0

I was preparing a presentation on White hat hackers and ethical hacking, I organized it this way at the moment:

enter image description here

This mindmap is a draft version, of the final thing. By defense, I meant security manager, the ones using black hat techniques to mitigate security flaw, and by attack, I meant NSA and those kinds of organisations.

What I found very interesting is the aspect of legality behind all this, and it's not so easy to find. I found out security manager use nearly the same techniques as black hat but somehow it's legal. Same goes for NSA ones, but I'm having a hard time but this second one. I mean let's say it's USA vs Russia, hackers working for USA government sure will be white hat for USA, but how are they going to consider hackers from Russia's government since they are "enemies"?

schroeder
  • 123,438
  • 55
  • 284
  • 319
  • 2
    What are you hoping to communicate with the mindmap? I'd suggest changes, but I can't sort out the end goal. – schroeder Dec 03 '18 at 09:58
  • I added it so you could react just like you did saying me something was wrong, I really though attackers were under the white hat label but I figured out I was wrong. – Axel Carré Dec 03 '18 at 10:03

1 Answers1

5

You appear to be thinking that actions have universal goodness or badness. This is not true.

A white hat hacker, or a security manager, has permission to do what they do. That is the biggest and most fundamental difference. Without permission, it is no longer "white" and it is no longer legal, in many jurisdictions.

NSA hackers have permission from the US laws to do what they do, but they do not have permission from Russia to do what they do. This means that they are not white hat hackers. They are attackers. It's the same for any country.

schroeder
  • 123,438
  • 55
  • 284
  • 319
  • Thanks for your answers, my subject can be larger than "white hat hackers" only, I find it really interesting and I want to talked about attackers too, do you know where I can get informations about laws applying on "intercountry-hacking"? It's still too abstract for me, I mean it's not a random work like seller (no offense to seller) but it's mindblowing to me than you can be an employee in your country but illegal in an other one. – Axel Carré Dec 03 '18 at 10:01
  • That's not a security question at all. That's a basic question of law. Laws have "jurisdiction". Please start your research on the topic there. – schroeder Dec 03 '18 at 10:03