phrack.org:~# cat .bash_history ==Phrack Inc.== Volume 0x0b, Issue 0x3c, Phile #0x05 of 0x10 |=--------------=[ P R O P H I L E O N H O R I Z O N ]=--------------=| |=-----------------------------------------------------------------------=| |=------------------------=[ Phrack Staff ]=-----------------------------=| |=---=[ Specification Handle: horizon AKA: humble, john Handle origin: It sounded neat. catch him: I'm very easy to find. Age of your body: mid 20s Produced in: USA Height & Weight: 5'11" ~165 lbs. Urlz: Nope Computers: A couple of decent x86 boxes and a lot of older stuff.. Member of: CostCo Projects: Currently, stuff for work, and a few personal things that really aren't that interesting. |=---=[ Favorite things Women: Creativity, intelligence, a sense of style. Cars: German Foods: Indian, Thai, Korean, Greek, Japanese, Lean Pockets Alcohol: Helles, Redbull & Vodka Music: Screeching Weasel, Fugazi, Stretch Armstrong, Bad Religion, some electronic Movies: Big Lebowski, Office Space, Austin Powers, Memento, Pi Books & Authors: Sigh.. I wish I read more these days. Urls: Can't think of any... I like: Engaging conversation. Sincerity and conviction. Solving difficult problems. Mr. Show. Gummi Bears. I dislike: Unwarranted arrogance. Unwarranted Gummi Bears. |=---=[ Life in 3 sentences I've never been normal. I've always felt a sense of purpose. I've tried to be generous. |=---=[ Hacker Life PHRACKSTAFF: You have found quite a lot of bugs in the past and developed exploit code for them. Some vulnerabilities required new creative exploitation concepts which were not known at that time. What drives you into Challenging the exploitation of complicated bugs and what methods do you use? Well, my motivations have definitely changed over time. I can come up with several ancillary reasons that have driven me at different times during my life, and they include both the selfish and the altruistic. But, I think it really comes down to a compulsion to figure all this stuff out. As far as methods, I try to be somewhat systematic in my approach. I budget a good portion of time for just reading through the program, trying to get a feel for its architecture and the mindset and techniques of its authors. This also seems to help prime my subconscious. I like to start at the lower layers of a program or system and look for any kind of potential unexpected behavior that could percolate upwards. I will document each function and brainstorm any potential problems I see with it. I will occasionally take a break from documentation, and do the considerably more fun work of tracing back some of my theories to see if they pan out. As far as writing exploits, I generally just try to reduce or eliminate the number of things that need to be guessed. |=---=[ Passions | What makes you tick I'm definitely obsessed with computers. One of my original goals in learning to program as a kid was to develop games, so I've always been kind of passively interested in that. I'm also interested in artificial intelligence. I've been doing Wing Chun kung fu for about two years now, and I find that to be really rewarding. I spend a decent bit of my time thinking. I like to read lay-person oriented overviews of various academic disciplines. I'd really like to learn more about biology and neuroscience. |=---=[ Which research have you done or which one gave you the most fun? I think I've had the most fun when collaborating with others. |=---=[ Memorable Experiences Hanging out with sygma, saad, wordsmith, shegget, and all my old irc friends. Getting into trouble with colonwq. Long, not entirely coherent, chats with rc.local. :> The weekend drinking/hacking/coding sessions at neon's place. boilermakers. Romania. Coding with xaphan. Almost getting fired from my university job for hacking Microsoft, and then getting let off the hook when one of their security officers called my boss. Helping joey__ write his first exploit, and then not understanding how it worked when he had finished. Working on various stuff with JoC, cham, module, so1o, zorkeres, binf, and the rest of the r9 guys. Hanging out with Vacuum and RFP before leaving the US. The time I spent living in Germany. Working with plaguez and Thomas, two absurdly brilliant guys. Living with Howard and Sondee.. eating at the Citta. CCC Camp - Meeting TESO, THC, and many others. linux deathmatch. Watching people like duke and scut (and many others) get really good, and hoping that I somehow helped. Accidentally crashing gatekeeper. Hanging out in the adm channel. The always interesting discussions with str and anti. Racing with K2 to write exploits as Sun advisories came out. The Firewall-1 speech with Dug and Thomas. Finally getting my degree. My european tour with dice. HAL. Meeting silvio. Getting smashed in the basement of a bar in Poland with the LSD guys. Chilling with Scrippie and Dvorvak and the members of a Dutch death metal band. Going to a rave in Miami with JJ and ending up in the keys the day before a hurricane. Watching my little brothers grow up. Tag team coding/auditing with dice. Working for cool people - Mike, Jim, Pat. German/reversing lessons from Halvar. sms's from srpnsrt. Defcon - meeting digit, cheez, charise, zip, gobbles, i1l, cain, arakis, caddis, ryan, riley, and so many others. The fun times I've had in Chicago. Greg's couch. OFP with Paul and Sergey. The bachelor party with monti and MJ. Meeting the esteemed Sarlo. |=---=[ What's your architecture of choice? OS of choice? I tend to use what I'm comfortable with or whatever seems appropriate at the moment. The three machines that I use most of the time are currently running XP, Linux, and OpenBSD. |=---=[ Quotes "Jesus Christ John McDonald!" "odd" "So, basically, what you are saying is that we should try to find the reactors." "Hey, I just work here..." |=---=[ Open Interview Q: When did you start playing with computers? I got a c64 when I was 6. Q: When did you had your first contact to the 'scene'? 1997 or so. Q: When did you for your first time connect to the Internet? 1993. I had a part time job in high school programming for a satellite research center that had Internet access. From what I recall, I mainly played around on usenet and ftp sites. Q: Let's talk a little bit about free research and Copyright. What's your opinion about "Copyright on exploits"? Well, I'm not a lawyer, and I haven't really looked into it. I think that people should be entitled to do what they want with their work, and that legal protections are there for a reason. However, I've got no idea what copyrighting an exploit will actually afford you legally. Q: If you could turn the clock backward, what would you do different in your young life ? That's a tough one. The Internet has suffered a fair bit for the sake of my ego. I think I would have handled certain things with more discretion if I'd had a little more perspective. |=---=[ One word comments Give a one word comment to the following topics: Digital Millennium Copyright Act (DMCA): oceanliner KIMBLE (the wannabe-hacker) : hoogedlyboogedly ADM : fun NAI : work THE SCENE : which? Companies buying exploits from hackers : dunno IRC : idle CERT : maligned Full Disclosure Policy : careful |=---=[ Would you work for the government/military? Why or why not? As much as it suprises me to say it, I don't really have an ideological opposition to working for my government. I think the combination of getting a little bit older, spending some time living abroad, and the recent events in my country has made me more appreciative of certain things. I think it is safe to say I would do it if I believed I was doing something positive and I thought it was necessary. Otherwise, I'd avoid it because it would just make life more complicated. |=---=[ Please tell our audience a worst case scenario into what the scene might turn into. I guess I could prognosticate about it becoming factionalized, petty, cruel, insecure, and paranoid, but who would I be kidding? |=---=[ And if everything works out fine? What's the best case scenario you can imagine? As long as there is a place for new people who show promise, I think things will be cool. |=---=[ Any suggestions/comments/flames to the scene and/or specific people? Think for yourself. |=---=[ Shoutouts & Greetings Hi everyone :> |=[ EOF ]=---------------------------------------------------------------=|