Mudge

From Hack Story

(Difference between revisions)
Jump to: navigation, search
 
Line 114: Line 114:
 
not your own self image -- the former is possible, and the latter is
 
not your own self image -- the former is possible, and the latter is
 
not accomplished without being a part of the former." -- Patrick Gray
 
not accomplished without being a part of the former." -- Patrick Gray
 +
 +
--
 +
 +
Despite the obvious failures of their affiliates, the military continues to
 +
try to draw talent from independent hackers. DARPA made a public offering
 +
to hackerspaces in the US to do "research designed to help give the U.S.
 +
government tools needed to protect against cyberattacks". The program
 +
Cyber-Insider (CINDER) is headed by Peiter "Mudge" Zatko [7] who-- like
 +
many of us-- used to be a teenage hacker associated with the Cult of the
 +
Dead Cow and old-school hacker space l0pht. Peiter eventually "went
 +
straight" when they formed security consulting firm @Stake which was later
 +
acquired by Symantec. Now he's completed the vicious circle from teenage
 +
hacker to "security professional" to full blown military employment,
 +
serving as an example to aspiring hackers as what NOT to do. Mudge has now
 +
been speaking at hacker conferences like Schmoocon as well as various DARPA
 +
Industry Day events in an attempt to recruit more hackers into the DARPA
 +
fold. Hackerspaces, which are becoming a growing trend not only in the US
 +
but also internationally, are often strapped for cash to pay rent or
 +
purchase equipment, and because of unique problem-solving skills and a DIY
 +
hacker ethic are being looked at by employers in both private and
 +
government fields.  Unfortunately, many hackerspaces are "non-political"
 +
and are mostly composed of people more interested in a career than the
 +
hacker ethic, making many especially vulnerable to pressure to do research
 +
for the military or inform on other hackers to law enforcement.
 +
 +
http://phrack.org/issues.html?issue=68&id=16#article
  
 
[[Category: Hackers]]
 
[[Category: Hackers]]

Latest revision as of 11:07, 16 April 2012

Staff Zap (Under Construction)black.jpg

http://www.zdnet.com.au/insight/security/0,39023764,39116620-6,00.htm

Name: Peiter Mudge Zatko Handle(s): Mudge, PeiterZ Marital status: Single Current residence: New England, USA Job: Chief Scientist, Intrusic First computer: Tektronix 4051 Best known for: Creating L0phtCrack Area(s) of expertise: "Thinking outside of the box"


It's hard to tell if Peiter Mudge Zatko was born eccentric or whether he's just a stickler for privacy.

Take the response to ZDNet Australia's request for his age as an example: "[I'm] not trying to be coy, but my age, race, religion, etcetera, are always items I try not to divulge. The rationale is probably quite different than what most people infer. It is as follows: without irrelevant information such as skin colour and the aforementioned items, people are stripped of data that normally would encourage functional fixation."

It seems Zatko's brain has been over-clocking from a very young age.

"When I was growing up, around the age of five or so, I couldn't wrap my head around 'life'.

"The notion of death being an accepted unknown without any further details drove me bonkers," he told ZDNet Australia.

Some may argue that existentialist dilemmas such as these belong to adults, or at the very least in the adolescent domain. But Zatko was introduced to a myriad of advanced concepts at an extremely tender age.

"In my crib, as an infant, my father sanded down the edges of early 60s-type computer components ... like the face plates of systems with glowing [amber] numeric 'vacuum tube style' readouts," he recalled.

The way Zatko speaks of him suggests that his father was his mentor in life.

"I asked my father what he believed in -- what his religious beliefs were. He refused to tell me. Instead, he started taking me to churches of different denominations each Sunday and would ask me what my interpretations were.

"Several years later I came up with my own 'codified' religious beliefs," Zatko said.

And he's fanatical about getting the job done. "Anything that I do, I must engross myself in totally," he said.

To Zatko, there's no distinction between work and personal life, and readily admits that his life knows no balance. "There's also no difference between business and personal relationships. When I decided to get into Golden Gloves Boxing and Muay Thai [boxing] it was to master them. When I deal with computers it is to entirely comprehend the socio-psychological interactions and weaknesses they introduce," he revealed.

His parents, while educated, came from fairly blue-collar backgrounds. He said his mother "experienced the depression" while his father grew up working on a farm. As a child, Zatko was given musical training, and was taught science and mathematics while maintaining a "respect for manual labour and living off the land".

He still holds dear to his heart the values his parents instilled in him while growing up. "I was intentionally given freedom and a feeling of independence at a young age. In looking back the rationale was obvious: learn decision making and life choices while you are still able to be protected paternally," he explained. "I watched people self destruct at the tail-end of high school and in college -- where it was obvious that that was their first taste of freedom."

In 2000, Zatko was invited to participate in a security summit chaired by former US President Bill Clinton. "I was afforded the rare opportunity to hang out with him afterwards and engage in some private conversations," he said. "I have tons of stories but they're too long."

As one of the founding members of grey hat outfit L0pht Heavy Industries -- which later became the foundation for security firm @Stake -- he was responsible for the creation of L0phtCrack, a product still sold by @Stake.

L0pht Crack is a simple product and a remarkably affective password cracker for Windows-based systems. Zatko insists he wrote it to prove a point and not for commercial reasons.

"When I first created and wrote it, one of the goals was to show that the Microsoft systems being deployed could not embody 'secure' encrypted passwords ... not that there were some passwords that were stronger than others.

"This didn't mean that people should not use Microsoft technology but rather they should understand where their security perimeters needed to be in order to take advantage of the [Microsoft] platform without exposing undue risk to infrastructures," he said.

"Is something like L0phtCrack still useful? Yes. Is this an example of people misinterpreting what a tool is showing them and potentially having a false sense of security because of it? Unfortunately, the answer is again yes," he added.

Zatko believes that example -- the misuse of a tool like L0phtCrack -- applies to many security products. He has some advice to help improve the situation, though: "Share, be open, communicate, ask questions to all, share the answers that help you with [everyone], do not think in black and white, do not hurt others or yourself. Improve the world, not your own self image -- the former is possible, and the latter is not accomplished without being a part of the former." -- Patrick Gray

--

Despite the obvious failures of their affiliates, the military continues to try to draw talent from independent hackers. DARPA made a public offering to hackerspaces in the US to do "research designed to help give the U.S. government tools needed to protect against cyberattacks". The program Cyber-Insider (CINDER) is headed by Peiter "Mudge" Zatko [7] who-- like many of us-- used to be a teenage hacker associated with the Cult of the Dead Cow and old-school hacker space l0pht. Peiter eventually "went straight" when they formed security consulting firm @Stake which was later acquired by Symantec. Now he's completed the vicious circle from teenage hacker to "security professional" to full blown military employment, serving as an example to aspiring hackers as what NOT to do. Mudge has now been speaking at hacker conferences like Schmoocon as well as various DARPA Industry Day events in an attempt to recruit more hackers into the DARPA fold. Hackerspaces, which are becoming a growing trend not only in the US but also internationally, are often strapped for cash to pay rent or purchase equipment, and because of unique problem-solving skills and a DIY hacker ethic are being looked at by employers in both private and government fields. Unfortunately, many hackerspaces are "non-political" and are mostly composed of people more interested in a career than the hacker ethic, making many especially vulnerable to pressure to do research for the military or inform on other hackers to law enforcement.

http://phrack.org/issues.html?issue=68&id=16#article

Retrieved from "https://hackstory.net/Mudge"
Hackstory.es - La historia nunca contada del underground hacker en la Península Ibérica.