Mudge

Today is the anniversary of the testimony I and other members of the l0pht gave to the US Senate in 1998. It was the first time the US Govt. publicly referenced “hackers” in a positive context. The coverage was national and even international. Come behind the scenes. /Thread

@4Dgifts I know you do… heh 😏

Anyone remember Dockmaster (MULTICS) and Radium at NCSC? NCSC being the National Computer Security Center (if you know, you know). Follow up: do any of you remember some type of user and data dump from them just before CFAA was enacted? Like it was a well timed “hehehe”?

Thank you for the kind words Mike I learned a lot from this What are takeaways others get from this, or have taken away from similar efforts?

Postfix: apologies for not being able to provide all of the details here. With much appreciation to the people on those multiple teams. You know who you are. And thank you to the Board and Execs continually demonstrating over the years how much you appreciate the work of your current, AND former staff. Because of that, I have no doubt you will always have a pipeline of the best future staff eager to join. (Word gets around when places play the long game)

Been a long while since Story Time… I don’t know why this popped into my head, but perhaps there’s something in it someone will find helpful. So here goes

The takeaway ways an obvious cliche, but it had been turned into reality. Set people up to succeed. You can (should) help people grow into areas they want, but you also need to know the strengths, limitations, and actual capabilities at any given moment in time.

@dyn___ @DennisF @tqbf Yup

@DennisF @tqbf Yeah I read that, and a few other things over the past few weeks (+ spoke at unprompted, hallway con there, Offensive AI con back in Oct). It's the year 2000 again, so, why not ring the alarm bells (again). Paging @dotMudge , universe dent 2.0 time? 😉

I honestly think we're at "L0pht is testifying at the Senate" levels of fucked. LLMs finding vulns has gone from possible to trivial RAPIDLY and the use of generic coding agents is currently the lower bound!! The security industry is not at all ready for the reality of today. 🫠

@dildog @medus4_cdc @Grifter801 @dakami @angus_tx @defcon I’ll take a “not mudge[*]” shirt too… Sheesh. Make even *more* of a target on me why don’t you 😉 (Or at least “occasionally mudge”)

TCP/IP Drinking Game - DEF CON 13 @dotMudge @dakami @angus_tx @defcon #hackerthrowback #defcon

Dr. Morris (he doesn’t like being called Jr. he and his father have different names) was doing well the last I heard. I believe he’s still a professor at a very prestigious academic institution. He was going to be great no matter what field he chose (the security field was basically closed off by a particular professor at the time who made a big fuss and lobbied to have the book thrown at him). Fortunately there were good people like Steve Bellovin and others who went to bat for him and fought the zealot.

@dotMudge PoC|GTFO! you still are the OG :) What ever happened to Morris Jr? He would have field day in today's cyber security world.

Aleph took it much further and made it much more accessible. I’m proud to have contributed in even the slightest way.