I was just thinking that it really bothers me that some SEOs are avowed "white-hats," and don't bother with studying blackhat techniques. Not to do so is a crime of ignorance, and it overlaps with site security as well.  If those honkies don't know about spamming, they won't know the context with regard to, for example, link-condoms and XSS-related security. They also won't know about the backlink exploit in Movable Type blogs. This means they're not fully aware, and can potentially have their sites ambushed by those "evil" blackhatters.

So why are people ashamed to put on a black hat, if only for academic reasons?  Do you really think that you don't have to know how spammers work to design a safe, secure site?  I won't challenge people to find XSS exploits on any of the sites I've made, because they may very well find one.  That said, since I know about XSS, my sites, including a legal site, are less vulnerable by virtue of the fact that I at least knew about this technique when I designed it.  And I knew to plug it up.

It doesn't take a genius to figure out that blackhatters coming to your site and finding creative ways to link to cheesy Viagra sites may hurt you.


Tell an amigo:
  • Sphinn
  • Digg
  • Reddit
  • del.icio.us
  • StumbleUpon
  • Facebook

Related posts:
PubCon / SES Idea: Protecting Yourself From Black Hat Vulnerabilities We all have a mischievous side.  I know I do. ...
Does URL Parameter Order Matter? This is a question I'm currently researching. I have never...