The Inner World of Gov-Sponsored White-Hat Hacking

← Back to Stories (view on slashdot.org)

The Inner World of Gov-Sponsored White-Hat Hacking

Posted by samzenpus on Sunday February 20, 2011 @02:59AM from the good-guy's-bad-guys dept.

romanval writes "Anonymous leaked emails of white-hat hacker firm HBGary shows how it develops and markets products to government agencies. From the article: 'In 2009, HBGary had partnered with the Advanced Information Systems group of defense contractor General Dynamics to work on a project euphemistically known as "Task B." The team had a simple mission: slip a piece of stealth software onto a target laptop without the owner's knowledge. They focused on ports—a laptop's interfaces to the world around it—including the familiar USB port, the less-common PCMCIA Type II card slot, the smaller ExpressCard slot, WiFi, and Firewire. No laptop would have all of these, but most recent machines would have at least two.'"

146 comments

Min score:

Reason:

Sort:

Black hat not White by Anonymous Coward · 2011-02-20 03:04 · Score: 5, Insightful

A 'White Hat' hacker is someone who aims to improve security; HBGary are aiming to take advantage of exploits in order to hack into computers, for mining personal information. They are most definitely 'Black Hat'.
1. Re:Black hat not White by Purist · 2011-02-20 03:25 · Score: 4, Funny
  
  The work was being done for a government agency. White Hat.
  :-)
  
  --
  I used to fear clowns...but I'm discovering that chimps are far, far, worse.
2. Re:Black hat not White by Purist · 2011-02-20 03:31 · Score: 0
  
  It seems nefarious in nature, but the techniques used to accomplish the task (for the government customer) are used to understand how to PREVENT similar attacks as well as perpetrate them. Maybe we could call this "Gray Hat".
  
  P
  
  --
  I used to fear clowns...but I'm discovering that chimps are far, far, worse.
3. Re:Black hat not White by Anonymous Coward · 2011-02-20 03:34 · Score: 3, Informative
  
  It's very simple. Once you discover an exploit in someones code, you can choose to either inform them so they can fix it (White Hat) or withhold the discovery for personal gain (Black Hat).
4. Re:Black hat not White by phunster · 2011-02-20 03:35 · Score: 5, Insightful
  
  Richard Nixon said "If the President does it, it is legal." We all know how that worked out for him. It sounds like you are substituting "government agency" for "President." No one is above the law, not a President, and not a government agency. Black Hat is Black Hat no matter who is doing it, or who they are doing it for.
5. Re:Black hat not White by Securityemo · 2011-02-20 03:39 · Score: 1, Interesting
  
  So hacking into the government systems of an oppressive government in order to cause it damage somehow as part of a larger campaign to topple it without invading and killing lots of people would be "evil"?
  
  --
  Emotions! In your brain!
6. Re:Black hat not White by GerardM · 2011-02-20 03:45 · Score: 1
  
  The original story at Ars Technica is called "Black ops: how HBGary wrote backdoors for the government". The person who submitted the story is not colour blind...
  Thanks,
  GerardM
7. Re:Black hat not White by Anonymous Coward · 2011-02-20 03:48 · Score: 0
  
  A 'White Hat' hacker is someone who aims to improve security; HBGary are aiming to take advantage of exploits in order to hack into computers, for mining personal information. They are most definitely 'Black Hat'.
  But working for "our" side.
  The world is full of bad people, and infiltrating their organization/s to gain intelligence and insight into what they're planning on doing is often messy.
8. Re:Black hat not White by Anonymous Coward · 2011-02-20 03:50 · Score: 0
  
  Indeed. Keeping a stock of 0-day exploits is morally reprehensible and perfectly deserving of that term. As if selling our security for personal gain wasn't bad enough, they are aiding a government which is actively violating the very principles and constitution upon which the country was founded. That is worse than 'Black Hat', that is deserving of 'Traitor'.
9. Re:Black hat not White by Anonymous Coward · 2011-02-20 03:52 · Score: 0
  
  The designations 'White Hat' and 'Black Hat' are apolitical. If you are exploiting code to hack into computers, you are black hat.
10. Re:Black hat not White by Securityemo · 2011-02-20 03:55 · Score: 1
  
  Okay, so you can be a black hat and still a good guy then. Problem is, the descriptions are not used in an amoral sense, so it becomes a bit contradictory.
  
  --
  Emotions! In your brain!
11. Re:Black hat not White by Anonymous Coward · 2011-02-20 03:55 · Score: 5, Insightful
  
  No HBGary belongs to a completely new category of hackers. Neither 'black hat' not 'white hat', but 'ass hat'
12. Re:Black hat not White by Divide+By+Zero · 2011-02-20 03:59 · Score: 5, Insightful
  
  It's nothing to do with "good" or "evil", it's what you do with the results. If you hack, say, Hamas, and then use that information to your advantage, you are Black Hat. If you hack Hamas, then walk in through their front door with a report of how you owned them (pwned, pwnz0red, whatever) and how they can fix their systems, you are White Hat.
  White Hat can be "evil", Black Hat can be "good". Value judgments are independent of the definition - are you there to improve bad security or exploit it?
  
  --
  Dare to Hope. Prepare to be Disappointed.
13. Re:Black hat not White by eggled · 2011-02-20 04:00 · Score: 1
  
  Yes. Albeit the lesser of two evils, and infinitely preferable in the scenario you propose.
  
  White hat hackers tend to work "for the good of all". Black hats exploit weaknesses to subvert protective measures for their own (or their organization's) benefits. The goal of white hats is to close security loopholes. Black hats exploit those loopholes.
14. Re:Black hat not White by Anonymous Coward · 2011-02-20 04:10 · Score: 0
  
  Dude, whoever you are, you are clearly trying to push this term on all boards/things hbgary related. Give it up, you are boring me already.
15. Re:Black hat not White by Blue+Stone · 2011-02-20 04:34 · Score: 4, Interesting
  
  I guess here at /. the 'editorial' policy is to provoke discussion regardless of the intellectually dishonest manner that's used. Summaries and titles that distort the original article seem to be more and more prevalent in order, I'd take a wild guess at, to provoke comments.
  Ladies and gentlement, we are being trolled by the management.
  A sad state of affairs.
  
  --
  Corporation, n. An ingenious device for obtaining individual profit without individual responsibility. - Ambrose Bierce
16. Re:Black hat not White by Anonymous Coward · 2011-02-20 04:35 · Score: 0
  
  why do you assume you are the good ppl?
17. Re:Black hat not White by Securityemo · 2011-02-20 04:37 · Score: 1
  
  As long as it's consistent it isn't so troublesome. This is a discussion site after all.
  
  --
  Emotions! In your brain!
18. Re:Black hat not White by Securityemo · 2011-02-20 04:44 · Score: 1
  
  I trust my own morals. But it evidently becomes complicated when "I" becomes "We". I think I'm the kind of person who has a really limited or absent sense of "we", though, but I seem to get along fine by just cooperating with people in life. Why do people have to complicate things such that a "group" becomes "social"? It might sound crazy, but I can't explain it better.
  
  --
  Emotions! In your brain!
19. Re:Black hat not White by russotto · 2011-02-20 05:16 · Score: 2
  
  So hacking into the government systems of an oppressive government in order to cause it damage somehow as part of a larger campaign to topple it without invading and killing lots of people would be "evil"?
  No, but it would be "black hat" by the computer security definition.
  HBGary seems to me to be in the same ethical position as any weapons manufacturer.
20. Re:Black hat not White by gmuslera · 2011-02-20 05:54 · Score: 1
  
  So if that activities ended in a blood bath somehow, would end being called Red Hat?
  
  Still, probably from which government was that agency will change the color of the hat too.
21. Re:Black hat not White by Corbets · 2011-02-20 05:58 · Score: 4, Insightful
  
  It's nothing to do with "good" or "evil", it's what you do with the results. If you hack, say, Hamas, and then use that information to your advantage, you are Black Hat. If you hack Hamas, then walk in through their front door with a report of how you owned them (pwned, pwnz0red, whatever) and how they can fix their systems, you are White Hat.
  
