I'm a 29 years old Swedish security reseacher who run the web site ntsecurity.nu, where I publish a collection of my own security tools for Windows and some other things. I work as an IT Security Research Scientist at the Swedish Defence Research Agency, and prior to that I worked as a Computer Security Engineer at the telecom operator Telia. I hold a university diploma in electronic engineering and a B.Sc. in mathematics from the University of Karlstad. Aside from sitting at a computer several hours a day I read books about psychology, do fitness training, practice martial arts, and in the summer I go inline skating a few hours a week.
How did you get interested in computer security?
In senior high school there was a guy who planted a simple "logic bomb" in some of the school computers. A few other guys managed to "hack" supervisor rights in the school network. I got frustrated by the fact that some people with knowledge (although quite basic in those cases) about "hacking" could destroy and snoop around in computers as they wished. So I decided to learn more than them about it so I would be able to feel more in control of things. At the time I didn't have a clue about how much there was to learn about security, but I've continued to learn ever since.
What operating system(s) do you use and why?
I use several different operating systems, but as a desktop system I prefer Windows XP since I think it has the best GUI (at least after a bit of tweaking). For doing experiments I have a wide range of operating systems and hardware in my private lab. I have most Windows versions, a few Linux distributions, FreeBSD, OpenBSD, AIX, HP/UX, Solaris, IRIX, and a couple of 2500-series and 2600-series Cisco routers, as well as some other stuff.
You are the author of various security tools, which one is your favorite creation?
Although I never wrote a completely stable version of Inzider - the port to process mapping tool - it's one of my favourites since I had the idea for over a year before I wrote it and I tried many different approaches before finding one that worked. Another favourite is WinZapper - the security log editing tool - also because I had the idea for a long time and tried various approaches before finding one that worked. Both became the first tools capable of doing what they do (with the reservation that I don't know if there were any others available in the "underground" before them). I really enjoy picking a new problem to solve and do lots of work trying to figure out a solution, running into other strange problems on the way.
What was it like being the technical editor of the "HackNotes Windows Security Portable Reference"?
It was fun and a new kind of experience for me. I usually read a lot of computer books (I own and have read about 250 or so this far) and I sometimes find small and large errors, have ideas of better ways to do things and so on. So it was really fun to be able to give that kind of input for a book before it was published. With a bit of humour I have to say that unfortunately there weren't so many errors in this one even from the beginning as I would have liked. I guess I just enjoy finding errors and bugs and so on... ;-)
Are there any books you can recommend to our visitors that are just getting into computer security?