Encyclopedia - Encyclopedia Part 4 -
What is a Grey Hat?
In the hacking community, a grey hat refers to a proficient and tech-savvy hacker who is ambivalent enough to sometimes use his program manipulating skills to act illegally in either good or ill will. Grey hats (also known as grey hat hackers) are considered as hybrids of the black hat and white hat hacker types.
Their intentions for hacking don't usually delve into any of the traditional well-intentioned or maliciously driven extremes; that is, they may or many not commit crimes from time to time during the course of their digital undertakings, so they're not exclusively indulging on any one type of activity like their security-improving or network-destroying counterparts would.
One of the reasons why a grey hat would categorize
Himself as "grey" is to distance himself from the two opposing hacker spectrums—white and black, constructive or malicious. For instance, even though a grey hat could gain unauthorized access to a network (an illegal crime in most jurisdictions), he could, at the same time, provide a patch for the exposed vulnerability that allowed him access in the first place without compromising the system he invaded. Also, grey hats may or may not disclose vulnerabilities to the administrators or the general public, or they could even sell them to either white hats or black hats if they so choose.
A grey hat is willing to go to the extremes black hats typically indulge in to prove a point that is usually promoted by white hats; his grey "morality" is the very thing that sets him apart from other pigeonholed hackers. In most situations, they may not disclose their activities due to legal consequences; it's not out of the question for grey hat hackers to hack for personal gain, although it's also not unheard of for them to compromise whole systems for the supposed "greater good" either.
Just like any black hat or white hat hacker, grey hats do hack for a reason, and even though they don't automatically hack for destructive or cruel intentions, they do prefer leaving their motives ambiguous, if not altogether unknown. They may or many not notify a webmaster of a particular vulnerability, or they may even demonstrate the potency of the security hole by action instead of words. Moreover, a grey hat will live or die by his anonymity, and he'll basically do whatever he wants to any computer system he fancies regardless if it's harmful or beneficial (or even both) to the aforesaid network.
At any rate, grey hat hacks are undetectable events that are more passive in nature when compared to black hat hacking (or more active in nature when compared to the detailed warnings and fix suggestions that white hat hackers provide) such as monitoring, penetration testing, or less damaging types of data access, transfer, and retrieval.