Hacker Hats

Hackers are often categorized into one of three groups...

White Hats...

• use their abilities for good, ethical, and legal purposes rather than bad, unethical, and criminal purposes (Hoffman)
• disclose vulnerabilities to software vendors so they can be fixed (Zetter)

Gray Hats...

• [don't] work for their own personal gain or to cause carnage, but they may technically commit crimes and do arguably unethical things (Hoffman)
• sell or disclose their zero-day vulnerabilities not to criminals, but to governments—law enforcement agencies (Zetter)

Black Hats...

• violate computer security for personal gain ... or for pure maliciousness (Hoffman)
• steal data, such as passwords, email, intellectual property, credit card numbers or bank account credentials (Zetter)
• sell information about the security holes to other criminals for them to use (Zetter)