Johnny Long
Encyclopedia
Johnny Long, otherwise known as "j0hnny" or "j0hnnyhax", is a renowned computer security
expert, author, and public speaker in the United States
.
Long is well known for his background in Google hacking
, a process by which vulnerable servers on the Internet can be identified through specially constructed Google searches. He has gained fame as a prolific author and editor of numerous computer security books.
and formed the corporation's vulnerability assessment team known as Strike Force. Following a short position at Ciphent
as their chief scientist
, Long now dedicates his time to the Hackers for Charity organization. He continues to provide talks at many well-publicized security events around the world. In recent years, Long has become a regular speaker at many annual security conferences including DEF CON, the Black Hat Briefings
, ShmooCon
, and Microsoft's BlueHat
internal security conferences. Recently, his efforts to start the Hackers for Charity movement have gained notable press attention. His talks have ranged from Google hacking to how Hollywood portrays hackers
in film.
s and credit card
numbers. These efforts grew into the creation of the Google Hacking Database, through which hundreds of Google hacking search terms are stored. The field of Google hacking has evolved over time to not just using Google to passively search for vulnerable servers, but to actually use Google search queries to attack servers.
, a documentary movie that showcases many brutalities committed in northern Uganda
that have remained invisible to the global media. Along with coordinating the donation of goods and supplies, Johnny traveled to areas of Africa to personally setup computer networks and help build village infrastructures.
. He begins and ends each of his presentations with information regarding humanitarian efforts for Invisible Children Inc. and regularly donates proceeds from his books to help such efforts.
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
expert, author, and public speaker in the United States
United States
The United States of America is a federal constitutional republic comprising fifty states and a federal district...
.
Long is well known for his background in Google hacking
Google Hacking
Google hacking is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use.- Basics :...
, a process by which vulnerable servers on the Internet can be identified through specially constructed Google searches. He has gained fame as a prolific author and editor of numerous computer security books.
Career in computer security
Early in his career, in 1996, Long joined Computer Sciences CorporationComputer Sciences Corporation
Computer Sciences Corporation is an American information technology and business services company headquartered in Falls Church, Virginia, USA...
and formed the corporation's vulnerability assessment team known as Strike Force. Following a short position at Ciphent
Ciphent
Ciphent was formed in 2006 by security experts with experience at some business and security organizations to include Foundstone, Bank of America, Guardent, Booz Allen, CSC, Information Security Magazine and Fortify Security...
as their chief scientist
Office of the Chief Scientist
Office of the Chief Scientist may refer to:* Office of the Chief Scientist , Department of Innovation, Industry, Science and Research* Office of the Chief Scientist , Health Canada...
, Long now dedicates his time to the Hackers for Charity organization. He continues to provide talks at many well-publicized security events around the world. In recent years, Long has become a regular speaker at many annual security conferences including DEF CON, the Black Hat Briefings
Black Hat Briefings
The Black Hat Conference is a computer security conference that brings together a variety of people interested in information security. Representatives of federal agencies and corporations attend along with hackers. The Briefings take place regularly in Las Vegas, Barcelona and Tokyo...
, ShmooCon
Shmoo Group
The Shmoo Group is an international organization founded by Bruce Potter in the late 1990s as a non-profit security think-tank. The group is composed of people such as Apache Foundation director Ben Laurie, anonymity guru Len Sassaman, PGP Corporation CTO Jon Callas, and Hollywood film system...
, and Microsoft's BlueHat
BlueHat
BlueHat or Blue Hat is a term used to refer to outside computer security consulting firms that are employed to bug test a system prior to its launch, looking for exploits so they can be closed...
internal security conferences. Recently, his efforts to start the Hackers for Charity movement have gained notable press attention. His talks have ranged from Google hacking to how Hollywood portrays hackers
Hacker (computer security)
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...
in film.
