Sir Dystic

From Wikipedia, the free encyclopedia

Sir Dystic
Sir Dystic

Josh Buchbinder,[1] better known as Sir Dystic, has been a member of CULT OF THE DEAD COW (cDc) since May 1997,[2] and is the author of Back Orifice.[1][3] He has also written several other hacker tools, including SMBRelay, NetE, and NBName.[4] Sir Dystic has appeared at multiple hacker conventions, both as a member of panels and speaking on his own. He has also been interviewed on several television and radio programs[5][6] and in an award-winning short film about hacker culture in general and cDc in particular.[7]

Dystic's pseudonym is taken from a somewhat obscure 1930s bondage comic character named "Sir Dystic D'Arcy." According to the cDc's Sir Dystic, his namesake "tried to do evil things but always bungles it and ends up doing good inadvertently."[7][8]

Sir Dystic now works for Zone Labs of San Francisco, maker of the popular Antivirus and firewall program ZoneAlarm.

Contents

[edit] Software

Sir Dystic and Dildog
Sir Dystic and Dildog

[edit] Back Orifice

Main article: Back Orifice

Back Orifice (often shortened to BO) is a controversial computer program designed for remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location. The name is a pun on Microsoft BackOffice Server software. The program debuted at DEF CON 6 on August 1, 1998. It was the brainchild of Sir Dystic, a member of the U.S. hacker organization CULT OF THE DEAD COW. According to the group, its purpose was to demonstrate the lack of security in Microsoft's operating system Windows 98.[1][3]

According to Sir Dystic, "BO was supposed to be a statement about the fact that people feel secure and safe, although there are wide, gaping holes in both the operating system they're using and the means of defense they're using against hostile code. I mean, that was my message and BO2K really has a different message."[9] Vnunet.com reported Sir Dystic's claim that this message was privately commended by employees of Microsoft.[10]

[edit] SMBRelay & SMBRelay2

Main article: SMBRelay

SMBRelay and SMBRelay2 are computer programs that can be used to carry out SMB man in the middle (mitm) attacks on Windows machines. They were written by Sir Dystic and released 21 March 2001 at the @lantacon convention in Atlanta, Georgia.[11]

In an interview with The Register, Sir Dystic explained his reasons for writing the programs as a response to Microsoft wanting "their products to have as much backward compatibility as possible; but by continuing to use protocols that have known issues, they continue to leave their customers at risk to exploitation."[11]

[edit] NBName

Main article: NBName

NBName is a computer program that can be used to carry out denial-of-service attacks that can disable NetBIOS services on Windows machines. It was written by Sir Dystic and released 29 July 2000 at the DEF CON 8 convention in Las Vegas.[12] Sir Dystic reported the issue that NBName exploits to Microsoft; he was acknowledged in a security bulletin.[13]

[edit] External link

[edit] References

  1. ^ a b c Richtel, Matt. "Hacker Group Says Program Can Exploit Microsoft Security Hole," New York Times 4 August 1998. Retrieved 24 April 2007.
  2. ^ cDc communications. "CULT OF THE DEAD COW Team Bio." Retrieved 18 May 2006.
  3. ^ a b cDc communications. "Back Orifice Press Release." CULT OF THE DEAD COW Press Release, 21 July 1998. Retrieved 18 May 2006.
  4. ^ cDc communications. "CULT OF THE DEAD COW Killa Apps." Retrieved 18 May 2006.
  5. ^ "Cyber Attack." Panorama, 3 July 2000. Retrieved 18 May 2006.
  6. ^ "Interview with Sir Dystic." Today programme, 13 April 2000
  7. ^ a b Oakes, Chris. "Hack-umentary, the E-Film." Wired News, 14 February 2000. Retrieved 18 May 2006.
  8. ^ Rowe, William. "Big 10 Hackers Going Legit." 14 April 2000. Retrieved 18 May 2006.
  9. ^ Starke, Thom. "An Interview with Sir Dystic." 15 July 1999. Retrieved 18 May 2006.
  10. ^ Pennington, Sylvia. "Hackers hold key to computer security, conference told." vnunet.com, 4 November 1999. Retrieved 18 May 2006.
  11. ^ a b Greene, Thomas C. "devastates WinNT/2K security." The Register online edition, 19 April 2001. Retrieved 18 May 2006.
  12. ^ Harrison, Ann. "Warnings about security holes abound at Def Con." Computer World online edition, 1 August 2000. Retrieved 18 May 2006.
  13. ^ "Patch Available for 'NetBIOS Name Server Protocol Spoofing' Vulnerability." Microsoft Security Bulletin (MS00-047), 27 July 2000. Retrieved 18 May 2006.