  Not quite. If they REQUEST that you "hack" them and you do so, you're a white hat. If you do it without being asked, then you're a black hat. Walking through the door later is a CYA technique only.
22. Re:Black hat not White by Securityemo · 2011-02-20 06:01 · Score: 1
  
  It could be Aaron Barr himself using a "persona" to "spark a verbal braul" to "bring the discussion into the public eye"? :3
  
  --
  Emotions! In your brain!
23. Re:Black hat not White by DavidTC · 2011-02-20 06:08 · Score: 2
  
  Actually, the distinctions are:
  white hat - attacks with permission(Or attacks own computer.), informs target/manufacturers afterward of security holes and how to fix, if they see a way
  gray hat - attacks without permission, informs target of hole and how to fix afterward. Often, these are hackers who noticed a security flaw by accident in someone else's system and were unable to get them to fix it, so does this to force them to, often by causing them public embarrassment but little or no damage.
  black hat - attacks without permission for some other purpose, not only does not inform target of how to how to fix, but often does not want target to know they were compromised.
  And this is definitely black hat stuff this article is talking about.
  
  --
  If corporations are people, aren't stockholders guilty of slavery?
24. Re:Black hat not White by Securityemo · 2011-02-20 06:20 · Score: 2
  
  From a cynical perspective, yes, but it could also just be a person who is naive about not being considered a threat or a target of a lawsuit regarding cleanup fees.
  
  --
  Emotions! In your brain!
25. Re:Black hat not White by Securityemo · 2011-02-20 06:21 · Score: 1
  
  Or a Redcap
  
  --
  Emotions! In your brain!
26. Re:Black hat not White by ciabs · 2011-02-20 06:30 · Score: 1
  
  attacks != oop's I have root; your use of the base word "attack" is false terror
27. Re:Black hat not White by Jeremiah+Cornelius · 2011-02-20 06:35 · Score: 5, Insightful
  
  HBGary is Black Hat. And Mercenary. They are a boot on the neck of the American people.
  Is torture "White Hat Interrogation" when done by the US, as opposed to the former DDR?
  No. Only if your name is Rumsfeld, Gonzalez or Yoo, would you disagree.
  HBGary is a fascist tool - more akin to the "Ministry of Information" of Brazil , than any recognisable "White Hat" group - say Rapid7.
  HBGary trades in 0-Days for profit, to organisations which act without regard to Constitutional provisions. They advertise tools and methodology to conduct PsyOps and openly advocate methods to subvert the democratic properties of modern public communications channels.
  HBGary colludes with insiders to use Government power to cement corporate advantage over the interests of the citizens and tax-payers of the United States, in the name of "national security".
  They are a fraud and a blight on the purported claims of a free and open society. Like in the movie "Brazil", the methods of Mr. Barr have identified individuals in error. In the age of Abdulrahman Zeitoun and Bradley Manning, the consequences are quite possibly as dire for those individuals, as they were for Mr. Buttle and Sam Lowery.
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
28. Re:Black hat not White by Anonymous Coward · 2011-02-20 06:53 · Score: 0
  
  This being reality and not some fairy tale where the US gov't goes after "evildoers", yes, "evil".
29. Re:Black hat not White by DavidTC · 2011-02-20 06:54 · Score: 1
  
  What the hell are you talking about? I didn't say that 'attacks == oops I have root'.
  Someone who accidentally has root is not an attacker or a hacker in any sense.
  If, after accidentally getting root, and being unable to get the server owner to do anything about it, he replaced the original web page with one explaining how the server was insecure, he'd be a 'gray hat hacker'.
  Although, strictly speaking, if he ends up 'exploiting' a security flaw entirely by accident, he isn't really a 'hacker' at all, anymore than he'd be a safecracker because he noticed a safe is unlocked. He's just a 'gray hat person'.
  
  --
  If corporations are people, aren't stockholders guilty of slavery?
30. Re:Black hat not White by ciabs · 2011-02-20 06:58 · Score: 0
  
  Bullshit, then remove the letters "attack*"
31. Re:Black hat not White by Securityemo · 2011-02-20 06:59 · Score: 1
  
  Not really, it's still intrusion. Complexity and aggressiveness of the attack doesn't matter much, not to non-tech people at the least. Just look at McKinnon.
  
  --
  Emotions! In your brain!
32. Re:Black hat not White by Securityemo · 2011-02-20 07:02 · Score: 1
  
  Hair-splitting it like that amounts to using what should be a label of moral/ethical behavior as a title of prestige.
  
  --
  Emotions! In your brain!
33. Re:Black hat not White by ciabs · 2011-02-20 07:02 · Score: 1
  
  You used the word attacks in all options
  I know you "can't remove it" on slashdot.
  But get what I'm saying here.
  I get if you would want to retract it.
  The description sucks.
  But so does fear
34. Re:Black hat not White by ciabs · 2011-02-20 07:03 · Score: 1
  
  Someone who accidentally has root is not an attacker or a hacker in any sense.
  Actually, I think your full of it now. Enough lies.
35. Re:Black hat not White by Securityemo · 2011-02-20 07:04 · Score: 1
  
  I didn't say it necessarily was the US government who'd run the campaign.
  
  --
  Emotions! In your brain!
36. Re:Black hat not White by ciabs · 2011-02-20 07:06 · Score: 1
  
  u persist using the word attack
37. Re:Black hat not White by ciabs · 2011-02-20 07:07 · Score: 1
  
  that's right sleep mode
38. Re:Black hat not White by AftanGustur · 2011-02-20 07:21 · Score: 2
  
  The work was being done for a government agency. White Hat.
  :-)
  By that definition the Chinese hackers that were involved in Operation NightDragon were probably also "Wiite hats"
  
  --
  echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
39. Re:Black hat not White by Anonymous Coward · 2011-02-20 07:30 · Score: 0
  
  +1
40. Re:Black hat not White by schwinn8 · 2011-02-20 07:53 · Score: 1
  
  Still, the question above applies... why do you think your morals are necessarily "good"? For all we know, you could be a terrorist who thinks that what he/she is doing is "good" (you do realize they think they are doing a good thing, according to their morals). But, as you can see, your moral basis doesn't mean that it is good for anyone else or society as a whole. For this reason, good/bad MUST be considered socially / as a group, or as all of human-kind/earth-kind. Bottom line, just because you (or the hackers) think they are doing good, doesn't make it so. Hence, the above distinction for black/gray/white stands.
41. Re:Black hat not White by Securityemo · 2011-02-20 08:18 · Score: 1
  
  Certainly, but what I consider "good" or "bad" or "just" is just what my "moral neurocircuitry" tells me is. Therefore there is no true universal morality, and what we can call "morality" on a societal level becomes something very different from what is everyday experienced as such, and probably shouldn't be called that. The closest thing to universal morality would probably be "suffering" and the empathic reaction to this in others, but even this has limits - what if I suffer so long as I cannot take vengeance upon another, so that he would suffer, for example? What about the suffering of the man who *knows* the gay couple next door is bringing god's wrath on him by having sex every night?
  
  I see two major impediments or problems to this basic view of morality: religion and complex social structures. Religion adds "false suffering" to their adherents, which makes them prioritize and react in a way that is very strange. So long as they are alone in it it is a simple issue, but when we involve inflicting suffering on others or spreading their "false suffering" to their children it becomes a problem. As for complex social relationships, I don't speak about prioritizing your loved ones or such situations, but oaths and structures losing purpouse and becoming a burden and impediment to the reduction of suffering, or at the worst adding suffering. I do not delude myself that I have any solutions to these problems, but I do believe others delude themselves, or hide behind principles such as "war is always wrong" or "guns are evil" so that they can conclude that others suffering is inevitable and is thus spared from thinking about it as something concerning them.
  
