L0PHT ON HACKERS Online NewsHour Special _________________________________________________________________ L0PHT--hackerish spelling for loft--is a sort of hackers' workshop. In Boston, seven men regularly meet in a space they've rented to work on various projects. NewsHour Correspondent Tom Bearden recently spoke with the members of L0PHT about how they started, what they do and why they do it. The names used by L0pht members in the interview are to protect their identities. _________________________________________________________________ TOM BEARDEN: How did this organization get started? The origins of L0pht. MUDGE: Basically, we had all known each other for quite some time, for the past, Id say, maybe even ten years. We found that we were all located geographically in a similar area, and having known each other through online, on the bulletin boards in the late eighties, early nineties, we started to hang out. We started having meetings in Harvard Square at some of the eateries around there. It got to a point where we had enough junk and equipment in all of our collective houses that our significant others, our girlfriends, our wives were a little upset with the scattering of computer boards, computer equipment taking up the bedroom, the bathroom, the kitchen sink that it was generally agreed that we were all going to chip in and rent a loft space in the south end of Boston to store the stuff. And as everybody started bringing over their "junk," as it was always euphemistically referred to, as we started noticing a synergy in what everybody was bringing over, and it was all able to work together. And since we were doing this sort of thing on the sides anyway, trying to amass our own tools and toys, it just was much more convenient to use everybody elses. So we started building miniature networks, ripping down protocols, playing with software, and the other thing was it kept us out of trouble because before that, a lot of us used to play with other peoples hardware and protocols, and whoever's machines would talk to us, and thats kind of how the loft grew out. It kind of took off from there. Two years after that, we moved over to this location, so L0pht, spelled L-Zero-P-H-T, was just a takeoff on the hackerish type spelling of loft, which is what we started out in. TOM BEARDEN: Why did you join? A colloborative effort. WELD POND: Because this type of activity you really need to collaborate. Hacking is something where youre not really learning things from textbooks. We obviously read the textbooks too, and we read the published material, but its knowledge thats built up by talking to other people who have basically toyed around and played with operating systems, played with software, and its a way to learn is to talk to other people who enjoy doing that kind of thing, and you really need to meet with others and collaborate on projects to really build up your own knowledge. TOM BEARDEN: Trade on each others knowledge and build on that? WELD POND: Right. So if, say, I may know something about Windows NT, and Mudge here might know something about Unix, and he can help me out with something that Windows NT is doing that is something that has a Unix background to it, something like a TCP/IP protocol. So I have some knowledge, he has some knowledge, we fit it together, and that way we can, you know, have some sort of a breakthrough because were just getting a synergy going.... SPACE ROGUE: Well, one thing on that question, you keep saying "joined". I dont think anybody actually joined. We just grabbed together and that was it, and we just sort of fell into each others hands, as it were. TOM BEARDEN: What would you call this, a club, just a group, a bunch of guys who hang out with similar interests, how would you call it? SPACE ROGUE: Well, we have been called a conglomerate, a think tank. L0pht -- A hacker think tank. MUDGE: The various media references, which whenever we get a good one we like to kind of try and keep hold of it, have been a conglomerate, a hacker think tank, a collective, brilliant crypto-crackers -- that was one of my personal favorites, a fraternity. Basically, I just think its amazing that seven people can be together for four years in close proximity, in close quarters and not kill each other. WELD POND: And not have sort of a monetary reason for sticking around with each other, for a familiar reason. TOM BEARDEN: Where did you get all this stuff? KINGPIN: Trash, flea markets, gifts, peoples work when theyre throwing stuff out. Trash is really how it started. We used to go "dumpster diving" a lot, ride around on bicycles -- still do, look in computer manufacturers, telephone companies, cellular phone companies. Youd be surprised what companies throw out. When theyre upgrading, theyll throw out complete systems or complete working telephones, or bundles of software, or basically anything when theyre upgrading. MUDGE: A great example is over a period of months we were able to piece together the . . . super computer that we showed you. That was entirely from a company that was starting to lose government contracts, ditching