Citing a need for society to adjust how it talks in support of racial justice and equality, Kleidermacher called for changing the familiar information-security terms “black hat” and “white hat.” Beyond race, Kleidermacher also suggested that “man in the middle” attacks should be called “person in the middle” attacks. “These changes remove harmful associations, promote inclusion, and help us break down walls of unconscious bias,” Kleidermacher wrote in a series of tweets. “Not everyone agrees which terms to change, but I feel strongly our language needs to (this one in particular).”
As ZDNet reports, Kleidermacher’s call for more neutral language came as Google, Microsoft, Twitter, LinkedIn, GitHub and others have announced plans to change their technical language in the wake of the Black Lives Matter protests. Terms such as “master,” “slave,” “blacklist” and “whitelist” have been going the way of the fax machine.
A “vast majority” of the information security community reportedly took issue with Kleidermacher’s sense, arguing that the origins of the terms “black hat” and “white hat” relate to cowboy movies rather than race specifically. Kleidermacher wrote that the need for change had “nothing to do” with the terms’ origins. “Those who focus on that are missing the point,” he tweeted. “Black hat / white hat and blacklist / whitelist perpetuate harmful associations of black=bad, white=good.”
As Yahoo reports, hackers worried about racial justice pushed for more opportunities for Black hackers, pointing on Twitter to “huge danger that we waste the moment shuffling words around instead of changing power systems.”
Critics also slammed Kleidermacher’s stance as “performative” and “virtue signaling,” as Infosecurity Magazine reports.
In May, the UK National Cyber Security Center updated its terms, swapping out “blacklist” and “whitelist” for “deny list” and “allow list.”