Interview with Brian Hatch, author of "Hacking Exposed Linux"
by Mirko Zorz - Monday, 30 June 2003.
Who is Brian Hatch? Introduce yourself to our readers.

Brian Hatch is a hacker in the positive sense - a coder, tinkerer, and tester. I love to prod software into doing things it shouldn't be able to, be it for good or ill.

My love of Linux comes from the fact that all the code is there for your perusal, modifications, and bastardizations. I'm constantly testing and breaking my laptop, putting backdoors and Trojans on them, and occasionally need to reinstall my system from scratch to be sure I haven't irrevocably destroyed any hope of stability and security in my quest to do weird things.

When I'm not tinkering in Linux or security, I'm... Hmmn. Wait, I can't think of a time that I'm not tinkering in security. I should never have gotten a phone with an SSH client.

How long have you been working with Linux?

I first started playing with it in 1993, but it became my primary desktop OS in 1995. That was a laptop, and damn but was that a tricky beast to set up back then. It originally ran via loadlin and everything lived on a DOS partition because I needed to have Windows available for corporate email (Lotus Notes). Luckily I left that company and was able to ditch Windows for good. Of course I'd been using GNU software for a long time before I had Linux on my desktop. SunOS/Solaris and IRIX machines were my usual stomping grounds -- I still have my Indy somewhere in the attic.

The beautiful thing about Linux is that the entire kernel is Free Software/Open Source, as are most of the userland tools. Having the entire code base of your software makes tweaking possible, and allows me to have complete control of my system. For example I've occasionally modified the 'crypt' password hashing function on my systems. Since most password crackers are run offline, or have crypt written in optimized assembly, the results from password crackers would never be valid on my machine. This is the kind of ability you have when a system's source is completely available to you. I can't imagine going back to using something where I can't see each and every line of code.

How did you get interested in computer security?

I don't ever remember getting interested in it -- it seemed to be one of my innate desires for as long as I can remember. I guess I was always paranoid and mistrusting.

Back when I had my first Apple ][ machine, you'd need to boot off the floppy drive or tape. The computer would run the program called 'hello' on the floppy if it was available. Well, I sure didn't want anyone looking at my files and programs, so my hello program was this paranoid thing that required two correct passwords (each more than 10 characters long) to get in or it would reboot the machine. If you correctly authenticated, the thing had a fully functional text file management/program execution environment.

Now not only was this exceedingly paranoid (aside from hello, the only other program on the disk was Snake Byte) but it was still vulnerable. Anyone could simply boot a different disk and then stick mine in to access what was on it. So I learned to modify the disk structure to foil that avenue of attack. Of course, anyone with a disk editor could still figure out what was on it if they tried hard enough. I considered adding some sort of encryption to the mix, but never got around to it, and likely I would have fallen pray to holy grail of all the newbie cryptographers -- XOR with a short ASCII key.

Do you have any favourite security tools? Which are they?

A lot of tools that are considered 'security' tools are excellent for general network connectivity testing and debugging. For example I use both nmap every day in a non-security-specific context, yet it is generally considered a security tool.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Feb 9th