Black Hat Blues (12 page)
Office and had been slamming open source and Linux programmers
left and right for writing unsecure code.
As an open source contributor himself, Ollie naturally bristled, and
once he’d heard some of the total bull hockey that those clowns had
been spouting, his ire raised even more. Apparently at least half the
things they were talking about weren’t exploits but just crash bugs they
were presenting as vulnerabilities, and Ollie wouldn’t have been sur-
prised if the rest turned out to be bogus too. He decided to approach
one of the speakers, a hacker named Rstr, and politely confront him
about one of the more egregious claims he’d made.
Ollie tried to be civil. He tried to give the guy the benefit of the
doubt. But Rstr was having none of it, and as soon as Ollie started to
ask his question, the jerk just laid into him. Called him a fat, know-
nothing geek who couldn’t hack is way into a Tiajuana stripper’s pant-
ies. Ollie recoiled at first and started to turn away, but the guy kept
at him. Ollie wasn’t fat first of all. He was beefy. He was big. He also
lifted weights in his garage and could run five miles. Rstr kept gabbing
so Ollie stopped, turned back around and pulled the guy up by his
shirt collar.
He had no intention of hitting the guy, or hurting him. But he did
want to make him listen. He did want the little jerk to understand that
he wasn’t some fat ass sys admin who sat around all day eating donuts
58
Geek Mafia: Black Hat Blues
and deleting spam. He was a freaking penetration tester for the U.S.
government and he knew his freaking shit!
“I have top secret clearance. I go to training sessions run by the
NSA. I make a living breaking into military grade hardened systems.
And you know what I know? I know a lame-ass crash bug when I see
one. I know a lazy mind that can only tear down and never build up
when I see one. And I know someone who couldn’t hack his own dick
out of his pants when I see one.” Ollie let go of the gobsmacked weasel
and headed out to get some fresh air. Behind him people were whisper-
ing. Someone cheered. Then a bunch of people laughed. No one said
anything to him.
A half-hour wandering by the water and a shower and shave in his
hotel room and Ollie felt like his heart was almost back to normal. He
hated to lose control like that, to confront people like that. It was just
lame and it did no more good than arguing with some troll online. He
doubted he’d accomplished anything with that Rstr guy besides pissing
him off and no doubt making him hate Ollie forever, and Ollie hated
it when people hated him. He hoped the guy and his friends wouldn’t
show up here at the party tonight, but he didn’t think they would. He
was far from the only one who hadn’t liked their talk.
Ollie sat at the bar and watched as the place filled up. It was, he sup-
posed, kind of a dive bar, but it was trying to be cool with its red lights
and avant-garde paintings on the walls. And he supposed it probably
was pretty cool. He wasn’t much of a bar aficionado. He decided to
have a beer, which was unusual, as he didn’t much like beer. But he’d
discovered that people in bars were more comfortable talking to him
when he had a drink, and he felt like this was his last big chance to do
some real networking.
The place filled up pretty quick, with no sign or the three jerks (yay!)
or Toni (boo!). He nodded and said hi to people he recognized, and
caught up with a few old acquaintances he hadn’t had a chance to chat
with yet. He bought more than his share of drinks for them, which was
fine since two hours later he was nursing his second beer. Everything
was fine, if not thrilling, and the place was packed. Then they walked
in, all four of them, together.
Toni had Rstr on her arm. She was taller than him, maybe even
heavier too, and he looked like he was just lucky to be with her. She
wore a cocktail dress he could only describe as slinky black, while he
still had on the t-shirt and jeans he’d been wearing when he gave his
talk. They got a lot of looks as they walked through the door, Rstr’s
Rick Dakan
59
two friends trailing along behind. Ollie finally gasped for air once he
realized he’d been holding his breath. Well fine, if that’s what she was
interested in. Then fine. Just fine.
He tried to ignore them as best he could, but they were loud and
obnoxious, and ended up forcing their way to the bar only about five
feet from where Ollie had sat perched since he arrived. If Rstr had
noticed him, he was pretending he hadn’t. Ollie decided to do the same.
Now that they were close, he could hear their conversation, and for the
first time he smiled. Rstr was trying to impress Toni; that was clear
enough. But Ollie recognized the patter he was laying out—they were
the kinds of pick-up lines he’d read about in books on seducing women
like
The Game
. Toni was having none of it, turning almost everything
Rstr said into a joke, most of the time at the jerk’s own expense. But
he laughed along anyway, either clueless or, more likely, too fixated on
getting in Toni’s pants to let her know he was offended.
“These guys are all intimidated by me in here,” Rstr said, leaning
with his back against the bar, elbows propped on the edge in a way that
might have been cool if he was five inches taller.
“Intimidated by sweet, little you?” Toni said, sipping a red drink from
a martini glass. “That just doesn’t seem possible.”
“I told you, we kicked ass today. I’ll buy you a DVD of it
tomorrow.”
“Won’t they be free online soon? You should save your money,
dear.”
“I get ‘em free because I was a speaker. You can have it.”
“Isn’t that sweet of you. I am sorry I missed it though. Everyone
seems to be talking about you guys.”
“That they are,” he said. Ollie couldn’t stand the smugness in his
voice. He wanted to point out that they were saying bad things mostly,
but didn’t trust himself not to lose his cool.
“Why I heard you almost got in a fight, people were so upset,” Toni
said. More like purred.
Ollie stared directly at Rstr, who studiously looked every other direc-
tion. “Nah, that was nothing. Just a little disagreement that got out of
hand. Besides,” he said, leaning towards Toni and touching her bare
shoulder, “I’m a lover, not a fighter.”
Toni laughed, and not in a way that sounded particularly appreciative
of Rstr’s claim. “I can’t believe that’s true.”
