Infosec Community Debates Changing ‘Black Hat’ Terminology

Infosec community debates changing black hat terminology

A Google security researcher has decided to back down from speaking at the Black Hat Security Conference this year and has asked the information security community to stop using the words “Black Hat” and “White Hat”, as reported by ZDNet is. David Claridamer, VP of Engineering at Google, said the words contribute to racial stereotypes.

“I have decided to step back from speaking at Black Hat USA 2020,” Cladirmatcher wrote on Twitter. “Black hat and white hat are words that need to be changed. It has nothing to do with their original meaning… These changes remove harmful associations, promote inclusiveness and help us break down the walls of unconscious bias. “

Kledirmatcher noted the need to update the term “man-in-middle,” a type of cyber attack, such as gender-neutral terms such as “person-in-middle”.

Many in the Infosec community reported that the words “black hat” and “white hat” did not originate from race references, but rather in the tradition of Western films in which the protagonist usually wears a white hat and the bad guy wears one. There is a black hat. But Claridamer, fearing the attack, wrote, “The need for language change has nothing to do with the origin of the term black hat in Infosys. Those who are focused on him are missing the point. Black Hat / White Hat and Blacklist / Whitelist maintain harmful associations of black = bad, white = good. “

Although this latest debate was recently conducted by the Black Lives Matter campaign and the U.S. And beyond that was inspired by the wider conversation around racial justice, this discussion is not new. A similar discussion has been going on for decades on software terms such as “master” and “slave”, often used to describe dependencies in documentation. For example, the programming language Python removed this terminology from its documentation in 2018.

However, unlike the master / slave example, which over time had agreed to be widely offensive, the Black Hat / White Hat issue has been very controversial. Hackers related to racial justice expressed concern on Twitter that there is a “great danger that we waste momentary changing words rather than changing systems of power” and argued for “more than a name change” That inviting more black hackers to speak at events, funding scholarships for black hackers, and paying to train more black hackers.

Information security analyst Brian Anderson wrote a thread discussing the harm from careless terminology. He concluded that changing naming traditions without addressing larger issues affecting minority hackers, such as costars and a predominantly white lineup of speakers at events, was demonstrative. “I’m glad that people are actively or actively thinking about giving up their iconic roles in Black Hat,” he wrote. “Excellent. But. But. Who is being served by this action? What is the purpose? Who benefits? How? This conversation is with us.”

Editors recommendations

Related Posts

error: Content is protected !!