Interview with Anonymous, lead author of "Maximum Security 4/e"
by Mirko Zorz - Thursday, 1 May 2003.
Who is Anonymous? Introduce yourself to our readers.

I'm not sure Pearson Education really wants this question answered. In any event, I was born 11/24/1964 at 12:01 a.m. in NYC (I'm an old man, in other words), and like Forrest Gump, "I've worn a lot of shoes."

How did you gain interest in computer security?

I'd like to report that I was a crusader (like so many of the more committed hackers out there), but that would be a lie. My original interest was purely monetary, and focused on a comparatively small sector of the business (operating systems used by financial institutions). After I aced that area (and spent a few years exploiting the same, and a few more on vacation with the government), I went into healthcare processing. There, I really got into it. At one firm I worked, a billing manager operating under a false identity disappeared, leaving behind a Novell network and accompanying billing system, but no passwords. The professional staff of that hospital got increasingly concerned about not being able to bill for their services, and thus, hired me to break into the network and crack the billing software. (That was an interesting job, too, as the software used extraordinarily archaic security routines, and worse, assembled data screens on-the-fly from DBASE sources that were "parted-out" so tough, no one could conceivably extricate the data except using screen capture utilities, like WP's old "grab.exe." Talk about job security! Following that, I received an endless number of contracts to do the same (or substantially the same) thing for just about every sector you can imagine. Some of those jobs, I add here, were truly bizarre. You cannot imagine - or perhaps you can - what types of people "lose" or "need" data. For many years, that was my function in life - other than enjoying it, of course.

Why did you choose to hide your identity and sign your books as Anonymous? Why the secrecy?

I'm not sure Pearson wants to have this circulate as common knowledge either, but I'll give it my best shot. Seven years ago, I and twenty-two other persons created a cornerstone of EC/EDI/B2B. That technology created an entirely new field, and was responsible for raising and sinking empires in expenditure analysis and automated line-item coding in realtime. The result was a new industry that was aggregately worth several hundred million dollars a year. Unfortunately, friendships (when money is afoot) don't always last. To discredit my reputation, some of those individuals - who later became direct competitors (and some would say, mortal enemies) - used my past to discredit my reputation. Because my past is admittedly more checkered than most, that could have posed tremendous problems for Pearson (then Macmillan). Given all that - and anticipating a ground war between my team and the opposing team - it made sense. Besides, as has been now widely reported, especially in Germany and Brazil, my lifestyle is....controversial, at least from, say, a religious fundementalist's viewpoint. Safe to say, unlike the many wonderful engineers and hackers I know, I was no angel, nor am I today, nor will I ever be. Because Pearson was trying in earnest to do something good for the net community (and, admittedly, also turn a decent buck), it seemed fair that its editors could proceed without getting entangled in either my past or my corporate wars and coups. To date, I think, my identity has been kept fairly well quiet, and for Pearson's sake, I've tried my best to keep that shroud of secrecy wrapped around me.

Do the contributing authors know your real identity? If not, how did you communicate with them while working on the book?

Hahahaha. Looking for some trade secrets, perhaps? Just kidding.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th