Make a dent in the universe. Find something that needs improvement: go there and fix things. If not you, then who? {he/they}

TWTR|Stripe|Google|DARPA|L0pht
Joined September 2011
Pinned Tweet
Today is the anniversary of the testimony I and other members of the l0pht gave to the US Senate in 1998. It was the first time the US Govt. publicly referenced “hackers” in a positive context. The coverage was national and even international. Come behind the scenes. /Thread
70
877
110
3,159
Show this thread
To everyone who made donations in response to this match request: thank you! The full $6K has been donated across @LIRSorg , @TransLifeline, and @BlackGirlsCode .
Sarah and I are pleased to put up $6k to match donations to the following 3 charities. (Post or DM your receipt) @LIRSorg - Neighbors in Need: Afghan Allies - lirsconnect.org/get_involved… @BlackGirlsCode - blackgirlscode.com/donate/ @TransLifeline - translifeline.org
0
0
0
25
Replying to @dotMudge
I’m honored @dotMudge! Also my coauthors @nishant412 and @skateprofessor did all the hard work.
0
1
0
9
Fun paper by @CDameffMD ! Privacy preserving protocols focus on the data layers and above… don’t forget about different physical transmission characteristics. Brings back memories of fingerprinting mobile phones based on their radio characteristics. cseweb.ucsd.edu/~nibhaska/pa…
5
12
0
42
Del, you have walked through fire repeatedly. I have never known you, or even heard of you, doing something for a reason other than to protect and help people. I hope you are fortunate enough to have people looking over you in your life the way you have for so many others. 🙏
I believe the traditional opening to these sorts of Tweet threads is "Some personal news." So . . . some personal news. After almost 13 years – technically, 12 years and 364 days – this Friday, October 22nd, will be my last day at Twitter. (1/6)
Show this thread
0
0
0
49
L0phtCrack has stories in between too! L0phtCrack was often flagged by AntiVirus software… like Symantec. But SYMC had acquired AtStake and thus L0phtCrack. So SYMC was then selling software they once flagged as malware. Apparently it stopped flagging as malware then. 🧐🧐
Replying to @dotMudge
If whoever had control of L0phtCrack ever stopped selling, working on, and supporting the tool for a period of 1 year… The 3 of us could buy it back. How much $$$? Oh, the same amount the product had grossed in sales for the 12 months that it hadn’t been sold ($0) 😗
Show this thread
5
28
0
139
Symantec knew they were selling it too. They staffed and dedicated person(s) to the tool they historically had flagged as “malware”. (Hi Rob!) Not a lot of people but it wasn’t an acquisition case of “we didn’t know”. No longer flagging it as malware then was “fascinating”.
2
1
1
33
LC5 with pre-computed hash tables is not only a collectors item but it was also considered a munition! That concern was why L0phtCrack stopped being shipped with the precomputed hash tables.
Replying to @dotMudge
Does that make this copy of LC5 with pre-computed hash tables a collectors item?
1
6
0
84
AtStake forced Weld, Dil, and myself to put L0phtCrack into a holding company that AtStake ultimately owned. This wasn’t the original deal. They played hard and dirty. But, we had our lawyer sneak something into the documents… (This is how it circled back to us)
A 🧵 L0phtCrack has been a really wild ride. As of version 7.2 L0phtcrack is now open source. Released on GitLab. gitlab.com/l0phtcrack l0phtcrack.gitlab.io It is actively seeking maintainers. Many thanks to @dildog, @WeldPond, and all others. Story time…
Show this thread
7
61
5
316
If whoever had control of L0phtCrack ever stopped selling, working on, and supporting the tool for a period of 1 year… The 3 of us could buy it back. How much $$$? Oh, the same amount the product had grossed in sales for the 12 months that it hadn’t been sold ($0) 😗
20
52
18
527
Some of the thread posts ended up isolated. I’m going to continue with the L0phtCrack state ties as random tweets / snippets. L0htCrack was not initially part of the L0pht bootstrapping of AtStake. The VC (Battery) and execs, myself included, wanted a pure play consultancy.
A 🧵 L0phtCrack has been a really wild ride. As of version 7.2 L0phtcrack is now open source. Released on GitLab. gitlab.com/l0phtcrack l0phtcrack.gitlab.io It is actively seeking maintainers. Many thanks to @dildog, @WeldPond, and all others. Story time…
Show this thread
0
2
0
31
Fun fact 1 I wrote L0phtcrack on a Unix system in 1997. A Sun SparcV7 system running Solaris My day job was at BBN Technologies: the company the government hired to build and run the ARPANET (which is now the Internet). Nighttime was all L0pht. But why write it?
6
19
0
179
I was “responsible” for an ungodly number of systems spread across: Dozens of class A networks (16M addresses) Loads of class B nets (65K addresses) And class C nets (256 addresses… yawn) Mostly Unix, but WinNT was growing… (Does my old AntiSniff tool make sense now?)
2
4
1
106
MSFT had made a cryptographic goof. They stored two different cipher texts for the same password. One cipher had fundamental flaws. So, which one do you break? The one that made all passwords as simple as a 7 character or less password of course! seclists.org/bugtraq/1997/Ju…
1
0
2
17
The tool was fun but it ran on Unix only. @WeldPond ported it to windows NT and put a simple GUI around it. We released it under a “free for educational and personal use - companies and the government must pay” type license ($50).
2
0
0
16
L0phtcrack with a Windows GUI was being downloaded like crazy. Our T1 line was melting. But nobody was paying the $50. Were all those downloads educational or personal use? Nope. The majority were big companies and the USG. They just ignored the license and didn’t pay. 🤦‍♂️
2
1
0
22
So we kept the Unix CLI open source and made the Windows program trial period software which stopped working after a predefined period. At the end of that first trial period checks started rolling in to the PO Box 🤯 L0phtcrack was funding the L0pht!
1
2
0
46
Several iterations later, having brought @dildog on to uplevel the code, it was still touchy. The first TJMax “big news” cyber compromise was discovered by way of LC (L0phtcrack). The intruders had loaded LC onto a live TJMax Domain Controller… and crashed the whole system! 🤦‍♂️
0
2
0
31
Show this thread
Fun fact 2 - I wrote the brute force code in an odd way. Instead of AAAA, AAAB, AAAC, … the code ran AAAA, BAAA, CAAA, … If it took a lot longer to brute your password than someone else’s it wasn’t necessarily stronger… at all. This surprised some people when it switched!
3
5
0
98
Show this thread