In one of the classes I teach, I ask my students “What is the difference between White Hat and Black Hat hackers?” Inevitably, the issue of ethics comes up. For those who believe ethics is what separates the two groups, that answer is incorrect (the “correct” answer is “permission”). One definition of White Hat hackers includes those individuals who perform security assessments within a contractual agreement, whereas Black Hats are those individuals who conduct unauthorized penetration attacks on information systems. Even Black Hats sometimes demonstrate ethical behavior.

Take a look at the history ...