  --
  Emotions! In your brain!
42. Re:Black hat not White by lostthoughts54 · 2011-02-20 09:13 · Score: 1
  
  It's nothing to do with "good" or "evil", it's what you do with the results. If you hack, say, Hamas, and then use that information to your advantage, you are Black Hat. If you hack Hamas, then walk in through their front door with a report of how you owned them (pwned, pwnz0red, whatever) and how they can fix their systems, you are White Hat.
  Not quite. If they REQUEST that you "hack" them and you do so, you're a white hat. If you do it without being asked, then you're a black hat. Walking through the door later is a CYA technique only.
  i have to agree here. HBgary seems black hat to me.
  The way i have always understood it: Black hat: exploits security flaws.
  White hat: offers tips on improvement through request
  Grey hat: Offers tips on improvement without any request.
  also i dont think walking through the door later is a CYA only, i think there are people who do the hacking then alert who they hack for the simple excitement of it without wanting to cause harm, i dont feel right calling these people black hats.
  side note: when u do that tho, u are at the mercy of the company u just confessed to.
43. Re:Black hat not White by chris_7d0h · 2011-02-20 09:52 · Score: 1
  
  A 'White Hat' hacker is someone who aims to improve security
  That statement leaves the definition up to a point of view.
  From the US PoV this could well be seen as a white hat activity as the aim is to serve USGov interests, while from the targets PoV it would be deemed black hat. A Russian counterpart of this company would by your reasoning be a black-hat company from a US perspective but a white-hat (good) from Medvedev's, since it poses a threat to the USGov agenda and serves the RusGov's.
  
  --
  In a society that believes in nothing, fear becomes the only agenda ~ Bill Durodié
44. Re:Black hat not White by DavidTC · 2011-02-20 10:25 · Score: 2
  
  ciabs, you are retarded, and I suspect your problem is that you think I responded to you in my original post.
  I did not. I responded to a post that said 'It's very simple. Once you discover an exploit in someones code, you can choose to either inform them so they can fix it (White Hat) or withhold the discovery for personal gain (Black Hat).'
  That was the post. You, in response to that, told a stupid little story about getting root. Likewise, I responded to that with a clarification of the terms.
  You took my response to the original post and hallucinated I responded to you, and, because you have some sort of brain trouble and cannot quote, you did not even manage to make your misunderstanding clear.
  In short: Learn how the goddamn internet works.
  
  --
  If corporations are people, aren't stockholders guilty of slavery?
45. Re:Black hat not White by mug+funky · 2011-02-20 10:27 · Score: 1
  
  more enticing headline = more ads clicked (maybe).
  they don't do it too badly here, compared to even the most respected online newspapers.
46. Re:Black hat not White by ogl_codemonkey · 2011-02-20 10:28 · Score: 1
  
  Yes - maliciously interfering with the infrastructure of a sovereign nation is an act of war. Doing it surreptitiously through civilian channels makes it terrorism.
47. Re:Black hat not White by WorBlux · 2011-02-20 11:19 · Score: 1
  
  The owners authorization is what's relevant, not the government's (Government being nothing more than a group of men and women who do business at the barrel of a gun)
48. Re:Black hat not White by Pf0tzenpfritz · 2011-02-20 11:55 · Score: 1
  
  They are obviously black hats doing the dirty work for gov and major coorps. I think the correct term in this case is "ass hat",
  
  --
  Oh, the beautiful gloss of greality!
49. Re:Black hat not White by tick-tock-atona · 2011-02-20 12:46 · Score: 3, Insightful
  
  Richard Nixon said "If the President does it, it is legal." We all know how that worked out for him. It sounds like you are substituting "government agency" for "President." No one is above the law, not a President, and not a government agency. Black Hat is Black Hat no matter who is doing it, or who they are doing it for.
  Actually, in the US today, the President and government agencies *are* above the law.
  
  Yesterday, in South Carolina, an Obama-appointed federal judge dismissed a lawsuit brought by Padilla against former Bush officials Donald Rumsfeld, John Ashcroft, Paul Wolfowitz and others. That suit alleges that those officials knowingly violated Padilla's Constitutional rights by ordering his due-process-free detention and torture. In dismissing Padilla's lawsuit, the court's opinion relied on the same now-depressingly-familiar weapons routinely used by our political class to immunize itself from judicial scrutiny: national security would be undermined by allowing Padilla to sue; "government officials could be distracted from their vital duties to attend depositions or respond to other discovery requests"; "a trial on the merits would be an international spectacle with Padilla, a convicted terrorist, summoning America's present and former leaders to a federal courthouse to answer his charges"; the litigation would risk disclosure of vital state secrets; and "discovery procedures could be used by our enemies to obtain valuable intelligence."
  
  In other words, our political officials are Too Important, and engaged in far Too Weighty Matters in Keeping Us Safe, to subject them to the annoyance of the rule of law. It's much more important to allow them to Fight The Terrorists without restraints than to bother them with claims that they broke the law and violated the rights guaranteed by the U.S. Constitution.
  
  Fortunately, other countries are not so squeamish about prosecuting war crimes, which is why Bush et al. will likely never set foot in the EU again.
  
  Goodbye, leaders of the free world. It was nice while it lasted.
50. Re:Black hat not White by Anachragnome · 2011-02-20 13:18 · Score: 1
  
  "They are most definitely 'Black Hat'."
  "The work was being done for a government agency. White Hat. "
  Actually, it doesn't really matter anymore. What matters is the fact that, more then likely, ANONYMOUS now has these tools. We have to assume the entirety of HBGary's data were compromised--The Ars Technica article seems to imply a greater knowledge of these tools then the emails alone would impart. Hmm. The only reason I could see Anonymous not getting these tools after the caper they pulled off is if HBGary were so confident in their own products that they effectively kept them quarantined from outside networks, as they should have. But reason doesn't really stand out as being a characteristic of these guys--they claim to be "security specialists" then leave the fucking front door unlocked. Does that sound reasonable to you?
  More power to them--the guys that wanted to use these tools now have a legitimate fear of being targeted by them themselves, and by, of all people, Anonymous. Fucking Awesome.
  Once again, the cat is out of the bag, and Ars Technica is simply helping pass out the cookies. Care for a cookie, Greg?
51. Re:Black hat not White by rtb61 · 2011-02-20 19:16 · Score: 1
  
  Your countries espionage White hats would be other countries Black Hats as there are always many more other countries and you would also consider other countries White Hat espionage agents as Black Hats, the numbers are definitely for Black Hats as the appropriate nomenclature.
  Time of course to point out the stupid. You also would be giving away dangerous technology that once discovered could and would be used against you. Now to make that even worse, you can not defend against the attack without alerting others to it thus defeating it's value, what can you say but, "the stupid, oh my God, it burns". So not only Black hats but really bloody stupid Black Hats.
  
  --
  Chaos - everything, everywhere, everywhen
52. Re:Black hat not White by Anonymous Coward · 2011-02-20 22:11 · Score: 0
  
  Yes. That's because it is not up to the government that decides to hack into foreign computers to also decide which other governments are evil or not. If you think otherwise, you simply do not have the faintest idea what the word "justice" means---like the vast majority of US citizens.
53. Re:Black hat not White by elucido · 2011-02-22 00:02 · Score: 1
  
  The work was being done for a government agency. White Hat.
  :-)
  By that definition the Chinese hackers that were involved in Operation NightDragon were probably also "Wiite hats"
  To the Chinese yes they'd be the White Hats. To the rest of the world they'd be something else.
54. Re:Black hat not White by schwinn8 · 2011-02-22 01:04 · Score: 1
  
  I commend you on being able to notice the delusions behind statements like "guns are evil". However, you still made a statement that shows me your bias: "What about the suffering of the man who *knows* the gay couple next door is bringing god's wrath on him by having sex every night?"
  
  Now, I'm not sure whether YOU feel this way or not, but, in any case, the statement is irrelevant. What the man "knows" about the gay couple going to hell or whatever is only in the man's mind. As long as the gay couple aren't hurting anyone else, what they do in the privacy of their own home is not anyone's business. That doesn't mean the gay couple are necessarily without fault (ie, they shouldn't go around to churches "displaying" their love just to piss others off - because they, too, would be hurting others). But, in this limted statement, the man has no right to say or do anything just because they are gay or because they love each other. As I said before: Do no harm.
  
