Black Hatting in the Six Hats, Six Coats metaphor has is not primarily about security, although it could be included. Black Hatting is about the physical perspective of a system. Edward de Bono calls it the pessimist’s hat.
In the Black Hat perspective engineers determine the economics of goals, networks, data, processes, people and times. As part of the economics they will choose goals, hardware, databases, software, personas and performance metrics and place constraints on the logical design created by the White Hats. Black Hat design is used by the Red Hat implementation team.
Like the other hats, the Black Hat is worn with each of the Six Coats. The basic question is what logic can we support economically and where do we cut back?:
Black Hat, Green Coat: What is our business model? Margin.
Black Hat, Yellow Coat: How do we navigate? Compromise.
Black Hat, White Coat: How is our data organized? Denormalization.
Black Hat, Black Coat: How do we process? Deoptimize.
Black Hat, Red Coat: How do we serve our personas? Satisfice.
Black Hat, Blue Coat: How do we meet performance requirements? Juggle the other hats.
Basically, Black Hat is about taking the ideal system and bending and trimming it until it is a design that can be implemented with the resources economically available. Black Hat also has a reverse purpose when exceptions occur in the transacting system. Black Hats decide how to handle an exception which is to reject the exception or to escalate it up to the White Hats.
Black Hatting is not for the faint of heart. It involves negotiation with the White Hats and often having to settle for less than the best. However, as the resources represented by each of the Six Coats is democratized and made freely available, the Black Hat job is becoming increasingly simpler for websites. Of course, this is not the case for all systems.