different R&D departments.... TOM BEARDEN: What do you do when you find vulnerabilities? What do you do with the information? WELD POND: Well, basically we agree that things should be -- there should be full disclosure, and we just let the world know when we find a vulnerability. And we found that by doing that, the vulnerability gets fixed pretty quickly. It used to be that this information kind of got passed around in the underground. If I found something, I would put it up on an underground bulletin board and other hackers would read it, and other hackers used the information maybe. But the problem really didnt get fixed. And then we started publishing these things on our web site, and other web sites have sprung up just for the sole purpose of publishing this information. Youd be surprised how quickly the problems get fixed when thousands of people can exploit those vulnerabilities instantly. And this problem with the -- like the thing that happened at the Pentagon, I mean, this thing was discovered by a hacker, was put up on a hacker web site called Root Shell. Everyone in the world could download it. It was discovered before Root Shell, but it was really made totally publicly available there. And still months later, the Pentagon didnt fix the problem. TOM BEARDEN: And theyre aware of it? SPACE ROGUE: Some of the first vulnerabilities that we found, we actually went to the companies first and said "Hey, you guys have got this big problem." MUDGE: And the first question was "do our customers know this?" "No, we havent told anybody. We figured wed tell you first." And theyre like "Oh, good, thanks a lot for the information. Well do something about it." And they never did, because they didnt want to spend the time or the money going in and fixing it when their customers werent complaining and werent saying "Gee, you told me youre protecting my software, protecting my company with your product, and theres this huge back door and you know of it, and you refuse to fix the problem?" And the longer that goes, the more the actual people trying to protect the sites are in the dark, and everybody else knows the problem. You end up being the laughing stock because youre the last person on the block to know of the problem after everybody has run through your systems.... WELD POND: Another example is even just publishing a paper, even describing the problem doesnt get them to fix it. An example is with Microsofts Windows NT. A friend of ours, Hobbit, a fellow hacker published this paper on weaknesses in their network authentication protocol where basically you could sniff the network and you could gather peoples passwords from this.... So he published this paper, and Microsoft didnt do anything to fix this. We came along and we wrote a program which could exploit this vulnerability, and I think a few days after we actually published the program that could exploit the vulnerability, Microsoft came out with a fix for it.... Now, were not the only guys who could read the paper and write the program, obviously. Theres plenty of foreign governments. Theres plenty of other computer think tanks out there that have the knowledge we have. And until you actually -- and have a lot more money and a lot more time. So until you actually say to a system administrator you go, "Look, I can grab the passwords on your system." He doesnt go to Microsoft and say "fix this." Microsoft knew about the problem, but they had none of their customers saying "fix this," so they didnt. Helping out the consumer. MUDGE: And what was the end result? The end result was a better product for the customer.... TOM BEARDEN: So my question is why do you do it? Why do you put this information out there? KINGPIN: Because its fun, and we learn, and it keeps me out of trouble. Its just nice to experiment with hardware or software. SPACE ROGUE: Most of us do this in our day jobs. We all have jobs in the IT industry, and we all basically do the exact same thing 9 to 5, or 8 to 6, or whatever. TOM BEARDEN: So why do you do it 6 to midnight? STEFAN VON NEUMANN: Most of us in our day jobs are doing one aspect that we cant push to the limit in our day job. Its not relevant to our position. So its the off hours, its the time spent here that we can push what weve stumbled upon to the extreme and maybe get some use out of it that might be useful for somebody else other than our employer. TOM BEARDEN: Do you do this in at least some sense out of a sense of public service? STEFAN: A little bit. SPACE ROGUE: Its probably the lowest level. The higher level is the knowledge and the learning for ourselves. WELD POND: If we can share what weve learned with everybody and then publish it, thats great. But we want other people to share with us, too. But its actually sort of the thrill of finding the problems, the thrill of exposing the weaknesses and saying "Well, geeze, look, they had all these smart people design this system, and I spent a few hours and I looked at it, and look, I found this huge problem." Thats kind of exciting. http://www.pbs.org/newshour/bb/cyberspace/jan-june98/l0pht_hackers.html