  Bringing this back to the original point... what the individual "knows" about good and evil is not relevant to black/white hat discussions. The action, alone, is what's at play. If the hacker is doing this to help solve the problem in the software, then they are white-hat... otherwise, they are gray/black hat. What either party believes in is irrelevant for the same reasons as the man in your example above.
55. Re:Black hat not White by sznupi · 2011-03-06 20:47 · Score: 1
  
  I assume that by "while it lasted" you mean "while the concept had great PR"? (which included also comparative advantage with many more places - but such advantage doesn't mean much in general, especially considering the mode of creation of some lesser places in particular; but places populated with lesser people, so the PR could work well... comparably)
  
  --
  One that hath name thou can not otter
Why "White hat"? by Goglu · 2011-02-20 03:09 · Score: 5, Insightful

Why would this qualify as "white hat"? Because they sell their solutions to corporations? Corporations are often no better than the mafia: check how well established and still active corporations helped bring Hitler to power.

What would it be called if they sold their solutions to the "legitimate" government of Saudi Arabia? Or to Hamas (who was elected as the representatives of the Palestinian people)? Would it still be "White hat"?

I propose that "White hat hacking" be reserved only to those who use their skills for the good of the community as a whole. Just my 2 cents.
1. Re:Why "White hat"? by Gaygirlie · 2011-02-20 03:22 · Score: 1
  
  Indeed. Some people, most notably samzenpus, apparently think it's white hat hacking when it's a company or government doing the hacking. But that obviously isn't the case. White hat hacking is really about people who do the hacking in order to improve security and to help people whereas in this case it is perfectly clear neither the government or HBGary has any intention of helping anyone except themselves.
  Throwing a rootkit on someone's laptop without that person knowing about it and with the intention of allowing them unrestricted access to the laptop ever after is definitely black hat, especially since they have absolutely no intention of ever revealing the security holes or how the rootkit works or what it does.
2. Re:Why "White hat"? by Gaygirlie · 2011-02-20 03:25 · Score: 1
  
  In a reply to myself: https://secure.wikimedia.org/wikipedia/en/wiki/Hacker_(computer_security)#Hacker_attitudes has pretty good definitions of these.
Good Thing by Wicked+Zen · 2011-02-20 03:15 · Score: 5, Funny

~Well, it's a good damn thing they're developing these products for the government, and not like, someone we can't trust to use them responsibly.~
White-hat? I don't think so by moonbender · 2011-02-20 03:15 · Score: 4, Insightful

White-hat? Hacking doesn't automatically get a white hat just because it's done for your favorite government (or other organisation). Developing malware and rootkits destined for actual use is black hat hacking, plain and simple. HBGary did both black and white hat stuff.

--
Switch back to Slashdot's D1 system.
1. Re:White-hat? I don't think so by Securityemo · 2011-02-20 03:27 · Score: 1
  
  You could argue that "Hats" is a bad construct, and that if you understand the consequences of your actions conventional moral terms serve much better. The only reason the terms are used, I think, is because of the fact that it's so easy to get away with things. There's no external moral reinforcement because there's really no effective law enforcement and the anonymity is total. I think this is why all the security people I've met IRL have been "neurotic" or "twitchy".
  
  --
  Emotions! In your brain!
2. Re:White-hat? I don't think so by Anonymous Coward · 2011-02-20 03:39 · Score: 0
  
  Perhaps we need a new category, Santorum Hat. Kinda like an Ass Hat, only more...graphic.
3. Re:White-hat? I don't think so by Anonymous Coward · 2011-02-20 03:46 · Score: 0
  
  White hat doesn't apply here. HBGary could be best described as IT mercenaries.
4. Re:White-hat? I don't think so by Securityemo · 2011-02-20 03:49 · Score: 1
  
  "Good? Bad? I'm the one with the 0day." /
  "The only law on the internet is assembly and RFCs."
  
  --
  Emotions! In your brain!
5. Re:White-hat? I don't think so by Anonymous Coward · 2011-02-20 04:18 · Score: 0
  
  Meh. Doesn't fit... If HBGary are mercenaries, then so are all the various DoD contractors and their sub-contractors. Also, mercenary would imply selling to the highest bidder, but quite clearly HBGary only dealt with the US government and US government contractors.
  I actually don't believe the bank of america/chamber of commerce emails are legit, though I think most of the olders ones are. I think anonymous wrote a few of those emails to feed their anti-government/corporate agenda (yes, they obviously have an agenda). In the time line of the attack, anonymous apparently had email access for 3 days before posting the first torrent, and 10 days before the second torrent. Plenty of time to craft some email chains or to just add nefarious words to a few emails.
6. Re:White-hat? I don't think so by Securityemo · 2011-02-20 04:33 · Score: 1
  
  Yeah, it would have been "mercenary" if they where contracted to do actual "computer espionage" but here they only built the tools. Maybe there are other firms that do that sort of stuff though? And I believe most mercenary firms would not hire out their services indiscriminately. Blackwater (now Xe) is considered to be "trash" by other mercs from what I've read, and it certainly fits the alleged cocaine parties and shooting wildly in the air.
  
  --
  Emotions! In your brain!
7. Re:White-hat? I don't think so by DavidTC · 2011-02-20 06:19 · Score: 1
  
  HBGary are not 'mercenaries', they are 'weapon suppliers'.
  Mercenaries are 'people paid to fight a war who are not in the armed services'. That's all that means.
  Some of the DoD contractors are, indeed, mercenaries, although they really dislike being called that, thanks to our quite legitimate dislike of mercenaries.
  
  --
  If corporations are people, aren't stockholders guilty of slavery?
8. Re:White-hat? I don't think so by gstrickler · 2011-02-20 10:36 · Score: 1
  
  In fact, I would assert that if it's being done by/for a government, that makes it suspect. Doesn't mean it's automatically black hat or white hat, but any government hacking of citizens should be viewed with great skepticism. There are legitimate reasons, but it's up to the people/agency performing the hacking that it's actually in the public interest and for legitimate law enforcement purposes.
  
  --
  make imaginary.friends COUNT=100 VISIBLE=false
9. Re:White-hat? I don't think so by elucido · 2011-02-22 02:44 · Score: 1
  
  If they just get a search warrant then thats the legitimate reason.
10. Re:White-hat? I don't think so by gstrickler · 2011-02-22 06:16 · Score: 1
  
  Agreed, but lately, many times they don't have a search warrant. Also, how do you control the distribution and installation of viral malware as proposed in the article? There is no search warrant that can legitimately cover that.
  
  --
  make imaginary.friends COUNT=100 VISIBLE=false
"Greg Hoglund" not "HBGary" by Securityemo · 2011-02-20 03:22 · Score: 3, Insightful

Greg Hoglund is a leading expert on rootkits, and per the article it was he who did all the developement and research. If the article tells the truth, the firm sold advanced rootkits to the US government, and the latest iteration would have been one that used advanced memory management techniques to jump around in process memory and do it's thing without using any OS-managed structures, thus evading detection. I don't grok this at all, but it sounds like an advanced version of a technique I read about where the malware extracted the code from DLL files and ran things without having to go through the OS. So that part was entirely llegit, but the social networks part (which the government apparently wasn't at all interested in, presumably because they already got a contract with those Palantir guys) was evidently a catastrophe in the making.

--
Emotions! In your brain!
1. Re:"Greg Hoglund" not "HBGary" by Anonymous Coward · 2011-02-20 07:53 · Score: 0
  
  Ovbiously many "smart" guys brainstorming their ideas (and spending on BMWs) and one smart guy doing all the work that matters.
  Well this is a political scandal, government working with a semi-criminal company. I guess laws don't apply to them if they're under government contract.
  And we blame Russian mafia...
2. Re:"Greg Hoglund" not "HBGary" by Securityemo · 2011-02-20 08:01 · Score: 1
  
  Actually it was founded by Hoglund, and it sounded like the core of the company was Hoglund and Hoglunds wife (as a manager of some sort).
  
