[ News ] [ Paper Feed ] [ Issues ] [ Authors ] [ Archives ] [ Contact ]


..[ Phrack Magazine ]..
.:: Phrack Prophile on horizon ::.

Issues: [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ] [ 20 ] [ 21 ] [ 22 ] [ 23 ] [ 24 ] [ 25 ] [ 26 ] [ 27 ] [ 28 ] [ 29 ] [ 30 ] [ 31 ] [ 32 ] [ 33 ] [ 34 ] [ 35 ] [ 36 ] [ 37 ] [ 38 ] [ 39 ] [ 40 ] [ 41 ] [ 42 ] [ 43 ] [ 44 ] [ 45 ] [ 46 ] [ 47 ] [ 48 ] [ 49 ] [ 50 ] [ 51 ] [ 52 ] [ 53 ] [ 54 ] [ 55 ] [ 56 ] [ 57 ] [ 58 ] [ 59 ] [ 60 ] [ 61 ] [ 62 ] [ 63 ] [ 64 ] [ 65 ] [ 66 ] [ 67 ] [ 68 ] [ 69 ] [ 70 ]
Current issue : #60 | Release date : 2002-12-28 | Editor : Phrack Staff
IntroductionPhrack Staff
LoopbackPhrack Staff
LinenoisePhrack Staff
Toolz ArmoryPacket Storm
Phrack Prophile on horizonPhrack Staff
Smashing The Kernel Stack For Fun And Profitnoir
Burning the bridge: Cisco IOS exploitsFX
Static Kernel Patchingjbtzhm
Big Loop Integer ProtectionOded Horovitz
Basic Integer Overflowsblexim
SMB/CIFS By The Rootledin
Firewall Spotting with broken CRCEd3f
Low Cost and Portable GPS Jammeranonymous author
Traffic Lightsplunkett
Phrack World NewsPhrack Staff
Phrack magazine extraction utilityPhrack Staff
Title : Phrack Prophile on horizon
Author : Phrack Staff
phrack.org:~# cat .bash_history

                            ==Phrack Inc.==

              Volume 0x0b, Issue 0x3c, Phile #0x05 of 0x10

|=--------------=[ P R O P H I L E   O N   H O R I Z O N ]=--------------=|
|=-----------------------------------------------------------------------=|
|=------------------------=[ Phrack Staff ]=-----------------------------=|


|=---=[ Specification

                  Handle: horizon
                     AKA: humble, john
           Handle origin: It sounded neat.
               catch him: I'm very easy to find.
        Age of your body: mid 20s
             Produced in: USA
         Height & Weight: 5'11" ~165 lbs.
                    Urlz: Nope
               Computers: A couple of decent x86 boxes and a lot of
                          older stuff..
               Member of: CostCo
                Projects: Currently, stuff for work, and a few personal
                          things that really aren't that interesting.

|=---=[ Favorite things

          Women: Creativity, intelligence, a sense of style.
           Cars: German
          Foods: Indian, Thai, Korean, Greek, Japanese, Lean Pockets
        Alcohol: Helles, Redbull & Vodka
          Music: Screeching Weasel, Fugazi, Stretch Armstrong,
                 Bad Religion, some electronic
         Movies: Big Lebowski, Office Space, Austin Powers, Memento, Pi
Books & Authors: Sigh.. I wish I read more these days.
           Urls: Can't think of any...
         I like: Engaging conversation. Sincerity and conviction.
                 Solving difficult problems. Mr. Show. Gummi Bears.
      I dislike: Unwarranted arrogance. Unwarranted Gummi Bears.

|=---=[ Life in 3 sentences

I've never been normal. I've always felt a sense of purpose. I've tried
to be generous.

|=---=[ Hacker Life

PHRACKSTAFF: You have found quite a lot of bugs in the past and developed
             exploit code for them. Some vulnerabilities required new
             creative exploitation concepts which were not known at that
             time. What drives you into Challenging the exploitation of
             complicated bugs and what methods do you use?  

Well, my motivations have definitely changed over time. I can come
up with several ancillary reasons that have driven me at different times
during my life, and they include both the selfish and the altruistic. But,
I think it really comes down to a compulsion to figure all this stuff
out.

As far as methods, I try to be somewhat systematic in my approach. I
budget a good portion of time for just reading through the program,
trying to get a feel for its architecture and the mindset and techniques
of its authors. This also seems to help prime my subconscious.

I like to start at the lower layers of a program or system and look for
any kind of potential unexpected behavior that could percolate upwards. I
will document each function and brainstorm any potential problems I see
with it. I will occasionally take a break from documentation, and do the
considerably more fun work of tracing back some of my theories to see if
they pan out.

As far as writing exploits, I generally just try to reduce or eliminate
the number of things that need to be guessed.

|=---=[ Passions | What makes you tick

I'm definitely obsessed with computers. One of my original goals in
learning to program as a kid was to develop games, so I've always been
kind of passively interested in that. I'm also interested in artificial
intelligence.

I've been doing Wing Chun kung fu for about two years now, and I find
that to be really rewarding.

