Skip to main content

Infosec community debates changing ‘Black Hat’ terminology

A Google security researcher has chosen to withdraw from speaking at the Black Hat security conference this year and has asked the information security community to stop using the terms “black hat” and “white hat”, as reported by ZDNet. David Kleidermacher, VP of Engineering at Google, said that the terms contribute to racial stereotyping.

“I’ve decided to withdraw from speaking at Black Hat USA 2020,” Kleidermacher wrote on Twitter. “Black hat and white hat are terms that need to change. This has nothing to do with their original meaning… These changes remove harmful associations, promote inclusion, and help us break down walls of unconscious bias.”

I’ve decided to withdraw from speaking at Black Hat USA 2020. I’m deeply grateful for the offer to speak, and for the great work the conference has done over the years to protect users through transparency, education, and community building.

— David Kleidermacher (@DaveKSecure) July 3, 2020

Get your weekly teardown of the tech behind PC gaming
Check your inbox!

Kleidermacher also referred to the need to update gendered terms like “man-in-the-middle,” a type of cyber attack, to a gender-neutral term like “person-in-the-middle.”

Many in the infosec community pointed out that the terms “black hat” and “white hat” did not originate from references to race, but rather to the tradition in Western movies in which the hero typically wears a white hat and the bad guy wears a black hat. But Kleidermacher anticipated this objection, writing that, “the need for language change has nothing to do with the origins of the term black hat in infosec. Those who focus on that are missing the point. Black hat/white hat and blacklist/whitelist perpetuate harmful associations of black=bad, white=good.”

Although this latest debate was clearly inspired by recent Black Lives Matter campaigning and a broader conversation around racial justice in the U.S. and beyond, this discussion is not new. A similar discussion has been going on for decades over software terms like “master” and “slave,” which are frequently used to describe dependencies in documentation. Programming language Python, for example, removed this terminology from its documentation in 2018.

However, unlike the master/slave example which was broadly agreed over time to be offensive, the black hat/white hat issue has been more contentious. Hackers concerned with racial justice worried on Twitter that there was a “huge danger that we waste the moment shuffling words around instead of changing power systems” and argued for “more than a name change” such as inviting more Black hackers to speak at events, funding scholarships for Black hackers, and paying to train more Black hackers.

It may be fine for white folks to cloak themselves in the imagery of black: black hats are enigma, sinister, counterculture, cool. But Black folks don’t need your help being associated with criminality. It’s not cool. For us. We don’t own that image. 10/x

— Brian Anderson (@btanderson72) July 4, 2020

Information security analyst Brian Anderson wrote a thread discussing the harm done by careless terminology. He concluded that changing naming conventions without addressing the larger issues affecting minority hackers, such as cost and the predominantly white lineup of speakers at events, was performative. “I’m glad people are actively or thinking of giving up their coveted roles in Black Hat,” he wrote. “That’s great. But. But. Who is being served by this action? What’s the objective? Who benefits? How? That’s the conversation we have to have.”

Editors' Recommendations

Georgina Torbet
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
A new Windows 11 hardware system requirement may be incoming
A man sits, using a laptop running the Windows 11 operating system.

Microsoft appears to finally be putting its foot down on how far back it's willing to go when it comes to supporting older hardware. As of the upcoming Windows 11 24H2 build, Microsoft will require that your processor supports the POPCNT instruction. If you're wondering what that is and whether this will affect you, you're not alone.

This new addition was spotted by Bob Pony on X (formerly Twitter). According to the user, if the CPU doesn't support the POPCNT instruction or it's disabled, Windows won't work at all. Multiple system files now require this instruction, starting with the Windows 11 kernel. Long story short -- no POPCNT, no Windows 11 24H2.

Read more
How to install Android apps on Windows 11
Android Apps on Windows 11.

The best way to install Android apps on Windows 11 is to do so via the Amazon Appstore. In order to do that, you'll need to set up the Windows Subsystem for Android (if it's not already set up on your PC), install the Amazon Appstore app, and enable virtualization if prompted. In this guide, we'll show you how to do all of that so you can start installing Android apps on your Windows 11 PC.

Read more
OpenAI’s new AI-made videos are blowing people’s minds
An AI image portraying two mammoths that walk through snow, with mountains and a forest in the background.

OpenAI's latest venture into AI might be its most impressive one to date. Dubbed "Sora," this new text-to-video AI model has just opened its doors to a limited number of users who will get to test it. The company launched it by showing several videos made entirely by AI, and the end results are shockingly realistic.

OpenAI introduces Sora by saying that it can create realistic scenes based on text prompts, and the videos shared on its website serve to prove it. The prompts are descriptive, but short; I've personally used longer prompts just interacting with ChatGPT. For instance, to generate the video of wooly mammoths pictured above, Sora required a 67-word prompt that described the animals, the surroundings, and the camera placement.

Read more