  --
  Emotions! In your brain!
White Hats ??? by Anonymous Coward · 2011-02-20 03:29 · Score: 0

Given all the unethical and outright illegal activities that the government has been up to recently, shouldn't a hacker firm employed by the government to spy really be called professional black hats ? ( BTW, in China they're called 'patriotic hackers' ).
The Chinese government says: by Anonymous Coward · 2011-02-20 03:29 · Score: 0

Told you we were just whitehat hacking all along.
Guess imitation is the sincerest form of flattery after all.
How is this White Hat? by Anonymous Coward · 2011-02-20 03:30 · Score: 0

Usually when you're compromising or bypassing the security of another's system to steal or plant data it's considered black-hat, regardless of who does it.
What?? by Anonymous Coward · 2011-02-20 03:37 · Score: 0

Nowhere in the article does it mention "White-hat" hacking.... I smell bait. Flame, troll, or otherwise. Good read non the less.
explains much by bugi · 2011-02-20 03:42 · Score: 1

They spend so much time dicking around with my laptop at airports and borders so it's not so suspicious when they also dick around with your laptop. Now if they'd just hire somebody with a clue to fondle my ports, I could get through the line much much faster.
1. Re:explains much by Securityemo · 2011-02-20 03:46 · Score: 1
  
  That's just stupidity and people performing tasks without understanding the reasons behind them. But from what we've seen, "US intel" would evidently take advantage of the situation of confusion, I.E. install malware onto targets during border checks. They probably already are.
  
  --
  Emotions! In your brain!
2. Re:explains much by Anonymous Coward · 2011-02-20 03:48 · Score: 1
  
  I pop in a separate hard drive when I travel. when I arrive, i swap it with the real one (which is encrypted of course).
3. Re:explains much by Anonymous Coward · 2011-02-20 04:06 · Score: 0
  
  As oppsed to PLA 3rd Department - who simply enter your hotel room while you are visiting, say Bejing, and ghost your entire drive while you are out to dinner.
  Hell sometimes they don't even bother to put your laptop back the case.
4. Re:explains much by Securityemo · 2011-02-20 04:14 · Score: 1
  
  I suppose they have to deal with stupidity as well as anyone else. Wonder how they handle it, what with their "saving face" culture? Or maybe their military/police has a different internal culture?
  
  --
  Emotions! In your brain!
5. Re:explains much by Arancaytar · 2011-02-20 04:22 · Score: 0
  
  fondle my ports
  Dude, TMI.
6. Re:explains much by Anonymous Coward · 2011-02-20 06:54 · Score: 0
  
  And this protects you from the logging hardware they installed how, exactly?
7. Re:explains much by Securityemo · 2011-02-20 07:11 · Score: 1
  
  Malware can be explained away as malware, especially if it logs to a "dead drop" of some sort that can't be linked back to the intruder. A hardware computer bug, if found, would be much harder to explain away. Especially if found en masse by people who's only link in space and time is crossing the US border.
  
  --
  Emotions! In your brain!
submitter here by romanval · 2011-02-20 04:20 · Score: 4, Informative

I was gonna put quotes (") around "white hat" but I was out of space. Slashdot needs to accept longer titles.
This title for was difficult to make because the TFA has subject matter that's all over the map: Collections of 0-day unpublished exploit vectors, rootkits with keyboard loggers disguising payload as ad click tracking data, and social network tracking via bot accounts. Tough to summarize in just 50 characters.
1. Re:submitter here by penguin_punk · 2011-02-20 04:32 · Score: 1
  
  Don't worry. Just be content that your story made it to the front page. Some people will bitch about articles regardless.
  
  --
  HURD - Hurd's Under Research & Development
2. Re:submitter here by Anonymous Coward · 2011-02-20 04:54 · Score: 0
  
  Why not simply call it "The Inner World of Government Sponsored Hacking"?
  Since the company does both white and black hat hacking this title is not only easier to fit within the 50char limit but it is also more precise.
3. Re:submitter here by ItsJustAPseudonym · 2011-02-20 06:30 · Score: 0
  
  YahOKwe'llgetrightonthat,AC.
4. Re:submitter here by Anonymous Coward · 2011-02-20 06:50 · Score: 0
  
  You could leave out the "The" in the title.
5. Re:submitter here by Securityemo · 2011-02-20 07:46 · Score: 1
  
  "Inner World of Government Sponsored Hacking: Effectively Recognizing the Signs of Paranoid Schizophrenia in the Information Age - A Primer w/Case Studies".
  
  --
  Emotions! In your brain!
6. Re:submitter here by Anonymous Coward · 2011-02-20 09:54 · Score: 0
  
  Good thing you didn't omit the word hacking and just go with "white-hats", since I''d probably still sit here wondering: White hat what? White-hat bakers? White-hat cowboys? White-hat wombats? Surely not white-hat hackers, though, never heard of those...
HBGary is the archetypical black-hat firm by moxsam · 2011-02-20 04:26 · Score: 0

Just because what they did may be legal, although I have my strong doubts it actually was, doesn't mean that they are not black-hat hackers. They obviously have no morals, thus they are a black-hatted.
black, white, gray... by DEmmons · 2011-02-20 04:52 · Score: 3, Informative
It was my understanding, gleaned from sources including the good old Jargon File, that one of the most agreed upon standards for hat color definition is a combination of permission and intention:
- White Hats are hired or are granted permission to attempt to crack a system's security by the owner(s), usually for the purpose of auditing security, discovering vulnerabilities, and understanding how to fix or minimize them.
- Gray Hats crack security without authorization, but have no ill intentions once they succeed. These are either practicing their art for practice's sake, doing the owners a favor (unsolicited) by letting them know where the vulnerabilities are so they can fix it, or most likely both.
- Black Hats crack security maliciously, for a wide variety of reasons - some personal, some financial, and some political. They intend to steal, vandalize, or otherwise harm the owners. Self-styled hacktivists may be an exception to some as they have intentions that they may believe are good, but in general fit here because they have niether the permission nor the intention of doing any good for the system's owners. This is probably the case for Cyber Warriors as well - those who are cracking security by order from their government, as soldiers in an online (but very real) war, or as spies. in these cases, it could mean that even a black hat isn't necessarily evil - and anyway, determining good and evil are probably outside of the scope of the discussion.
This is, of course, not the only way in which these terms are used, and they do in fact derive from the old spaghetti western convention of good guys in white cowboy hats, and bad guys in black. Technically, HBGary in TFA was not asked to do any form of cracking, just to develop tools and strategies. These tools, of course, were obviously for government-sanctioned attacks, and would have ended up in the hands of cyber warriors / spies. In use, it would probably qualify as a black-hat operation, although ostensibly for the cause of good if the ultimate goal is to thwart terrorists (though it must be kept in mind that many terrorists believe they are on the side of good. it's a strange world).
1. Re:black, white, gray... by Anonymous Coward · 2011-02-20 05:40 · Score: 1
  
  For most, (I was one) this is a decision which is made in an instant, and the only guidance is how you were brought up.
  I was faced with whoops I have root. I quickly noticed there was NO FIREWALL and all files were open and exposed and nobody had been logged on for a month or more. There were numerous binaries, after fighting everything off, getting a firewall up, and doing a virus scan, I couldn't find a rootkit. (Although I didn't have authorization, I fixed the problem because I knew the owner on a personal level, I then turned it to em) I like people and I know a lot of people like this. Anyway...
  Which lead to other problems and disruptions with my business, but... back to the split second "your upbringing" decision. (I have since had many such encounters, and I can't believe how stupid the mistake(s) is.)
  Are you willing to persist with slow retarded negative reactions to try to help someone who will certainly suck a lot of your time and resources?
  Can you fix it "correctly" right now? wget file, edit settings, paths and make it all behave, install file
  Do you simply take a note for future survival.
  Safely (or not) openly suggest it somewhere that everyone should check a, b, c..
  Have you sworn an oath to something else besides the US Constitution and protecting the president (brevity, lookup oaths)
  Rather spy?
  Learn?
  The real problem I see here is the bigger picture. All this paranoia intelligence net is sucking the life out of American's productivity, trust, and leverage, it can't be sustained. This is nuts, either you get it or you don't. The light switches are being turned off on us US Citizens, but not the establishment government or officials.
  Last year I told you how the Senators and officials have turned the switch on feedback or any dialog on the American people.
  Today I point out, as the establishment is cleaning it's tracks up using time as a weapon, when you contact officials, (say using email) your reply is a template steered, machine generated, personalized tuned response. That isn't dialog, it's police state bullshit.
  And I also point out in addition, (although it's been going for years) how when one official on one state's decision effects someone in another state, to (even contact via email) that official (who requires a bunch of personal information on a form template which is then exploited for the final filtered official response) ; *THE decision* is made by comparing address with district and if it doesn't match, the whole turd is dumped + Please help us get re-elected spiel.
  I rather have their top 1000 foreign and corporate influences list.
  Then when the town hall meeting comes along, boom.
2. Re:black, white, gray... by ciabs · 2011-02-20 05:46 · Score: 1
  
