/The ‘black hat’ terminology is changing the Infosec community debate

The ‘black hat’ terminology is changing the Infosec community debate

A Google security researcher has chosen to withdraw from a speech at the Black Hat Security Conference this year, and Zedinet reports that the data protection community has been asked to stop using the terms “black hat” and “white hat.” David Kleidermacher, VP of engineering at Google, said the terms contribute to racist stereotyping.

Klaidermacher wrote on Twitter, “I have decided to refrain from speaking at Black Hat USA 2020. “Black hat and white hat are terms that need to change. It has nothing to do with real meaning… these changes remove harmful associations, promote inclusion, and help us break down the walls of unconscious prejudice. “

I decided to move away from speaking at Black Hat USA 2020 for the offer to speak and I am deeply grateful for the great work that the conference has done over the years to protect users through transparency, education and community building.

– David Clydermacher (@Davexsecker) July 3, 2020

Klaidermacher also mentioned the need to update gender terms such as “man-in-the-middle”, “one-of-a-kind cyber-attack” gender-neutral term, “person-middle-medium”.

Many in the Infosec community noted that the words “black hat” and “white hat” did not originate from the mention of caste, but rather in the tradition of Western films where the protagonist usually wears a white hat and the bad guy wears a black hat. However, Clydermacher assumed this objection and wrote, “The word infocus does not originate with the need for linguistic change. Those who are focusing on it are missing the point. Black hat / white hat and black listed / whitelist black = bad, white = good perpetuates harmful associations.

Although this latest controversy was clearly inspired by the recent Black Lives Matter campaign and a wide-ranging conversation surrounding racist justice in the United States and beyond, this discussion is not new. Software terms such as “master” and “slave” have been the subject of similar discussions for decades, often used to describe reliance on documentation. Programming language Python For example, in 2018 this term was removed from its documentation.

However, in contrast to the serious / slave example which was agreed over time to be objectionable, the black hat / white hat issue has become more controversial. Hackers related to racial justice are concerned on Twitter that “there was a huge danger that we were wasting the moment changing words instead of changing the power system” and argued “more than name change” to invite more black hackers to events such as scholarship funding for black hackers. , And pay for the training of more black hackers.

It may be okay for white people to paint themselves in black: black hats are enigma, cinci, countercurrent, great. But black people don’t need your help to get involved in crime. It’s not great for us. We do not own that image. 10 / x

– Brian Anderson (@Bitenderson72) July 4, 2020

Data protection analyst Brian Anderson wrote a thread that inadvertently discussed the harm caused by terminology. He concluded that naming conventions were variable without addressing the larger issues that minority hackers spend and mainly affect the white lineup of speakers at events. “I’m glad people are actively thinking about giving up their alluring role in Black Hat,” he wrote. “Great. But. But. Who is being served by this action? What is the purpose? Whose benefit? How? This is what our conversation should do.”

Editors’ recommendations