As the Black Lives Matter movement continues to rise, some of our familiar terms are put on racist hats. At a time when racism is touching Americans’ sensitive nerves, it is inevitable that there will be overstepping. In response to calls to abandon the White Hat and The Black Hat, the information security community today reacted angrily, arguing that the terms had nothing to do with racism.
Late last night, David Kleidermacher, Google’s vice president of engineering for Security for Android and Play Marketplace, announced his withdrawal from the Black Hat USA 2020 Security Summit scheduled for August.
In the exit announcement, Kleidermacher implored the information security industry to consider using more neutral terms, including “white hat”, “black hat” and “man-in-the-middle.”
In a tweet, he wrote: “These term adjustments remove harmful connections, promote inclusion, and help us break down barriers of unconscious bias.” While changing the terminology won’t get everyone’s consent, I feel strongly that our language needs to change (especially this). “
While Kleidermacher implored the industry to consider changing these terms, some members mistakenly believed that he wanted to change them through the Black Hat summit.
The “White Hat” and “Black Hat” here are mainly two different types of hackers, the former usually ethical, willing to share vulnerabilities and discoveries with vendors, and other ways to get paid through vulnerability rewards. Black hats, on the other hand, often refer to hackers who have no morals, such as using the outbreak to make an illegal profit.
While some in the information security community agree with Kledermacher, the vast majority disagree, calling it an extreme sign of virtue. Most security researchers point out that these terms have nothing to do with racism or skin color, and originated in classic Western movies, where villains usually wear black hats and good people wear white hats.
It was also pointed out that the dualism of black and white represented evil and good, concepts that had existed since the beginning of civilization and existed long before there was no racial division between humanbeings. Now, the information security community doesn’t seem willing to abandon these two terms, arguing that using them in information security-related writings is not a problem.