You might not realise this, but there are two kinds of hacker out there.

The good hacker, and the bad. On the side of the angels, are the good hackers, or as they are known in computer security parlance, the White Hats. On the side of evil, are the Black Hats, those that use their skills to invent and develop computer viruses.

And the good news is, the number of White hats is growing, although, to be honest, not all of those in the computer security industry are keen on such terms.

But back for a second to the basics and some more terminology. A “bug” is actually a mistake in a software programme (whether it’s an operating system, or an internet browser, or a simpler application). It’s a weakness, a potential hole in an otherwise sound piece of software. Okay, it’s hardly a rip in the time continuum (a la Doctor Who), but the trouble with these bugs, is that along comes someone and exploits them. In fact, finding a bug and working on its weaknesses, is actually called an ‘exploit.’ And once exploited, new code can be inserted which changes the original characteristics of the software, or gets it to do other things (such as stealing personal data via an internet link).

The good hackers tend to write ‘patches’ to cover the hole created by the bug, whereas the bad hackers force their way in and cause chaos. And some researchers believe there is greater evidence of good hackers around, who are prepared to defend bugs against exploitation.

But for others in the industry, anyone playing around with a bug – or hole – is potentially a danger. They do not see the distinction between black and white hats as others do. What worries them is that anyone messing about with another company’s code, could either inadvertently cause damage, or be tempted to cause damage at a later date.

And hackers often live in a world of their own, a community of like-minded individuals who share a common culture, with its own standards and references. Part of the fun for such skilled coders – almost a sport – is finding the bug in the first place. It’s almost a game, a challenge for them.

Some hackers, once they have found a back way in, then tell the original programmers and let them close the hole. These hackers display an altruism that seeks no reward and they can be said to be true white hats.

Others spot the bug, then threaten the original programmers with the fact that they can then attack their code, and ask for a ransom not to do so.

Others create the exploit and then publish it on the web as a “zero day.” Others then take the exploit and commit the nefarious act of corrupting the original programme for ill-intent. Industry observers point out that few of those who create the ‘exploit’ actually go further and use it; most post them as a zero day and these hackers are known as “script kiddies.”

Of course, there’s a whole raft of hackers who are paid to create exploits. They hammer programmes for companies and Government organisations to see if an exploit can be created.

It’s anyone’s guess how much white hats and black hats can earn out there, but it seems pretty certain that those wearing darker headwear will be putting more away in their bank accounts than their paler counterparts.

Guest Article by Neil Camp