http://www.antionline.com/cgi-bin/Print?type=antionline&date=05-03-1999&story=l0pht.news

[Before you continue, it should be noted that John Vranasevich and the
 AntiOnline staff did NOT contact anyone at the l0pht about any piece of 
 this story. In fact, Space Rogue mailed Mr. Vranasevich shortly after 
 this piece and said:

   "It is unfortunate that you chose not to contact us prior to writing 
    your 'article'. We would have been more than happy to provide you with 
    information and clear up the factual inaccuracies that you mention."

http://abcnews.go.com/sections/tech/DailyNews/hackers990203.html
In this ABC news article, they explicity state that cDc was responsible
for Back Orifice, then go on to quote Antionline. JP even links to this
article from http://www.antionline.com/information/press 


The L0pht Dichotomy 
 Wednesday, May 5, 1999 at 15:59:50
 by John Vranesevich - Founder of AntiOnline 

 "L0pht to use extensive knowledge of attack signatures to expand filter
 set for NFR software"

 A press release sent out by Network Flight Recorder, Inc. in March of this
 year read. The famed L0pht Heavy Industries Inc. announced the forming of a
 strategic relationship with Network Flight Recorder Inc. to provide backends
 for the Network Flight Recorder Intrusion Detection Software.

[For those of you not familiar with NFR products, their IDS and
 their Back Officer products are not the same.]

 "RUNNING A MICROSOFT OPERATING SYSTEM ON A NETWORK?
 OUR CONDOLENCES."

 A press release sent out in July of 1998 by The Deth Vegetable, who is the
 "Minister of Propaganda" for the cDc, announced the imminent release of
 Back Orifice. Back Orifice is a windows trojan developed by the cDc which,
 according to Wired News (Nov-17-98), 79% of Australian ISPs became
 "infected" with.

 The correlation? The Deth Vegetable, as well as several other Cult Of The
 Dead Cow Members (including Mudge and DilDog) are also members of
 L0pht Heavy Industries (according to membership lists posted on both
 cultdeadcow.com and l0pht.com).

[This is a blatant error. At no time has The Deth Vegetable (sic) been
 a 'member' of the l0pht. In fact, L0pht Heavy Industries is a COMPANY. It has 
 EMPLOYEES, not MEMBERS. Death Vegetable is not an employee nor a member of
 the l0pht. Mudge and Dildog are MEMBERS of the cDc group as outlined on
 http://www.cultdeadcow.com/members/. Notice that Mr. Vranasevich claims the
 l0pht has a membership list on their site with Deth Vegetable (sic) on it? Yet 
 he doesn't link to that page.

 On 05-06-99, I asked mudge who is a part
 of the l0pht to clarify this. His reply?

 From: "Dr. Mudge" (mudge@l0pht.com)
 To: jericho@attrition.org
 Date: Thu, 6 May 1999 07:22:46 -0500 (EST)
 Subject: Re: hey there..

 Our current roster runs:
 
     Mudge
     Dildog
     Silicosis
     SpaceRogue
     Kingpin
     Brian Oblivion
     Weld Pond
     John Tan

 -eof]
 
 Just recently, Network Flight Recorder (NFR) Inc. announced the release of a
 commercial product called "BackOfficer Friendly", which, at $10/machine,
 "identifies attacks from Back Orifice, one of the nastier hacking applications
 currently being perpetrated on the Internet", according to the NFR.net
 website.

 "As far as I'm concerned, an ethical problem would exist in people doing
 security work that are also releasing tools useful to hackers, and if that's the
 case, its l0pht's problem, not ours." NFR's CEO Marcus J. Ranum told
 AntiOnline in a phone interview Wednesday afternoon.

 Marcus Ranum told AntiOnline that L0pht had no direct involvement in the
 development of "BackOfficer Friendly", but then conceded that they were
 given a beta version of the software, and that they pointed out several flaws

["conceded"? This implies he was caught in a lie when he clearly
 was not. Beta testing software often has NOTHING to do with 
 developing it.]

 which allowed him to "update the software to make it run better". Further,
 Marcus Ranum forwarded to AntiOnline several e-mail conversations he had
 with Sir Dystic (the author of Back Orifice), about problems with his
 BackOfficer Software.

[What better resource to tap for a product? Sir Dystic is a member
 of cDc, not the l0pht.]

 AntiOnline asked Marcus Ranum if any of the individuals who were involved
 in the creation of Back Orifice were also working on the Network Flight
 Recorder Software "Not that I know of, and I don't want to know either. As a
 matter of courtesy, I play the game, and don't even ask them who they really
 are. Frankly, I like it that way. Sir Dystic could really be Mudge for all I
 know."

 Mr. Ranum concluded, "If you're going to be doing a story about how NFR is
 doing shady and questionable things, I don't think that would be very nice. If
 you want to point to egregious things in the security industry, you can find a lot
 better examples out there than us [...] I've got a business to run, and that
 means going to the best sources for information, if those sources of information
 are also involved with part of the source of the problem, then that's
 unfortunate".

[And despite this advice from Mr. Ranum, Antionline still chose to 
 attempt to drag NFR, the l0pht, and cDc through the mud. It is more interesting
 that Mr. Vranasevich contacted Marcus Ranum, but didn't contact anyone at the
 l0pht, yet quoted THEIR name in the title of this piece.

 Also amusing to point out:
 http://www.antionline.com/archives/editorials/script_kiddies.html
 "There are groups like l0pht... Those are the true hackers."]