Peiter Zatko

Mudge (right) with Grandmaster Ratte' at DEF CON 14, August 2006

Peiter C. Zatko, better known as Mudge, was a member of the high profile hacker think tank the L0pht^[1] as well as the long-lived computer and culture hacking cooperative The Cult of the Dead Cow. He is now a program manager at DARPA where he will help fund research to defeat cyber attacks.^[2]

Born in December 1970, Mudge graduated from the Berklee College of Music and is an adept guitar player.^[2]

Mudge was responsible for early research of a security vulnerability known as the buffer overflow. In 1995 he published "How to Write Buffer Overflows", one of the first papers on the topic.^[3] He published several security advisories on vulnerabilities in Unix and was a leader in the full disclosure movement. He was the initial author of security tools L0phtCrack, AntiSniff, and l0phtwatch.

Mudge was one of the first people from the hacker community to reach out and build relationships with government and industry. In demand as a public speaker, he spoke at hacker conferences such as Defcon^[4] and academic conferences such as Usenix.^[5] Mudge has also been a member of CULT OF THE DEAD COW since 1996.^[6]

He was one of the seven L0pht members who testified before a Senate committee in 1998 that they could bring down the Internet in 30 minutes.^[7] When L0pht was acquired by @stake in 1999, he became the vice president of research and development and later chief scientist.^[8]

In 2000, after the first crippling Internet distributed denial of service attacks, he was invited to meet with President Bill Clinton at a security summit alongside cabinet members and industry executives.^[9]

After leaving @stake in 2002^[10] he disappeared from the information security scene before resurfacing as a technical advisor to "insider threat" company Intrusic.^[11]

In 2004 he became a division scientist at government contractor BBN Technologies,^[12] where he originally worked in the 1990s, and also joined the technical advisory board of NFR Security.^[13]

In 2006 he was one of the subjects of an article entitled Hoaxers, Hackers, and Policymakers: How Junk Science Persuaded the FBI to Divert Terrorism Funding to Fight Hackers, published in the March/April 2006 edition of Skeptical Inquirer magazine.

On 11 August 2007 he married Sarah Lieberman, a co-worker at BBN.^{[citation needed]}

In February 2011, it was announced that he would be project manager of a DARPA project focused on developing tools to help the U.S. Government protect against cyberattacks.^[14] Specifically, he was project manager for DARPA's Cyber Insider Threat (CINDER) program, which had the goal of detecting "insider threats" like the Wikileaks sources. ^[15]

At Shmoocon 2011, he announced work on an initiative to make funding available to independent security researchers and hackerspaces. ^[16]

References

1. Security Scene Errata^{[dead link]}
2. ^ Hacker Mudge Gets DARPA Job
3. How to Write Buffer Overflows
4. DEF CON V Archives
5. An Interview with Mudge
6. CULT OF THE DEAD COW Team Bio
7. U.S. Senate Press Release: HEARINGS ANNOUNCED ON COMPUTER SECURITY FAILURES IN GOVERNMENT
8. The L0pht, renowned 'hacker think-tank,' to join @stake
9. Clinton fights hackers, with a hacker^{[dead link]}Archive copy at the Wayback Machine
10. The Demise of @Stake?
11. Intrusic: Intrusic Team
12. Hacker 'Mudge' Returns to BBN
13. NFR Security Adds Leading Security Industry Experts to Technology Advisory Board
14. Hacker 'Mudge' gets DARPA job
15. Darpa’s Star Hacker Looks to WikiLeak-Proof Pentagon, Spencer Ackerman, Wired, August 31, 2010, retr 2011 12 5
16. DARPA seeks security expertise from a nontraditional source: the hacker community

External links

• Usenix talk (MP3)