The Bug! Magazine interview: tbob
Number 0x01: 03/23/2006
[ --- The Bug! Magazine
_____ _ ___ _
/__ \ |__ ___ / __\_ _ __ _ / \
/ /\/ '_ \ / _ \ /__\// | | |/ _` |/ /
/ / | | | | __/ / \/ \ |_| | (_| /\_/
\/ |_| |_|\___| \_____/\__,_|\__, \/
|___/
[ M . A . G . A . Z . I . N . E ]
[ Numero 0x01 <---> Edicao 0x01 <---> Artigo 0x0a ]
.> 23 de Marco de 2006,
.> The Bug! Magazine < staff [at] thebugmagazine [dot] org >
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Bug! Magazine entrevista: tbob
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.-"""-.
/ \ - Coffee?
(_|o o/ |_
/ " \ ,_)
\ O /__/
;--'
This interview is protected by BingBong - the golden coffee monkey God.
After a certain "star" of the national underground declined to be the first interviewee for The Bug! Magazine, we decided to get in touch with a real hacker, in the true sense of the word in The Bug! conception. For us it doesn't matter the color of the hat. Hacker is not the one who talks and talks, but the one who does, creates, innovates, revolutionizes. That's why we decided to interview tbob, ex-phone phreak and famous hacker in the real world underground scene.
In the past, tbob was mainly involved with vuln-dev (he is the creator of a famous exploit for "rpc.mountd", one of the most difficult exploits known to man) and the creation of new techniques for exploiting systems.
The Bug!: How was your first contact with hacking?
tbob: I guess I first realised that hacking, as a phenomenon, existed back when I saw brief part of the movie Wargames.
In 1999 I first got access to the internet and started hacking stuff, no exploits, just retarded misconfigurations, remote registry dumping, etc. In 2001 I met a 'notorious blackhat' via the antisec forums (anyone remember them?) and got my first access to the scene and other like-minded folk. He in turn helped me with choosing some software to audit and I found my first two remote 0days, in rpc.mountd and Samba. After this I met another guy who showed me how effective these exploits could be. After that it was all just accumulative.
TB!: What do you have to say about the security community, in a general way?
tbob: I don't actually think is one, actual, security community. What you have is a security industry and a group of hangers-on. Of the people I know, the community in which I mix, they are all great people with amazing knowledge. Of course each 'community' is largely closed off to people outside it. There is no cohesive whole any longer.
TB!: Do you have any opinion about the brazilian scene? (Assuming you know something)
tbob: The brazilian 'scene' is as dead as any other national scene. People work in small groups and not together. That's just how things are today. Given the current state of the nation, and the pitiful state of the national security, I'd like to see more politically motivated hacking (other than website defacements) here. But this sort of thing requires people working together, which I doubt will happen.
TB!: For you, what is the future of hacking? Can you predict something?
tbob: I see more client-side hacking. I see more spam and phishing scams. I see more fruad. I see no more UNIX exploits, less and less Windows exploits. I don't see anything much more in the way of reliable remote exploitation (server side).
Hacking will still be possible though bad configurations and password guessing and highly sophisticated backdoors. Less and less people will be bothered to do that though.
Hacking is and was more or less an 80s phenomenon. There have been, and still are, a few anomalies, but they will become lesser and lesser as time goes on.
TB!: What is your opinion about the death of phreaking in early 90s?
tbob: The death of phreaking came about largely due to the birth of the internet. Now everyone has a nice big network they can log onto for $20 a month it's not worth fighting your way onto dialup PADs and through PABXs. Phreaking does still exist, and the knowledge is out there if you want to find it. I was still blue-boxing in 2001, and I knew people who were still doing it in 2004. On top of this, the most interesting phreaking can be done with digitised switches, which are often custom software installed on top of basic commercial unix systems and oracle databases. It's just so much easier for people to ./ another Win32 or Linux machine. Two of my hopes are that VOIP will change phreaking as people start to realise that a lot of international calls are routed via TCP/IP (often without encryption), and that more phreaking articles will be submitted to Phrack, The Bug! and other magazines.
TB!: How do you see yourself in future?
tbob: As far away from computers as possible. I see myself having one more big hacking spree, working with programming in nasty areas, earning a lot of money and training to do something that doesn't make my soul ache. In the long term I see myself working in a field in an ashram on the banks of the river gangees. Either that or becoming a professional substance abuser.
TB!: The last one, what is the best way to ask the waiter a beer?
tbob: Throw the last empty bottle against him to catch his attention, because this is the most difficult thing. After that he will simply bring it to you.