how to hire a pro
DEFINITIONS OF HACKERS AND TIPS ON HIRING ONE
IT departments and individuals are advised to hire a hacker,
regardless of the stigma associated with it.
The word “Hacker” entails a lot more than the criminal
activities associated with the word. So
you need to make sure you know well enough about why you need a hacker and the
kind of hacker you need, and how to hire the right kind. Hackers usually have
their specializations. Therefore, you need to ensure you will hire one that can
peculiarly solve your problems, just like chiropractors and dentists and heart
surgeons aren’t interchangeable, even though they’re all doctors.
That easily means you have some discerning to do. I have
worked with a Certified Ethical Hacker,
Whom we made look at security audits, and also do some intelligence gathering
for us. But when it comes to building a
WordPress plugin that checks the Copyscape API, one of the things the article
touts as something a hacker can do….? He’d be lost. But that doesn't make him
any less good at what he does.
I’m probably closer to what the article means when they say
a hacker. I’ve been the guy who roams from project to project, fixing annoying
things without saying much, writing scripts to automate repetitive tasks,
working without close supervision and not liking close supervision when I had
it. I have a fake “Help Wanted” ad from an evil genius in my cubicle, and I
want all of my coworkers to think I listen to GWAR. And I’m outspoken.
Hackers aren’t inherently bad like we are made to believe —
the word “hacker” doesn’t mean “criminal” or “bad guy.” Geeks and tech writers often refer to “black
hat,” “white hat,” and “grey hat” hackers. These terms have successfully
generalized the Hacking profession and its classification.
The definition of the word “hacker” is controversial and
could mean more than just someone who compromises computer security or a
skilled developer in the free software or open-source movements.
BLACK-HAT HACKERS
Black-hat hackers, or simply “black hats,” are regarded as
the bad egg that the media focus on.
Black-hat hackers violate computer security for personal gain (stealing
credit card numbers or harvesting personal data for sale to identity thieves).
Amazingly they pull certain stunts that are just for pure maliciousness (such
as creating a botnet and using that botnet to perform DDOS attacks against
websites they don’t like.)
Black hats fit the widely premeditated idea of hackers being
computer criminals that perform illegal activities for personal gain and
attacking others.
A black-hat hacker who finds a new, “zero-day” security
vulnerability would either sell it to criminals on the black market or use it
to compromise computer systems.
You can hardly blame people for their stereotype tag for hackers.
Media portrayals of black-hat hackers may be accompanied by silly stock photos
like the below one, which is intended as a parody.
GRAY HATS
Very few things in life are clear black-and-white
categories. In reality, there’s often a gray area. A gray-hat hacker falls
somewhere between a black hat and a white hat. A gray hat doesn’t work for
their gain or to cause carnage, but they may technically commit crimes and do
arguably unethical things.
For example, a black hat hacker would compromise a computer
system without permission, stealing the data inside for their gain or
vandalizing the system. A white-hat hacker would ask for permission before
testing the system’s security and alert the organization after compromising it.
A gray-hat hacker might attempt to compromise a computer system without
permission, informing the organization after the fact and allowing them to fix
the problem. While the gray-hat hacker didn’t use their access for bad
purposes, they compromised a security system without permission, which is
illegal.
If a gray-hat hacker discovers a security flaw in a piece of
software or on a website, they may disclose the flaw publically instead of
privately communicating the fault to the organization and giving them time to
fix it. They wouldn’t take advantage of the flaw for their gain — that would be
black-hat behavior — but the public disclosure could cause carnage as black-hat
hackers tried to take advantage of the flaw before it was fixed.
WHITE HATS
White-hat hackers are quite different from their
counterparts. They’re the so-called “ethical hackers,” experts in compromising
computer security systems which use their abilities for ethical, and legal
purposes rather than unethical, and criminal purposes.
White-hat hackers are in fact promoted by societies like
U.S.A especially to test an
organizations’ computer security systems for vulnerabilities. The organization
authorizes the white-hat hacker to attempt to compromise their systems. The
white-hat hacker uses their knowledge of computer security systems to
compromise the organization's systems, just as a black hat hacker would.
However, if the white-hat hacker is able to gain access to their systems he
educates them on how to better guard against situations like that in the future
using their access to steal from the organization or vandalize its systems,
This process is known as “penetration testing,” and it’s one example of an
activity performed by white-hat hackers which further limits the negative
effects of black-hat hackers
A white-hat hacker who finds a security vulnerability would
disclose it to the developer, allowing them to patch their product and improve
its security before it’s compromised. Various organizations pay “bounties” or
award prizes for revealing such discovered vulnerabilities, compensating
white-hats for their work.
The purpose of this blog is to hire the right hacker and
avoid scams and deceit on all levels; my next post will be about real hackers
out there for hire.
Cheers!!
