Five Hackers Who Left a Mark on 2006

By Ryan Naraine  |  Posted 01-02-2007 Print Email
In a year that will be best remembered for zero-day malware attacks, five members of the hacking—er, security research—community pushed vulnerability research to new heights.

In the security year that was 2006, zero-day attacks and exploits dominated the headlines.

However, the year will be best remembered for the work of members of the hacking—er, security research—community who discovered and disclosed serious vulnerabilities in the technologies we take for granted, forced software vendors to react faster to flaw warnings and pushed the vulnerability research boat into new, uncharted waters.

In no particular order, here's my list of five hackers who left a significant mark on 2006 and set the stage for more important discoveries in 2007:

H.D. Moore

H.D. Moore has always been a household name—and a bit of a rock star—in hacker circles. As a vulnerability researcher and exploit writer, he built the Metasploit Framework into a must-use penetration testing tool. In 2006, Moore reloaded the open-source attack tool with new tricks to automate exploitation through scripting, simplify the process of writing an exploit, and increase the re-use of code between exploits.

Moore's public research also included the MoBB (Month of Browser Bugs) project that exposed security flaws in the world's most widely used Web browsers; a malware search engine that used Google search queries to find live malware samples; the MoKB (Month of Kernel Bugs) initiative that uncovered serious kernel-level flaws; and the discovery of Wi-Fi driver bugs that could cause code execution attacks.

Love him or hate him—hackers marvel at his skills while software vendors decry his stance on vulnerability disclosure—Moore's work nudged the security discussion to the mainstream media and confirmed that vulnerability research will remain alive in 2007.

Jon "Johnny Cache" Ellch and David Maynor

At the Black Hat Briefings in Las Vegas, Jon "Johnny Cache" Ellch teamed up with former SecureWorks researcher David Maynor to warn of exploitable flaws in wireless device drivers. The presentation triggered an outburst from the Mac faithful and an ugly disclosure spat that still hasn't been fully resolved.

For Ellch and Maynor, the controversy offered a double-edged sword. In many ways, they were hung out to dry by Apple and SecureWorks, two companies that could not manage the disclosure process in a professional manner. In some corners of the blogosphere, they were unfairly maligned for mentioning that the Mac was vulnerable.

However, among security researchers who understood the technical nature—and severity—of their findings, Ellch and Maynor were widely celebrated for their work, which was the trigger for the MoKB (Month of Kernel Bugs) project that launched with exploits for Wi-Fi driver vulnerabilities.

Since the Black Hat talk, a slew of vendors—including Broadcom, D-Link, Toshiba and Apple—have shipped fixes for the same class of bugs identified by Ellch and Maynor, confirming the validity of their findings.

Maynor has since moved on, leaving SecureWorks to launch Errata Security, a product testing and security consulting startup.



 

Submit a Comment

Loading Comments...
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date