http://www.antionline.com/cgi-bin/Print?type=antionline&date=05-03-1999&story=l0pht.news
[Before you continue, it should be noted that John Vranasevich and the
AntiOnline staff did NOT contact anyone at the l0pht about any piece of
this story. In fact, Space Rogue mailed Mr. Vranasevich shortly after
this piece and said:
"It is unfortunate that you chose not to contact us prior to writing
your 'article'. We would have been more than happy to provide you with
information and clear up the factual inaccuracies that you mention."
http://abcnews.go.com/sections/tech/DailyNews/hackers990203.html
In this ABC news article, they explicity state that cDc was responsible
for Back Orifice, then go on to quote Antionline. JP even links to this
article from http://www.antionline.com/information/press
The L0pht Dichotomy
Wednesday, May 5, 1999 at 15:59:50
by John Vranesevich - Founder of AntiOnline
"L0pht to use extensive knowledge of attack signatures to expand filter
set for NFR software"
A press release sent out by Network Flight Recorder, Inc. in March of this
year read. The famed L0pht Heavy Industries Inc. announced the forming of a
strategic relationship with Network Flight Recorder Inc. to provide backends
for the Network Flight Recorder Intrusion Detection Software.
[For those of you not familiar with NFR products, their IDS and
their Back Officer products are not the same.]
"RUNNING A MICROSOFT OPERATING SYSTEM ON A NETWORK?
OUR CONDOLENCES."
A press release sent out in July of 1998 by The Deth Vegetable, who is the
"Minister of Propaganda" for the cDc, announced the imminent release of
Back Orifice. Back Orifice is a windows trojan developed by the cDc which,
according to Wired News (Nov-17-98), 79% of Australian ISPs became
"infected" with.
The correlation? The Deth Vegetable, as well as several other Cult Of The
Dead Cow Members (including Mudge and DilDog) are also members of
L0pht Heavy Industries (according to membership lists posted on both
cultdeadcow.com and l0pht.com).
[This is a blatant error. At no time has The Deth Vegetable (sic) been
a 'member' of the l0pht. In fact, L0pht Heavy Industries is a COMPANY. It has
EMPLOYEES, not MEMBERS. Death Vegetable is not an employee nor a member of
the l0pht. Mudge and Dildog are MEMBERS of the cDc group as outlined on
http://www.cultdeadcow.com/members/. Notice that Mr. Vranasevich claims the
l0pht has a membership list on their site with Deth Vegetable (sic) on it? Yet
he doesn't link to that page.
On 05-06-99, I asked mudge who is a part
of the l0pht to clarify this. His reply?
From: "Dr. Mudge" (mudge@l0pht.com)
To: jericho@attrition.org
Date: Thu, 6 May 1999 07:22:46 -0500 (EST)
Subject: Re: hey there..
Our current roster runs:
Mudge
Dildog
Silicosis
SpaceRogue
Kingpin
Brian Oblivion
Weld Pond
John Tan
-eof]
Just recently, Network Flight Recorder (NFR) Inc. announced the release of a
commercial product called "BackOfficer Friendly", which, at $10/machine,
"identifies attacks from Back Orifice, one of the nastier hacking applications
currently being perpetrated on the Internet", according to the NFR.net
website.
"As far as I'm concerned, an ethical problem would exist in people doing
security work that are also releasing tools useful to hackers, and if that's the
case, its l0pht's problem, not ours." NFR's CEO Marcus J. Ranum told
AntiOnline in a phone interview Wednesday afternoon.
Marcus Ranum told AntiOnline that L0pht had no direct involvement in the
development of "BackOfficer Friendly", but then conceded that they were
given a beta version of the software, and that they pointed out several flaws
["conceded"? This implies he was caught in a lie when he clearly
was not. Beta testing software often has NOTHING to do with
developing it.]
which allowed him to "update the software to make it run better". Further,
Marcus Ranum forwarded to AntiOnline several e-mail conversations he had
with Sir Dystic (the author of Back Orifice), about problems with his
BackOfficer Software.
[What better resource to tap for a product? Sir Dystic is a member
of cDc, not the l0pht.]
AntiOnline asked Marcus Ranum if any of the individuals who were involved
in the creation of Back Orifice were also working on the Network Flight
Recorder Software "Not that I know of, and I don't want to know either. As a
matter of courtesy, I play the game, and don't even ask them who they really
are. Frankly, I like it that way. Sir Dystic could really be Mudge for all I
know."
Mr. Ranum concluded, "If you're going to be doing a story about how NFR is
doing shady and questionable things, I don't think that would be very nice. If
you want to point to egregious things in the security industry, you can find a lot
better examples out there than us [...] I've got a business to run, and that
means going to the best sources for information, if those sources of information
are also involved with part of the source of the problem, then that's
unfortunate".
[And despite this advice from Mr. Ranum, Antionline still chose to
attempt to drag NFR, the l0pht, and cDc through the mud. It is more interesting
that Mr. Vranasevich contacted Marcus Ranum, but didn't contact anyone at the
l0pht, yet quoted THEIR name in the title of this piece.
Also amusing to point out:
http://www.antionline.com/archives/editorials/script_kiddies.html
"There are groups like l0pht... Those are the true hackers."]