Grey Hat

For example, attacking corporate businesses with unethical practices could be regarded as highly unethical and would normally be considered black hat activity. However, to a grey hat, it may not appear bad even though it is against that local law. So instead of tagging it black hat, it is a grey hat hack.
A person who breaks into a computer system and simply "plants his flag" while doing no damage, is usually classified as a grey hat.

EXAMPLES

The apache.org hack. by {} and Hardbeat

In April 2004, grey hat Hackers gained unauthorized access to apache.org. These people could have tried to damage apache.org servers, write text offensive to apache crew, or distribute Trojans or other malicious actions. Instead, they choose just alert apache crew of the problems and then publish this article , beginning with:

This paper does _not_ uncover any new vulnerabilities. It points out common
(and slightly less common) configuration errors, which even the people at
apache.org made. This is a general warning. Learn from it. Fix your systems,
so we won't have to :)
This paper describes how, over the course of a week, we succeeded in
getting root access to the machine running www.apache.org, and changed
the main page to show a 'Powered by Microsoft BackOffice' logo instead
of the default 'Powered by Apache' logo (the feather). No other changes
were made, except to prevent other (possibly malicious) people getting in.

Arga Unga Hackare vs APB / anti-piracy.se

In 2005, a Swedish ISP was raided and Warez servers were seized. This move was applauded by international media industry, such as the MPAA .

A few days later, AUH Defaced www.antipiratbyran.se (anti-piracy.se). Arga Unga Hackare (AUH) is generally regarded as a Black Hats . However, in this case, it may be argued that this particular action was '''grey'''.

The defacement was unusual, because published information which became the basis for a nation wide discussion regarding abuse of Swedish legal resources, and possibly criminal acts supervised by international anti-piracy industry.

rouge was identified as anti-piracy.se infiltrator of Warez scene.

rouge was identified by name, address and Swedish personal identification number (personnummer)

rouge was shown to be wanted by Swedish authorities for criminal acts.

anti-piracy.se e-mails loosely linked international anti-piracy agencies to these actions (but published e-mails did not show to which extent the case was known outside of Sweden).

In the next few days, other sources (by ISP and media) provided evidence that strongly suggested that:

anti-piracy.se funded warez servers.

anti-piracy.se knew that ISP owners were not aware of servers being used for Warez .

anti-piracy.se put effort into moving the warez servers from a former location to the raided ISP, because the raided ISP had a very good band-width.

anti-piracy.se had been able to influence legal system into not following proper procedures: Raided ISP owners were not interviewed by judge before raid. Raid was needlessly intrusive caused downtime to mission critical infrastructure for systems which did not serve illegal content. anti-piracy.se staff had supervised and instructed Swedish authorities on place what to do.

anti-piracy.se hurry to raid the ISP may have been initiated by the fact that the ISP recently had performed an inventory, in which the warez servers had been notified as unknown servers to be investigated.

The credibility of anti-piracy.se basically was sunk, and they did not deny the allegations. Eventually, anti-piracy.se and ISP reached a settlement, and did not publicly debate the incident further.

So, Black Hat tactics and skills were used by AUH, but they were used to unravel what many considers to be an unethical and criminal conspiracy, which possibly has international ties. This is typically grey shades of ethics, while the methods employed by AUH are unacceptable and unethical, they were used to uncover highly unethical and possibly criminal actions on the part of anti-piracy.se.

SEE ALSO

White Hat

Black Hat

Hacker Ethic

Hacktivism

REFERENCES

The Register - Bahnhof Bust

"Arga unga hackare" tog över Antipiratbyrån - article about the Defacement .

Birgersson och Nylander anmäller Kronofogden - Two famous Swedish IT spokespersons file report (polisanmällan) with Swedish police agency regarding crimes allegedly committed by the Swedish national authority "Kronofogden".

Två Bahnhofanställda utpekade som pirater - Swedish ISP notifies media that two staff members may have been involved in warez activities.

EXTERNAL LINKS

White Hat, Black Hat, Grey Hat links

	APPAREL
	BABY
	BEAUTY
	BOOKS
	CAR TOYS
	CELL PHONES
	DVD'S
	ELECTRONICS
	GOURMET FOOD
	GROCERIES
	HEALTH & PERSONAL
	HOME & GARDEN
	JEWELRY
	MUSIC
	MUSIC INSTRUMENTS
	OFFICE PRODUCTS
	SOFTWARE
	SPORTING GOODS
	TOOLS & HARDWARE
	TOYS
	VIDEO GAMES
	SHOPPING HOME

	MORE SHOPPING...

	CATEGORIES ABOUT GREY HAT

	hacking computer security

Information About

Grey Hat