Mudge
Encyclopedia
Hacker (computer security)
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...
think tank
Think tank
A think tank is an organization that conducts research and engages in advocacy in areas such as social policy, political strategy, economics, military, and technology issues. Most think tanks are non-profit organizations, which some countries such as the United States and Canada provide with tax...
the L0pht
L0pht
L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area.-Name:The second character in its name was originally a slashed zero, a symbol used by old teletypewriters and some character mode operating systems to mean zero...
as well as the long-lived computer and culture hacking cooperative The Cult of the Dead Cow. He is now a program manager at DARPA where he will help fund research to defeat cyber attacks.
Born in December 1970, Mudge graduated from the Berklee College of Music
Berklee College of Music
Berklee College of Music, located in Boston, Massachusetts, is the largest independent college of contemporary music in the world. Known primarily as a school for jazz, rock and popular music, it also offers college-level courses in a wide range of contemporary and historic styles, including hip...
and is an adept guitar
Guitar
The guitar is a plucked string instrument, usually played with fingers or a pick. The guitar consists of a body with a rigid neck to which the strings, generally six in number, are attached. Guitars are traditionally constructed of various woods and strung with animal gut or, more recently, with...
player.
Mudge was responsible for early research of a security vulnerability
Vulnerability
Vulnerability refer to the susceptibility of a person, group, society, sex or system to physical or emotional injury or attack. The term can also refer to a person who lets their guard down, leaving themselves open to censure or criticism...
known as the buffer overflow
Buffer overflow
In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety....
. In 1995 he published "How to Write Buffer Overflows", one of the first papers on the topic. He published several security advisories on vulnerabilities in Unix and was a leader in the full disclosure
Full disclosure
In computer security, full disclosure means to disclose all the details of a security problem which are known. It is a philosophy of security management completely opposed to the idea of security through obscurity...
movement. He was the initial author of security tools L0phtCrack
L0phtCrack
L0phtCrack is a password auditing and recovery application originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, hybrid attacks, and rainbow tables...
, AntiSniff, and l0phtwatch.
Mudge was one of the first people from the hacker community to reach out and build relationships with government and industry. In demand as a public speaker, he spoke at hacker conferences such as Defcon and academic conferences such as Usenix
USENIX
-External links:* *...
. Mudge has also been a member of CULT OF THE DEAD COW
Cult of the Dead Cow
Cult of the Dead Cow, also known as cDc or cDc Communications, is a computer hacker and DIY media organization founded in 1984 in Lubbock, Texas. The group maintains a weblog on its site, also titled "Cult of the Dead Cow"...
since 1996.
He was one of the seven L0pht members who testified before a Senate
United States Senate
The United States Senate is the upper house of the bicameral legislature of the United States, and together with the United States House of Representatives comprises the United States Congress. The composition and powers of the Senate are established in Article One of the U.S. Constitution. Each...
committee in 1998 that they could bring down the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
in 30 minutes. When L0pht was acquired by @stake
@stake
ATstake, Inc. was a computer security professional services company in Cambridge, Massachusetts, United States. It was founded in 1999 by Battery Ventures and Ted Julian...
in 1999, he became the vice president of research and development and later chief scientist.
In 2000, after the first crippling Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
distributed denial of service attacks, he was invited to meet with President Bill Clinton
Bill Clinton
William Jefferson "Bill" Clinton is an American politician who served as the 42nd President of the United States from 1993 to 2001. Inaugurated at age 46, he was the third-youngest president. He took office at the end of the Cold War, and was the first president of the baby boomer generation...
at a security summit alongside cabinet members and industry executives.
After leaving @stake in 2002 he disappeared from the information security scene before resurfacing as a technical advisor to "insider threat" company Intrusic.
In 2004 he became a division scientist at government contractor BBN Technologies, where he originally worked in the 1990s, and also joined the technical advisory board of NFR Security.
In 2006 he was one of the subjects of an article entitled Hoaxers, Hackers, and Policymakers: How Junk Science Persuaded the FBI to Divert Terrorism Funding to Fight Hackers, published in the March/April 2006 edition of Skeptical Inquirer magazine.
On 11 August 2007 he married Sarah Lieberman, a co-worker at BBN.
In February 2011, it was announced that he would be project manager of a DARPA project focused on developing tools to help the U.S. Government protect against cyberattacks.
At Shmoocon
ShmooCon
ShmooCon is an American hacker convention organized by The Shmoo Group. There are typically about 35 different talks and presentations, on a variety of subjects related to computer security and cyberculture.-History:...
2011, he announced work on an initiative to make funding available to independent security researchers and hackerspaces
Hackerspace
A hackerspace or hackspace is a location where people with common interests, often in computers, technology, science, or digital or electronic art can meet, socialise and/or collaborate...
.