Estimated reading time: 1 minute, 45 seconds

A debate has broken out among cybersecurity professionals over the use of the term “black hat” after a Google executive called attention to the issue. Earlier this month, David Kleidermacher, a vice president of engineering at Google in charge of Android security and privacy, announced he was withdrawing from a planned speech at the long-running Black Hat USA conference.

Black HatCiting a need for society to adjust how it talks in support of racial justice and equality, Kleidermacher called for changing the familiar information-security terms “black hat” and “white hat.” Beyond race, Kleidermacher also suggested that “man in the middle” attacks should be called “person in the middle” attacks. “These changes remove harmful associations, promote inclusion, and help us break down walls of unconscious bias,” Kleidermacher wrote in a series of tweets. “Not everyone agrees which terms to change, but I feel strongly our language needs to (this one in particular).”

As ZDNet reports, Kleidermacher’s call for more neutral language came as Google, Microsoft, Twitter, LinkedIn, GitHub and others have announced plans to change their technical language in the wake of the Black Lives Matter protests. Terms such as “master,” “slave,” “blacklist” and “whitelist” have been going the way of the fax machine.

A “vast majority” of the information security community reportedly took issue with Kleidermacher’s sense, arguing that the origins of the terms “black hat” and “white hat” relate to cowboy movies rather than race specifically. Kleidermacher wrote that the need for change had “nothing to do” with the terms’ origins. “Those who focus on that are missing the point,” he tweeted. “Black hat / white hat and blacklist / whitelist perpetuate harmful associations of black=bad, white=good.”

As Yahoo reports, hackers worried about racial justice pushed for more opportunities for Black hackers, pointing on Twitter to “huge danger that we waste the moment shuffling words around instead of changing power systems.”

Critics also slammed Kleidermacher’s stance as “performative” and “virtue signaling,” as Infosecurity Magazine reports.

In May, the UK National Cyber Security Center updated its terms, swapping out “blacklist” and “whitelist” for “deny list” and “allow list.”

Last modified on Friday, 10 July 2020
Read 297 times
Rate this item
(0 votes)

Visit other PMG Sites:

click me
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.
Ok Decline