White hat hackers often overlap with black hat depending on your perspective. The primary difference is that a white hat hacker observes the hacker ethic, a sort of golden rule of computing similar to: Do unto others as you would have them do unto you. Like black hats, white hats are often intimately familiar with the internal details of security systems, and can delve into obscure machine code when needed to find a solution to a tricky problem without requiring support from a system manufacturer.
An example of a hack: Microsoft Windows ships with the ability to use cryptographic libraries built into the operating system. When shipped overseas this feature becomes nearly useless as the operating system will refuse to load cryptographic libraries that haven't been signed by Microsoft, and Microsoft will not sign a library unless the US Government authorizes it for export. This allows the US Government to maintain some perceived level of control over the use of strong cryptography beyond its borders.
While hunting through the symbol table of a beta release of Windows, a couple of overseas hackers managed to find a second signing key in the Microsoft binaries. That is without disabling the libraries that are included with Windows (even overseas) these individuals learned of a way to trick the operating system into loading a library that hadn't been signed by Microsoft, thus enabling the functionality which had been lost to non-US users.
Whether this is good (white hat) or bad (black hat) may depend on whether you are the US Government or not, but is generally considered by the computing community to be a white hat type of activity.
![[HaBo]](/styles/default/logoklein.png){kind=small}