Google hacking
Through his work with CSC's Strike Force, Johnny was an early pioneer in the field of Google hacking. Through specially crafted search queries it was possible to locate servers on the Internet running vulnerable software. It was equally possible to locate servers that held no security and were openly sharing personal identifiable information such as Social Security numberSocial Security number
In the United States, a Social Security number is a nine-digit number issued to U.S. citizens, permanent residents, and temporary residents under section 205 of the Social Security Act, codified as . The number is issued to an individual by the Social Security Administration, an independent...
s and credit card
Credit card
A credit card is a small plastic card issued to users as a system of payment. It allows its holder to buy goods and services based on the holder's promise to pay for these goods and services...
numbers. These efforts grew into the creation of the Google Hacking Database, through which hundreds of Google hacking search terms are stored. The field of Google hacking has evolved over time to not just using Google to passively search for vulnerable servers, but to actually use Google search queries to attack servers.
Published works
Long has contributed to the following published works:- Google Hacking for Penetration Testers, Syngress Publishing, 2004. ISBN 1-931-83636-1 (Author, book translated into five different languages)
- Aggressive Network Self-Defense, Syngress Publishing, 2005. ISBN 1-931-83620-5 (Author, Chapter 4, "A VPN Victim's Story: Jack's Smirking Revenge" with Neil Archibald.
- InfoSec Career Hacking, Syngress Publishing, 2005. ISBN 1-597-49011-3. (Author, Chapter 6, "No Place Like /home – Create an Attack Lab")
- Stealing the Network: How to Own an Identity, Syngress Publishing, 2005. ISBN 1-597-49006-7. (Technical Editor, Author, Chapter 7, "Death by a Thousand Cuts"; Chapter 10, "There's something else" with Anthony Kokocinski; and "Epilogue: The Chase")
- OS X For Hackers at Heart, Syngress Publishing, 2005. ISBN 1-597-49040-7 (Author, Chapter 2, "Automation" and Chapter 5, "Mac OS X for Pen Testers")
- Penetration Tester's Open Source Toolkit, Syngress Publishing, 2005. ISBN 1-597-49021-0 (Technical Editor, Author, "Running Nessus with Auditor")
- Stealing the Network: How to Own a Shadow, Syngress Publishing, 2007. ISBN 1-597-49081-4
- Google Talking, Syngress Publishing, 2007. ISBN 1-597-49055-5 (Technical Editor and Contributor)
- Techno Security's Guide to Managing Risks for IT Managers, Auditors and Investigators, Syngress Publishing, 2007 ISBN 1-597-49138-1. (Author, Chapter 8, "No-Tech Hacking")
- Asterisk Hacking, Syngress Publishing, 2007. ISBN 1-597-49151-9 (Technical Editor)
- Google Hacking for Penetration Testers, Volume 2, Syngress Publishing, 2007. ISBN 978-1597491761 (Author)
- TechnoSecurity's Guide to E-Discovery and Digital Forensics, Elsevier Publishing, 2007 ISBN 9781597492232 (Author, "Death by 1000 cuts").
- No-Tech Hacking, Elsevier Publishing, 2008 ISBN 1597492159 (Author)
Hackers for Charity
In his latest endeavor, Johnny has created the Hackers for Charity non-profit organization. Known by its byline, "I Hack Charities", the organization collects computer and office equipment to donate to underdeveloped countries. The movement was realized after a viewing of Invisible ChildrenInvisible Children
Invisible Children: Rough Cut is a 2003 American documentary film. Its subject is the abduction and forced enlistment of children by the sectarian Lord's Resistance Army in Uganda.-Synopsis:...
, a documentary movie that showcases many brutalities committed in northern Uganda
Uganda
Uganda , officially the Republic of Uganda, is a landlocked country in East Africa. Uganda is also known as the "Pearl of Africa". It is bordered on the east by Kenya, on the north by South Sudan, on the west by the Democratic Republic of the Congo, on the southwest by Rwanda, and on the south by...
that have remained invisible to the global media. Along with coordinating the donation of goods and supplies, Johnny traveled to areas of Africa to personally setup computer networks and help build village infrastructures.
Personal life
Long is known to publicly pronounce his faith in ChristianityChristianity
Christianity is a monotheistic religion based on the life and teachings of Jesus as presented in canonical gospels and other New Testament writings...
. He begins and ends each of his presentations with information regarding humanitarian efforts for Invisible Children Inc. and regularly donates proceeds from his books to help such efforts.