem to be constantly connected?
Not only me but everyone. It seems like we already forgot about the Facebook papers? Social media is a hellhole full of pretentious people run by the most pretentious of all who knowingly profit from sexual harassment and sometimes even human trafficking... but sure, show me a pic of your Halloween costume 5 years ago...
This alone should be a sign of how much it messes with one’s head. The difference between me and others is, that I see more than just the obvious. Sometimes, wish I hadn't but can't help it. It installs a permanent warning system, assuming the worst going on behind the scenes until you crack under the pressure and find out. This control loss is not good, I admit that. But holy shit, people would be much more frightened if they knew what's really going on most of the time. Maybe not even most of the time. But it's happening way more than I'd be comfortable to share. It messes with your head. It's designed to. But it's not the fault of people. People need connections. We're social beings. It's just the priority we've been trained to give it. I lost it once I heard the News advertise their Facebook page for the first time. It's invasive. It's the vampire we Invite to our house unknowingly. Some know this. Some abuse this. Usually, you were afraid of people waiting outside your kid's school, now, they invite them into their bedrooms, their bathrooms, thinking they could handle the threat due to the false sense of anonymity and maturity. I read through a conversation which was clearly manipulative and pushing. You and me, we'd both be very aware of what's happening, even non tech-savvy people would smell the whole fish market from miles away. But a kid? A being that is closer to the moment they received object permanence than their graduation?
The fact is: it's happening. Way more often than it should be or than you think. On a plattform that is openly designed to manipulate people. It has been proven. And people STILL play along? People do not see anything wrong with that? All this messes with your head. Once you've seen the rabbit hole and peaked inside, you'll never forget the dark tunnel system beneath your beautiful backyard. I tried to ignore it. Tried to get into a normal state of mind, enjoying the things, but this inflammation from the splinter in my head never fully heals. And I'm running out of ideas what to do. Let people know? oh they know! they surely heard a story from a friend or YouTube video or whatever. They don't care? well some do. Do they think it's bad? Yeah! Who wouldn't?
Do they do something?
Could they do something? Of fucking course.
But no one is willing to.
And this is what keeps me awake at night as I try to wrap my head around it unsuccessfully.
I could go on and on about this. How people would abuse anything, even the calculator app if it had a chat function and governmental institutions restrict the web due to that and so on.
But I must say, I'm getting really tired of it.
Any last words?
I have no idea how this will end.
I have no idea what this is good for. I'm streaming through the web aimlessly and there’s barely anything to do about it.
So are many of you. Learn to appreciate offline time and stay safe.
And for the love of everything, stay vigilant.
As much as it's colored to be a handy-dandy peachy world out there, it's not the real truth.
Don't care if I come off as a bitter fuck. I just want to tell people to be cautious.
Cause some still think XKeyscore, Pegasus, Palantir or PRISM etc was a conspiracy theory.
if you can, add as a last sentence:
"Don't be a profile, be a human. A decent one that is."
We see that David’s paranoia and sense of justice has not changed. But he has shared with us some good bits of wisdom. We close by changing our religious comparison to one of fantasy. From a confused gray hat wizard to a white one with a purpose against evil. Why does society need white hat hackers? To save the oblivious from real and present dangers from the shadows. They choose to hold knowledge that would rather not be held by normal folk for them to live in peace and use that knowledge to protect them. We wish him well. David the White.