翻訳と辞書
Words near each other
・ "O" Is for Outlaw
・ "O"-Jung.Ban.Hap.
・ "Ode-to-Napoleon" hexachord
・ "Oh Yeah!" Live
・ "Our Contemporary" regional art exhibition (Leningrad, 1975)
・ "P" Is for Peril
・ "Pimpernel" Smith
・ "Polish death camp" controversy
・ "Pro knigi" ("About books")
・ "Prosopa" Greek Television Awards
・ "Pussy Cats" Starring the Walkmen
・ "Q" Is for Quarry
・ "R" Is for Ricochet
・ "R" The King (2016 film)
・ "Rags" Ragland
・ ! (album)
・ ! (disambiguation)
・ !!
・ !!!
・ !!! (album)
・ !!Destroy-Oh-Boy!!
・ !Action Pact!
・ !Arriba! La Pachanga
・ !Hero
・ !Hero (album)
・ !Kung language
・ !Oka Tokat
・ !PAUS3
・ !T.O.O.H.!
・ !Women Art Revolution


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

grey hat : ウィキペディア英語版
grey hat

In Internet slang, the term "grey hat" or "gray hat" refers to a computer hacker or computer security expert whose ethical standards fall somewhere between purely altruistic and purely malicious. The term began to be used in the late 1990s, derived from the concepts of "white hat" and "black hat" hackers. When a white hat hacker discovers a vulnerability, they will exploit it only with permission and not divulge its existence until it has been fixed, whereas the black hat will illegally exploit it and/or tell others how to do so. The grey hat will neither illegally exploit it, nor tell others how to do so.
A further difference among these types of hacker lies in their methods of discovering vulnerabilities. The white hat generally breaks into systems and networks at the request of their employer or with explicit permission for the purpose of determining how secure it is against hackers, whereas the black hat will break into any system or network in order to uncover sensitive information and for personal gain. The grey hat generally has the skills and intent of the white hat but will break into any system or network without permission.
According to one definition of a grey-hat hacker, when they discover a vulnerability, instead of telling the vendor how the exploit works, he or she may offer to repair it for a small fee. When one successfully gains illegal access to a system or network, he or she may suggest to the system administrator that one of his or her friends be hired to fix the problem; however, this practice has been declining due to the increasing willingness of businesses to prosecute. Another definition of Grey Hat maintains that Grey Hat hackers only arguably violate the law in an effort to research and improve security: legality being set according to the particular ramifications of any hacks they participate in.

In the search engine optimization (SEO) community, grey hat hackers are those who manipulate web sites' search engine rankings using improper or unethical means but that are not considered search engine spam. 〔 〕
==History==
The phrase ''grey hat'' was first publicly used in the computer security context when DEF CON announced the first scheduled Black Hat Briefings in 1996, although it may have been used by smaller groups prior to this time. Moreover, at this conference a presentation was given in which Midge, a key member of the hacking group L0pht, discussed their intent as grey hat hackers to provide Microsoft with vulnerability discoveries in order to protect the vast number of users of its operating system. Finally, Mike Nash, Director of Microsoft’s server group, stated that grey hat hackers are much like technical people in the independent software industry in that “they are valuable in giving us feedback to make our products better.”
The phrase ''grey hat'' was used by the hacker group L0pht in a 1999 interview with ''The New York Times'' to describe their hacking activities.
The phrase was used to describe hackers who support the ethical reporting of vulnerabilities directly to the software vendor in contrast to the full disclosure practices that were prevalent in the white hat community that vulnerabilities not be disclosed outside of their group.
In 2002, however, the Anti-Sec community published use of the term to refer to people who work in the security industry by day, but engage in black hat activities by night.〔(Digitalsec.net ) #Phrack High Council. 20 August 2002. "The greyhat-IS-whitehat List"〕 The irony was that for black hats, this interpretation was seen as a derogatory term; whereas amongst white hats it was a term that lent a sense of popular notoriety.
Following the rise and eventual decline of the full disclosure vs. anti-sec "golden era"—and the subsequent growth of an "ethical hacking" philosophy—the term ''grey hat'' began to take on all sorts of diverse meanings. The prosecution in the U.S. of Dmitry Sklyarov for activities which were legal in his home country changed the attitudes of many security researchers. As the Internet became used for more critical functions, and concerns about terrorism grew, the term "white hat" started referring to corporate security experts who did not support full disclosure.〔

In 2008, the EFF defined grey hats as ethical security researchers who inadvertently or arguably violate the law in an effort to research and improve security. They advocate for computer offense laws that are clearer and more narrowly drawn.〔(EFF.org ) Electronic Frontier Foundation (EFF). 20 August 2008. "A 'Grey Hat' Guide"〕

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「grey hat」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.