  Shred like Yngwie Malmsteen with truth
  and restore the dialog
  (fixed it)
3. Re:black, white, gray... by elucido · 2011-02-22 00:19 · Score: 1
  
  As far as I know, that would make HBGaryFederal White Hats.
  In specific they did not break any laws.
  In specific they were building tools, strategies and software for cyber warriors or may even be the cyber warriors.
  In specific they are honest about what they are doing, they call themselves HBGaryFederal, they use their real names.
  It does not seem to me that there is anything Black Hat about them. If they are Black Hat then they don't seem to know a damn thing about opsec. I mean first of all they don't have fake identities, which is the first thing you'd expect Black Hat hackers to have. Black Hat hackers never hack or do any kind of security research under their real identity.
  So just working for HBGaryFederal would probably make it impossible for any of them to break any laws or do anything off the books which means they can't be an effective Black Hat. The fact that they warned Anonymous is another White Hat type move, or Grey Hat move. Black Hats would never warn the enemy, in fact Black Hats would never exist because they would not have names or identities from which to trace, or a company from which to find their hive.
  Anonymous are the Black Hats.
4. Re:black, white, gray... by DEmmons · 2011-02-22 00:57 · Score: 1
  
  yes, they are a security firm, and as such need to maintain a white hat / ethical hacker image. I'd judge their actions individually, though, and I'm thinking in this case they weren't wearing a hat at all - they were only creating tools and strategies. of course, internally such tools must be tested, and doing so is pure white-hat. using the same tools against another party without their knowledge and permission, for a purpose other than improving their security, would not constitute a white hat operation even if they maintain a normally clean reputation. I don't think they did that, though, and even if they did, it doesn't say whether they are good guys or bad guys or evil or anything. the convention of hats is about something else entirely.
5. Re:black, white, gray... by elucido · 2011-02-22 02:21 · Score: 1
  
  yes, they are a security firm, and as such need to maintain a white hat / ethical hacker image. I'd judge their actions individually, though, and I'm thinking in this case they weren't wearing a hat at all - they were only creating tools and strategies. of course, internally such tools must be tested, and doing so is pure white-hat. using the same tools against another party without their knowledge and permission, for a purpose other than improving their security, would not constitute a white hat operation even if they maintain a normally clean reputation. I don't think they did that, though, and even if they did, it doesn't say whether they are good guys or bad guys or evil or anything. the convention of hats is about something else entirely.
  I don't think White Hat = Pacifist. If there is a legitimate cyber war, then you'd know that there would be White Hats who would have the legal authority or responsibility to fight the cyber war.
  These White Hats would be cyber warriors first.
  White Hats in specific would be improving the national security of the United States in this context, and as long as no laws are broken I don't see any problem with it.
  Now if they broke the law to enforce the law then I have a problem. If they abuse human rights to defend human rights then I have a problem. It depends on what they were doing but from what I've seen of HBGaryFederal they seem to have the role of the much hyped cyber warrior.
  What exactly did we expect them to be doing? At worse they could be Grey Hat's but they are not Black Hats because they aren't breaking the law, so even if the user of the system does not give them permission to enter and search the system the government and true owner of all systems in the United States has the permission and gave them the permission on the behalf of the United States.
  It's like saying a detective isn't really a cop. Of course a detective is a cop. And as long as the detective follows the law, the detective is not a corrupt cop or pig. Just like with Black Hats, they can hack and break the law, but if they ever work with the feds then they are snitching, because Black Hats aren't supposed to work with law enforcement while they break the law.
  It's about being consistent, honest, and maintaining reputation. That is what makes them "White", that requires following the law and being like a choirboy or saint in the eyes of government. It's a strategic position hackers take when they want to go legit and avoid prison.
  Black Hats like Alberto Gonzales on the other hand who go around setting up and hacking their buddies, these are the problem. Specifically because this group is dishonest to everybody, dishonest to the hacker community.
  This is the problem I had with what HBGaryFederal did with Anonymous. HBGaryFederal if they are White Hats, had no business trying to infiltrate Anonymous. Essentially White Hat's now have the role like it or not, as being the cops. Black Hats have the role of being the criminals. The Black Hats who assist the White Hats are the informers or snitches whom the the vast majority of the hacker community hate.
  This is also the problem the community has with what Adrian Lamo did. If Adrian Lamo is a White Hat then why the hell would Bradley Manning a Black Hat be contacting him and discussing illegal information and activities? Adrian Lamo was never a Black Hat. He was always either White Hat or Grey Hat.
  So basically what we see is that the government is creating this whole cyberwarfare environment probably to increase funding. The government is paying White Hat's and Grey Hat's to help fight the Black Hat's that pissed the government and establishment off. If it's a Black Hat the government likes, this Black Hat is typically either an informant or some sort of government operator. If it's a Black Hat the government does not like, then it's a cyber terrorist. Ultimately the government selectively allows some Black Hat's to break the law, and does not or will not investiga
6. Re:black, white, gray... by DEmmons · 2011-02-28 14:50 · Score: 1
  
  haha, like i said, there are other definitions. you are certainly defining the whole concept quite differently than i and many other people do. and of course, as i acknowledged, your view is also extremely common. like many people you are looking for a 'good guys, bad guys' definition (good luck!). I'm not even going to try to use it to classify people, people can wear more than one hat, even at the same time if they want to. I just classify the hacks themselves, so to me it will continue to be simple: if you have permission, it's white hat. no permission but good intentions, gray hat. otherwise, black. it's just like walking up to a neighbor's house and noticing their door can be opened with a credit card because they forgot the second lock on the door. if they are your friend and asked you to check the door, white. if you don't know them or weren't asked, but you open the door, leave a note letting them know about it, and then lock it and leave, gray. if you take something or prank them or anything else it's black.
  
  just one of many ways to define hats, but it is at least consistent.
they take knolwedge form black hats by Anonymous Coward · 2011-02-20 04:52 · Score: 0

and this hat or that i am hacker, the terms you give me or others is a joke. REAL hackers never work for the govt, those people are security people like cops. END OF STORY
1. Re:they take knolwedge form black hats by Securityemo · 2011-02-20 04:59 · Score: 1
  
  Terms, no matter how loaded with power and prestige, are irrelevant generalizations. Life is not a game of Shadowrun, just something very similar.
  
  --
  Emotions! In your brain!
2. Re:they take knolwedge form black hats by Jeremiah+Cornelius · 2011-02-20 07:03 · Score: 4, Interesting
  
  Ahhh... Let's cook-up another "Twitter Revolution".
  "But for a defense contractor with ties to the federal government, Hunton & Williams, DOD, NSA, and the CIA - whose enemies are labor unions, progressive organizations, journalists, and progressive bloggers, a persona apparently goes far beyond creating a mere sockpuppet.
  According to an embedded MS Word document found in one of the HB Gary emails, it involves creating an army of sockpuppets, with sophisticated "persona management" software that allows a small team of only a few people to appear to be many, while keeping the personas from accidentally cross-contaminating each other. Then, to top it off, the team can actually automate some functions so one persona can appear to be an entire Brooks Brothers riot online."
  http://www.dailykos.com/story/2011/02/16/945768/-The-HB-Gary-Email-That-Should-Concern-Us-All
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
funny name (sort of ) by roman_mir · 2011-02-20 05:37 · Score: 2

It's sort of ironic that another product with the same name (Plan B) is used to get rid of unwanted 'intrusion', not promote it...

--
You can't handle the truth.
Re:I'm a little teapot, MOTHERFUCKER by somersault · 2011-02-20 05:42 · Score: 0, Offtopic

But look good sir, he is short and stout! Behold his handle.. and there his spout!

