Cybersecurity world refuses to drop “black hat” and “white hat”

Cybersecurity world refuses to drop "black hat" and "white hat" Cybersecurity

Cybersecurity actors have reacted angrily to calls to drop the terms “black hat” and “white hat” against the backdrop of the civil rights movement. For the latter, these two terms and in particular “black hat” have nothing to do with racial stereotypes. The controversy on the subject began this weekend after David Kleidermacher, vice president of engineering at Google and responsible for the security of Android and the Google Play store, withdrew from a conference he scheduled to donate in August at the Black Hat USA 2020 security conference.

In his withdrawal announcement, the leader asked the IT sector to consider replacing terms such as “black hat”, “white hat” man in the middle “with neutral alternatives.

If he had only asked the industry to consider changing these terms, his wish made some industry players jump, who stressed that these terms had nothing to do with racism or the color of the skin, and that they had their origins in classic western movies, where the bad guy usually wore a black hat, while the good guy wore a white hat.

Change is (not) now

Kleidermacher’s request to replace the two terms with more “neutral” alternatives follows a general trend of cleaning up technical language across the technology community. After the Black Lives Matter protests broke out in the United States and Europe, several companies have announced plans to stop using racial and slavery terms in their technical documentation.

Companies like Twitter, GitHub, Microsoft, LinkedIn, Google, Ansible and others have committed to changing the technical language of their products and infrastructure to remove terms like master, slave, blacklist, whitelist and more. Previously, other companies had already started to step back on their vocabulary. Like open source players like Drupal, Python, PostgreSQL and Redis.

In May 2020, the British cybersecurity gendarme, NCSC, announced that it would stop using the terms “white list” and “black list” due to the stigma and racial stereotypes surrounding these two terms. However, the cybersecurity community does not yet seem ready to accept this change for terms it does not consider offensive.



Rate article