.oO Phrack 49 Oo. Volume Seven, Issue Forty-Nine 4 of 16 -:[ Phrack Pro-Phile ]:- We discussed for a long time who in the hacking world today best exemplifies everything that is right with hacking today, and we came up with a unanimous conclusion that it was Mudge. And so we were quite happy that our first choice for the first pro-phile that we have done accepted our invitation. He cracked your Apple warez when you couldn't, he wrote buffer overflows before they were cool, he owned your Sendmail (and probably still does), and he still manages to give more back to the community than anyone else around. We can't say much more about him so let's see what he has to say for himself... Mudge ~~~~~ Personal ~~~~~~~~ Handle: mudge Call him: Enough people know it that its not secret, if you know it great, if not you probably don't have to. Past handles: Many old Apple ][ crackers remember me by a different handle. That handle is long put to rest thanks to the government. Handle origin: Mudge is a very common Irish last name. Though I'm not Irish I met someone with the name and couldn't believe it was a proper name. Out of homage to this person I took it as a handle several years ago (and since I couldn't use the old one for legal reasons). Date of Birth: Mid to Late '60s Age at current date: Mid to Late 20s Height: 6'0" Weight: 150 Eye color: Blue Hair Color: Brownish / dirty blonde and loooong Computer: MPP Risc machine with 16 processors, 4 processor i860 Cadmus, 2 Sparcs, my original Apple ][+, NeXT cube, 486, 4 Sun 3's, Textronix 4051, SouthWest Technical Products 75 Sysop/Co-Sysop of: Cell-Block, Magic Tavern, Co-Sysop on the old Circus and Circus-II boards, ATDT, Works, and various AEs scattered across the country. And a little place called the l0pht. Boards Frequented: Terrapin Station, Metal Shop, Black Crawling Systems, Used to hang on Rutgers' with the old Darpa people (they know who they are) through telenet. Net address: mudge@l0pht.com Favorite Things ~~~~~~~~~~~~~~~ Women: Not a big womanizer, when I hook up with someone it's usually for quite some time. Though it's always nice when big companies try to bribe you other ways. (Moreso 'cause it shows how sleazy the big companies are in comparison to human beings :>) Cars: Ford GT40, Porsche Wolf, Ferrari 318's, and of course a black SVT Cobra with black leather interior. Foods: Beer Beers: Mateen Triple - with a runner up of Pilsner Urquell Music: Frank Zappa, Dream Theater, Rush, Gentle Giant, King Crimson Instruments: Guitar. I actually hold advanced degrees in music (hehe had to make some money so here I am back in the 'puter world). Guitars: Ibanez 7 string, Gibson es225 Jazzer, and a custom built Ibanez from an endorsement deal (which is signed by 2 porn stars) Books: Jack of Shadows, Roadmarks, Stranger in a Strange Land, This Immortal, Steal this Urine Test, Steal this Book, PANIC - the wonderful Sparc buffer overflow writers bible. Turn Ons: Pet Rocks Turn Offs: 7/11 employees who think they can dance to Frank Zappa Other Passions, Interests, Loves: I love running the l0pht and the people that are involved in it. There's nothing like knowing that you are, at least attempting, to keep information flowing and offering back to the community. I love a lot of things. It's nice to see there is a sense of humor in the scene, and that there are still enough old-school hackers that are willing to help if approached correctly Granted there aren't enough of the older ones to answer every aol.com e-mail... It's a great feeling to be beneficial to both sides. For instance: when the 8.7.5 sploit went out and when we were doing a lot of work on SecureID (which much to their schagrin we got *really* far) that both the people writing the software and the hackers were happy to see our results. It's all about information and learning. If you stop learning... you're not doing it right. Unfortunately... it usually takes disseminating sploits to get some of the large companies to fix their buggy software. Most Memorable Experiences ~~~~~~~~~~~~~~~~~~~~~~~~~~ Having a bunch of suits get out of, yes, K-cars and take away most of my belongings - learning 6502 (and living it) assembler - writing my first buffer overflow a few years back - the band cutting it's first audio CD - playing the music for one of Hobbit's laser shows - having Wietse Venema ask me "not" to break into bell labs at a talk he was giving - having the bellcore author of the OTP RFC write me e-mail realizing that I had beaten him to the punch with vulnerabilities - everyday that I spend with my girlfriend - hearing one of the songs I wrote and played on being played on the radio - The L0pht and it's people - everytime that you finish working on a new project and it actually works [especially when you are working on a hypothetical exploit and it pans out]. Some People to Mention ~~~~~~~~~~~~~~~~~~~~~~ Cheshire Catalyst for the initial inspiration. The L0pht folks, Raven, Hobbit for being a flat out brilliant fucker, ReDragon (best sense of humor - and best patience... look who he works for ;-)), Glyph - one nasty coder, Squarewave for providing countless hours of ooh's and aahhh's while pouring through his code. The NewHack folks. G-heap, Pope, SpaceRogue, Kingpin, Tan, Weld, Stefan, Brian Oblivion, t-com, all the standard people that hang out and have a good time at the cons with the l0pht folks (ie the r00t, NHC, l0ck/anti l0ck, cDc...) shit ALL the cDc folks. etc., etc. etc. The ASR guys. There are so many people that have contributed so much. I'm sure I've left out many. The biggest one: my father [the only person who could sit there and grin through all of it... and explain the leafing procedures and how the 6502 REALLY worked] (that's not leafing through on the Apple ][+... two separate things). A few things you would like to say: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ French Toast please... 31337 is not a strong XOR key... (unless your secret host key is less than 5 characters long) Thanks to the new phrack lineup for keeping a good thing going. Still remember DL'ing the latest ones along with the Countlegger series and having to Dalton's Disk Disintegrator them back together. Oh yeah... and if someone tells you something is secure... ask them to prove it, and then STILL don't believe them. ~~~~~~~~~~~~~~~~~~~~~ One last thing, in your personal experience, have you found that most people in the scene are pretty much computer geeks? "Absolutely not. I've had the privilege to hang out with everyone from Weitse Venema, Dan Farmer, Casper Dik, Peter Guttman, to the hacker scene like Hobbit, Daemon9, the l0pht folks... and there's very few out of the bunch that I would label 'computer geeks'. Computer geeks seem not to have that creative twist in many cases that hackers have. This is the same twist that says: I don't care what it's _supposed_ to do - I bet I can make it do *this*." Thanks a lot for the prophile. "Thanks a lot for the opportunity."