--
which is totally what she said
Pedants ruined this discussion by Anonymous Coward · 2011-02-20 06:23 · Score: 2, Insightful

I'd read TFA earlier. I decided to read the discussion here to see what interesting thoughts people might have on the topic, only to find page after page of arguments about hat colors. WTF? Pedants very rarely ever add to the discussion. Their comments seem mostly intended to inflate their own sense of superiority, and sadly often derail the discussion here as so many readers seem inclined to try to prove they are smarter. I'm sure someone will post a snarky reply that I must be new here. I'm not. I learn something every day reading here. However, this has got to be one of the most vacuous discussions I've seen related to what is a technically interesting topic that deserved better.
1. Re:Pedants ruined this discussion by Securityemo · 2011-02-20 06:30 · Score: 1
  
  This is because the only ones that can really contribute to this discussion is those who have technical knowledge of computer security and those who have experience with government or IT security contracting. You should probably be happy that anyone here can contribute at all to the discussion.
  
  --
  Emotions! In your brain!
2. Re:Pedants ruined this discussion by mug+funky · 2011-02-20 10:38 · Score: 3, Insightful
  
  the HBGary sockpuppets are all over /.
  didn't you know?
  btw, how much do labour unions suck? OMG i like totally need to tweet some fox news links right now.
  i like BP. i think the government is being overly harsh.
  Obama is a muslim and wasn't born in america
  AGW is a myth perpertrated by the illuminati and terrorists to make us give up our guns. think about it.
3. Re:Pedants ruined this discussion by Rick17JJ · 2011-02-20 11:08 · Score: 2
  
  I was also hopping for some discussion of more substance, than just arguing about hat colors. Below are several things from article that I would have liked to have seen discussed:
  1. Near the end of the article, it mentioned that HBGary had been hacked by Anonymous. If experts like HBGary can not protect themselves from hackers, how can the rest of us mere mortals ever defend ourselves? There was also another recent article on the Ars Technia website that focused on the hacking of HBGary by Anonymous.
  2. The article also mentioned the revolving door of employment between the highest levels of government and corporate offices. That makes me wonder if there any large corporations might possibly secretly be using that type of software to spy on competitors.
  3. Have they also targeted various other operating systems such as Mac OS, Linux, FreeBSD (or not)?
  Those are the kinds of things that I would have liked to have seen discussed instead of the stupid argument about hat colors
  Are there really that many Slashdot readers wanting to argue about hat colors? Perhaps the government or HBGary might have created many of vacuous posts, through fake accounts, and then tried to keep the discussion focused on hat colors instead of anything of more substance. If the government has hundreds of fake Facebook accounts, perhaps they also might have hundreds of fake Slashdot accounts. I assume that is what mug funky meant when he said that "HBGary sockpuppets are all over /.
4. Re:Pedants ruined this discussion by Securityemo · 2011-02-20 14:03 · Score: 1
  
  1. It was an act of social engineering against their admin. They got their hands on the SSH password - not superhuman hacking skills. And it was a 16-year old girl that did it, to boot.
  
  2. Yeah, I'd think so. But you need to know the limitations and proper use of that sort of software at least, to avoid getting caught.
  
  3. The rootkits I've seen are mostly for windows, though there are a lot of *nix rootkits around. Traditionally, rootkits where the domain of *nix servers - they where as far as I know not needed in the pre-NT era.
  
  As for sockpuppets, there's a few users here with spelling suspiciously similar to Barrs, but I'm not going to point fingers. It could be just a coincidence.
  
  --
  Emotions! In your brain!
5. Re:Pedants ruined this discussion by Securityemo · 2011-02-20 14:14 · Score: 1
  
  Elaborating: I assume these rootkits (I don't think HBGary have knowingly participated in industrial espionage mind, but there are a lot of malware authors out there) are sold as packages designed for use in spear phishing or usb key schemes. In order for the attacking party to avoid liability when the software exfiltrates data from the target network, no matter how good steganography it uses, it would need to dump the data onto a "bulletproof" system or lease a botnet. Such systems are (currently) found in Malaysia, Panama, China, and much of the old East Bloc. The Russians have been clamping down some, I believe. To take the risk of calling home to a system affiliated or traceable to the spying corporation would be a suicidal risk in my eyes. They would probably need a "consulting hacker" to oversee the deployment and use of the software. This would also mean that the "consultant" could weigh the risk of the action, something an unskilled person would not be able to do at all. So I think they would not just "buy the software and start cracking", frankly, I don't think they'd know where to look and what to look for.
  
  --
  Emotions! In your brain!
6. Re:Pedants ruined this discussion by Securityemo · 2011-02-20 14:27 · Score: 1
  
  And no, you could not use open HTTP/Socks proxies or TOR assuming they where not blocked, not if you wanted to use steganography. Which you would want to, since you want to present an "advanced persistent threat", i.e., you want to monitor the target systems for a long time without getting caught.
  
  --
  Emotions! In your brain!
Police States of America by cosm · 2011-02-20 06:30 · Score: 0

So is it just me, or is it fucking police state of America week on Slashdot?

--
'We are trying to prove ourselves wrong as quickly as possible, because only in that way can we find progress.' RPF
1. Re:Police States of America by Securityemo · 2011-02-20 06:38 · Score: 1
  
  It's Horrible Hour! All drinks at the bar cost their base price plus a random amount of cash between 10% and 90%. If you pay too little, you get fondled. If you pay too much, you get fondled. If you get caught bringing in liquor into the establishment, you are shot.
  
  --
  Emotions! In your brain!
2. Re:Police States of America by oldmac31310 · 2011-02-20 18:07 · Score: 1
  
  why it's police state of America week every week in America. Didn't you know?
  
  --
  http://www.acetonestudio.com
/. news editors by Magada · 2011-02-20 06:47 · Score: 1

A day late and a dollar short, as ever.

--
Something bad is coming when people are suddenly anxious to tell the truth.
Re:I'm a little teapot, MOTHERFUCKER by Anonymous Coward · 2011-02-20 06:55 · Score: 0

No, you are a LARGE teapot. And for the sake of everyone's eyes please pull up your pants when you are outside. Get some suspenders or something.
Re:I'm a little teapot, MOTHERFUCKER by Anonymous Coward · 2011-02-20 06:59 · Score: 0

And if you tip me over, will I not pour out?
99.7% of stories by samzenpus are overhyped... by denzacar · 2011-02-20 06:59 · Score: 1

That's his "style". Why do they let him out of "idle" section is beyond me.
Pretty soon all "editors" will concentrate more on hype than on anything else, and summaries will have all the quality and integrity of io9 posts.
Just wait and see... Soulskill is already somewhat of a samzenpus-lite.

--
Mit der Dummheit kämpfen Götter selbst vergebens
If that qualifies as "White hat"... by Anonymous Coward · 2011-02-20 07:04 · Score: 0

... then I'm both the Pope and the fucking Queen of Britain.
Re:I'm a little teapot, MOTHERFUCKER by Securityemo · 2011-02-20 07:17 · Score: 1

Just not on my carpet; on my neighbors carpet if you will. I have work and guests to attend to, and he's a sorry old man-crone, not to mention poor. And I suspect he steals my newspaper on Saturdays sometimes. Just don't tell him I said that, or our many affairs and conspiracies will go sour.