I spend a decent bit of my time thinking. I like to read lay-person
oriented overviews of various academic disciplines. I'd really like to
learn more about biology and neuroscience.

|=---=[ Which research have you done or which one gave you the most fun?

I think I've had the most fun when collaborating with others.

|=---=[ Memorable Experiences

Hanging out with sygma, saad, wordsmith, shegget, and all my old irc
friends. Getting into trouble with colonwq. Long, not entirely coherent,
chats with rc.local. :>

The weekend drinking/hacking/coding sessions at neon's place.
boilermakers. Romania. Coding with xaphan. Almost getting fired from my
university job for hacking Microsoft, and then getting let off the hook
when one of their security officers called my boss. Helping joey__ write
his first exploit, and then not understanding how it worked when he had
finished. Working on various stuff with JoC, cham, module, so1o, zorkeres,
binf, and the rest of the r9 guys.

Hanging out with Vacuum and RFP before leaving the US.

The time I spent living in Germany. Working with plaguez and Thomas, two
absurdly brilliant guys. Living with Howard and Sondee.. eating at the
Citta. CCC Camp - Meeting TESO, THC, and many others. linux deathmatch.

Watching people like duke and scut (and many others) get really good, and
hoping that I somehow helped.

Accidentally crashing gatekeeper.

Hanging out in the adm channel. The always interesting discussions with
str and anti. Racing with K2 to write exploits as Sun advisories came
out.

The Firewall-1 speech with Dug and Thomas.

Finally getting my degree.

My european tour with dice. HAL. Meeting silvio. Getting smashed in the
basement of a bar in Poland with the LSD guys. Chilling with Scrippie and
Dvorvak and the members of a Dutch death metal band.

Going to a rave in Miami with JJ and ending up in the keys the day before
a hurricane.

Watching my little brothers grow up.

Tag team coding/auditing with dice.

Working for cool people - Mike, Jim, Pat.

German/reversing lessons from Halvar.

sms's from srpnsrt.

Defcon - meeting digit, cheez, charise, zip, gobbles, i1l, cain, arakis,
caddis, ryan, riley, and so many others.

The fun times I've had in Chicago. Greg's couch. OFP with Paul and
Sergey. The bachelor party with monti and MJ. Meeting the esteemed Sarlo.

|=---=[ What's your architecture of choice? OS of choice?

I tend to use what I'm comfortable with or whatever seems appropriate at
the moment. The three machines that I use most of the time are currently
running XP, Linux, and OpenBSD.

|=---=[ Quotes

"Jesus Christ John McDonald!"

"odd"

"So, basically, what you are saying is that we should try to find the
reactors."

"Hey, I just work here..."

|=---=[ Open Interview

Q: When did you start playing with computers?

I got a c64 when I was 6.

Q: When did you had your first contact to the 'scene'?

1997 or so.

Q: When did you for your first time connect to the Internet?

1993. I had a part time job in high school programming for a satellite
research center that had Internet access. From what I recall, I mainly
played around on usenet and ftp sites.

Q: Let's talk a little bit about free research and Copyright. What's your
   opinion about "Copyright on exploits"?

Well, I'm not a lawyer, and I haven't really looked into it. I think that
people should be entitled to do what they want with their work, and that
legal protections are there for a reason. However, I've got no idea what
copyrighting an exploit will actually afford you legally.

Q: If you could turn the clock backward, what would you do different
   in your young life ?

That's a tough one. The Internet has suffered a fair bit for the sake of
my ego. I think I would have handled certain things with more discretion
if I'd had a little more perspective.

|=---=[ One word comments

Give a one word comment to the following topics:

Digital Millennium Copyright Act (DMCA): oceanliner
KIMBLE (the wannabe-hacker)            : hoogedlyboogedly
ADM                                    : fun
NAI                                    : work
THE SCENE                              : which?
Companies buying exploits from hackers : dunno
IRC                                    : idle
CERT                                   : maligned
Full Disclosure Policy                 : careful

|=---=[ Would you work for the government/military? Why or why not?

As much as it suprises me to say it, I don't really have an ideological
opposition to working for my government. I think the combination of
getting a little bit older, spending some time living abroad, and the
recent events in my country has made me more appreciative of certain
things. I think it is safe to say I would do it if I believed I was doing
something positive and I thought it was necessary. Otherwise, I'd avoid
it because it would just make life more complicated.

|=---=[ Please tell our audience a worst case scenario into what the scene
        might turn into.

I guess I could prognosticate about it becoming factionalized, petty,
cruel, insecure, and paranoid, but who would I be kidding?

|=---=[ And if everything works out fine? What's the best case scenario
        you can imagine?

As long as there is a place for new people who show promise, I think things
will be cool.

|=---=[ Any suggestions/comments/flames to the scene and/or specific people?

Think for yourself.

|=---=[ Shoutouts & Greetings

Hi everyone :>


|=[ EOF ]=---------------------------------------------------------------=|

[ News ] [ Paper Feed ] [ Issues ] [ Authors ] [ Archives ] [ Contact ]
© Copyleft 1985-2021, Phrack Magazine.