“Why not?”
“Because you spent all afternoon picking fights.”
60
Geek Mafia: Black Hat Blues
“I did not!” Rstr protested. “I was releasing exploits. That’s one of the
reasons we have these cons in the first place isn’t it? I’m holding people
responsible for their shoddy, leaky code.”
“Oh, and here I thought you were just trying to get everyone riled up.
Wait. Are you telling me you were serious this afternoon?”
“Yeah, of course.”
Toni laughed and laughed. She laughed long enough that Rstr started
to laugh along uncomfortably. “Oh dear, that’s just too precious. I
watched the video you know. I swore to my friends that it was perfor-
mance art—a prank designed to poke fun at self-righteous blow hards
who come to these things and try and show off.” She laughed some
more. “But you were serious? Ohh, that’s just too cute.”
Ollie chuckled silently on his bar stool and watched. Rstr had noth-
ing to say, although the look on his face indicated that he was mentally
trying out a number of different comebacks. Finally he gave up and just
turned his back on Toni and started talking to his friends, pretending
that he didn’t even know who she was. Toni looked away, flashing her
bright white teeth at Ollie and smiling at him. He nodded at her, still
laughing to himself. She came over and stood next to him, quite close
in fact, since the bar was so crowded.
“What an asshole,” she said.
“He is that,” Ollie agreed. Her perfume was a little strong for his
tastes, but he decided he didn’t mind. It was worth her standing so
close. “You really put him in his place.”
“You think so? Thanks. Really, I was just sick of listening to him
babble on and on. Plus he needs a shower.”
Ollie was glad he’d showered again before going out. He’d figured
out that not showering during a hacker con wasn’t really a sign of hard
coreness or dedication, but rather lazy and probably impolite. “So,” he
said, mentally pulling up the file with the questions he’d prepared for
this occasion. “Have you been enjoying the con so far?”
“I have!” Toni replied with some genuine seeming enthusiasm. “I’ve
met just tons of interesting folks and maybe even learned a thing or
two along the way. How ‘bout you?” She patted his knee. “You having
a good time?”
“Oh, yeah, of course. It’s a really great con. But what do you do?
Why’re you here?”
“I’m a consultant,” Toni said. “My firm provides integrated solutions
and risk assessment analyses for mid-sized light industrial, service, and
financial service companies in the U.S. and overseas.”
Rick Dakan
61
“And you work in computer security?”
“Not even a little bit. OK, maybe a teeny, tiny little bit. No, I’m
tasked with recruitment.”
“So, you’re here looking for recruits?” Ollie had a wild mixture of
excitement and disappointment. On the one hand he felt let down that
Toni wasn’t actually a hacker. It was always nice to meet girl hackers,
especially because they were so rare. He’d kept track over the years and
the number of girls at hacker cons was pretty universally between 5 and
7%, a huge chunk of which were somebody’s significant others who had
come along for the fun of it. On the other hand, she was hiring! “What
kind of people are you looking for?”
“Ohhh, we’re pretty flexible. No, that’s not true. We’re not flexible
at all—our standards are very high and we only recruit the best of the
best. But we’re not tied to traditional ‘good resumes’ or work-experience
patterns. The most important thing is massive talent that’s firmly guided
by a disciplined brain and solid work ethic. Do you know anyone like
that?” She winked at him as she finished.
“Hmmmmm. I think I know a couple people like that. But I only
know one of them who’s thinking about making a career change. What
kind of work does it entail?”
“The jobs vary from client to client and week to week. We specialize
in troubleshooting and high-quality, hi-result testing and evaluation.
Find out what’s wrong, fix it if we can, or farm it off to another com-
pany if the fix is too long term or resource intensive for us.”
“Do you do much pen testing?” Please say yes, please, please say
yes…
“Well, a lot of companies these days are moving away from pen
testing, the argument being that they don’t provide realistic or com-
prehensive pictures of the company’s true security vulnerabilities. But
we disagree. Pen tests are a key part of our consulting packages.” She
grinned at him. “Plus they’re a lot of fun.”
“I agree with all of that. Not the first part I mean. But about being
useful and fun.”
“I should hope so. You’re a pen tester after all.”
“So you’re hiring full time?”
“We don’t quite work like that. It’s a little more complicated at
first.”
“How do you work?”
Toni looked around the packed bar. “It’s loud and crowded in here,
and who knows who’s listening in.” She held out her hand and he took
62
Geek Mafia: Black Hat Blues
it, suddenly surprised that she was pulling him to his feet. “Why don’t
you show me that view of the stadium from your room and we can talk
it over.”
He laughed out of some heady mixture of nervousness, surprise, and
elation. Not sure what to say, he just let her lead him out of the bar by
the hand. Even Rstr couldn’t help but notice them.
Chloe
You would think a two thousand dollar cell phone would be able to
get a signal inside, but in this case it just didn’t. And it was easier to
walk outside than dig the satellite phone out. And it gave her an excuse
to escape the hotel room. Not that what was going on in the hotel room
wasn’t exciting—it was, but it was also nerve-wracking. Everything
seemed to be working like they’d hoped it would. This wasn’t much of a
surprise though, since they’d tested and re-tested everything they could
and c1sman really was as good as Paul said he was. Equally important,
most of the targets were just as clueless as Chloe had assured everyone
they would be. Live long enough with the kind of knowledge that’s
common in hacker circles, and you start to get paranoid about every
possible vector for attack. Live out in the real world of Washington
politics and you just take the fact that your Blackberry works as a given.
Instead you become obsessed with vectors for political attack. Chloe
and Paul had figured out a way to not only exploit that blind spot in the