--
Emotions! In your brain!
The hats color is seen from victims perspective by Anonymous Coward · 2011-02-20 07:45 · Score: 0

If HBGary was doing this to help the people they were hacking, then they are white hat.
But the were doing it to destroy the people they were hacking, so they were black hat.
Gary's Mod by Anonymous Coward · 2011-02-20 08:05 · Score: 0

This must be that Gary's Mod I've seen on Steam.
ports and more ports by Eil · 2011-02-20 11:03 · Score: 1

They focused on portsâ"a laptop's interfaces to the world around itâ"including the familiar USB port, the less-common PCMCIA Type II card slot, the smaller ExpressCard slot, WiFi, and Firewire. No laptop would have all of these
Funny, my Thinkpad does.
1. Re:ports and more ports by Anonymous Coward · 2011-02-21 23:41 · Score: 0
  
  No laptop would have all of these
  Funny, my Thinkpad does.
  So does my Pismo (with an expressCard to PCMCIA adaptor.) The good ol' days
White vs. Gray vs. Black by glenfahan · 2011-02-20 16:07 · Score: 1

In my opinion, the best description of the differences between these three classes of hackers is the following:
White hat: They will only use their knowledge for defensive capabilities. Creating a new virus in a lab setting that is only used to improve mitigation techniques would still be defensive measure.
Gray hat: They will do offensive hacking, but only when they feel it is for a moral purpose. Breaking into a database or website to track down "bad" people is a great example of moral ambiguity that falls into the gray category.
Black hat: They will break things for fun and profit.
If you accept these definitions, the actions described in the article are definitely not white hat. As a matter of fact, if you actually RTFA the title is "Black ops: how HBGary wrote backdoors for the government" I did not see any mention of white hat in the article.
Aside from the poor choice of words in the /. headline, I don't see the big deal. I did not see anything outside what I would assume is normal.
I thought the coolest insight was how Greg Hoglund does some of his research.
But it only works for Windows, right? by oldmac31310 · 2011-02-20 18:05 · Score: 1

so the sane and Windows-free among us are safe from these underhand gubmint sponsored tactics. Anyone?

--
http://www.acetonestudio.com
"...at least two?" by Anonymous Coward · 2011-02-20 19:44 · Score: 0

I think lots of laptops available now have almost all those ports...?
Nixon by ThatsNotPudding · 2011-02-21 00:46 · Score: 2

He was just ahead of his time. Now, honesty is a vice and expediency is a virtue.
Modified. by elucido · 2011-02-21 23:45 · Score: 1

White hats don't break the law. If it's legal then it's okay.
Grey hats break some laws, but only to do their jobs and not any really important laws.
Black hats will use any means necessary, including abuse of human rights and breaking the law.
A white hat doesn't break the law.A black hat does by elucido · 2011-02-21 23:49 · Score: 1

The government is the one who invented this white hat black hat division.
White hats are the hackers who refuse to break the law. They can write offensive programs, they can be investigators, they can hack terrorists, because they have a search warrant and it's not illegal.
Grey hats are the hackers who will break the law in the name of research, science, security and or improvement. They wont break just any law, but the minor laws that nobody will arrest them for.
Black hats will break any and every law because they don't care about laws.
So the difference between the hats are their fear of or respect for the law. This would make HBGaryFederal white hats unless you can show they didn't have a search warrant. If they are government contractors with permission from the FBI or whomever then they had a search warrant and were not breaking the law. In essence they are cyber cops.
Actually you are correct. by elucido · 2011-02-21 23:53 · Score: 1

The White Hat and Black Hat divide was invented entirely by and for the government so that the government could categorize the hacker community. In essence the only difference between White Hat and Black Hat is that the White Hat follows the law when conducting their hacks. Despite what you think, the federal government had legal authority under the patriot act and other previsions to wiretap. The government still can get a search warrant and once a search warrant is obtained then any group of contractors can be hired to execute the search warrant.
Wrong again. by elucido · 2011-02-21 23:58 · Score: 1

If you break the law period, you're a Black Hat.
If you follow the law period, you're a White Hat.
What HBGaryFederal did was not against the law. If they were contractors for federal agencies, they have the authority of the FBI which means they have the legal authority to do these types of searches.
I don't necessarily like it. The Patriot Act and many other Bush era laws were set in place that we don't like. But the law specifically says the government can do practically anything it wants to us in a time of war. The US is technically in war time, and the government has war powers, if the government deems anyone an enemy combatant, a terror suspect or anything like that, they can get a warrant to conduct a search which could include wiretapping, or hacking.
The problem I have is when the law is clearly broken. It's unknown from the information in those emails whether or not HBGaryFederal broke any laws but it does not seem that they did.
That would make the US Gov Black Hat. by elucido · 2011-02-22 00:00 · Score: 1

If HBGaryFederal is Black Hat and working in the interest of protecting the security of the US Government, then the US Government is also Black Hat. Correct?
1. Re:That would make the US Gov Black Hat. by Jeremiah+Cornelius · 2011-02-22 07:27 · Score: 1
  
  Black is 3 shades lighter and brighter, than the colour of the US hat.
  Anyone who operates "Delta Forces" and runs "Black Sites" and commits the horrors of a Guernica, on a daily basis?
  The answer is not that the US wears a "Black Hat". It is that the US has a Black Heart.
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
The government owns America. by elucido · 2011-02-22 00:03 · Score: 1

Which is why if they give themselves permission to wiretap and hack all of our computers and networks, they have the permission.
The FCC gave them that legal authority a long time ago.
1. Re:The government owns America. by WorBlux · 2011-02-22 14:12 · Score: 1
  
  The FCC is just a subset of the them you mention.
Exactly. by elucido · 2011-02-22 00:13 · Score: 1

Your countries espionage White hats would be other countries Black Hats as there are always many more other countries and you would also consider other countries White Hat espionage agents as Black Hats, the numbers are definitely for Black Hats as the appropriate nomenclature.
Time of course to point out the stupid. You also would be giving away dangerous technology that once discovered could and would be used against you. Now to make that even worse, you can not defend against the attack without alerting others to it thus defeating it's value, what can you say but, "the stupid, oh my God, it burns". So not only Black hats but really bloody stupid Black Hats.
The White Hats can and must aggressively hack. This is the only way they can hack Al Qaeda.
I find it funny this site at one time will claim they can't wait for the US Cyber Command and wants the USA to win the Cyber War, but then gets angry at HBGaryFederal. I don't agree with or understand why HBGaryFederal was hacking American citizens and in specific hacking some of the people they chose, but I also am not President Obama.
Before we judge what they were doing, we ought to wait until the full story comes out. According to definition they are the US White Hat Cyber Army. They hack Al Qaeda. They hack terrorists. They hack some really bad guys, but they also hack Wikileak supporters and Glenn Greenwald.
I don't understand why they'd hack these groups, but I'd assume it would have to do with counter espionage or counter intelligence. It is probably in the interest of US national security, whether we like it or not. Obama probably authorized the whole thing, or the directors of the agencies, so it is what it is. It's just like if the generals told the troops to bomb a mosque, they might not like it but there could be terrorists in the mosque so they bomb it anyway. I'm sure HBGaryFederal's employees were given the impression either by the government or by the people within their company with the connections to government and security clearances that they were acting in the interest of US national security and saving the world etc.
Honestly I do not know what they were told, but don't underestimate the impact or influence of a bunch of generals, agency directors, former government officials, on some low level techies. They probably made these people feel important, probably gave them a mission of some sort, something like mission impossible or Sneakers. It's just they apparently fucked it up.
The ego of Aaron Barr caused this. He decided to go to the media and announce that he had dirt on Anonymous. He decided to make contact with Anonymous. Why on earth would he make contact with them? They'd never have found out who he was or what HBGaryFederal was if he hadn't made contact.
1. Re:Exactly. by rtb61 · 2011-02-22 00:26 · Score: 1
  
  The basic principle still stands, to hack a network you basically must exploit a weakness. The ultimate goal of all security experts is to close all weaknesses. You can not exploit what you close, you can not secure what you leave weak. Any security organisation that knowingly leaves citizens exposed to security holes, in order to pursue personal promotions via committing crimes in other countries is in fact acting in a treasonous manner.
  The white hate chooses honour and integrity and secures networks, the black hat chooses personal success and leaves discovered security weakness in place so that they can exploit them, for what ever reason and in which ever location the choose.
  
  --
  Chaos - everything, everywhere, everywhen
2. Re:Exactly. by elucido · 2011-02-22 01:56 · Score: 1
  
  The basic principle still stands, to hack a network you basically must exploit a weakness. The ultimate goal of all security experts is to close all weaknesses. You can not exploit what you close, you can not secure what you leave weak. Any security organisation that knowingly leaves citizens exposed to security holes, in order to pursue personal promotions via committing crimes in other countries is in fact acting in a treasonous manner.
  The white hate chooses honour and integrity and secures networks, the black hat chooses personal success and leaves discovered security weakness in place so that they can exploit them, for what ever reason and in which ever location the choose.
  So international terrorist groups like Al Qaeda cannot be hacked? That to me is ridiculous.
  How do you have a cyber war if there are no offensive capabilities?