|This article needs additional citations for verification. (August 2008)|
|Purpose||Hacker think tank|
|Affiliations||CULT OF THE DEAD COW|
L0pht Heavy Industries (pronounced "loft") was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. The L0pht was one of the first viable hackerspaces in the US.
The second character in its name was originally a slashed zero, a symbol used by old teletypewriters and some character mode operating systems to mean zero. Its modern online name, including its domain name, is therefore "l0pht" (with a zero, not a letter O or Ø).
The origin of the name may be traced to the fact that Brian Oblivion and Count Zero, two of the founding members of L0pht shared a common loft space in Boston with their wives, who ran a hat business on the other side. There they experimented with their own personal computers, equipment purchased from the Flea at MIT, and items obtained from dumpster diving local places of interest.
L0pht was founded in 1992 in the Boston area as a location for its members to store their computer hardware and work on various projects. In time, the members of L0pht quit their day jobs to start a business venture named L0pht Heavy Industries, a hacker think tank. The business released several security advisories and produced widely used software tools such as L0phtCrack, a password cracker for Windows NT. On May 19, 1998, all seven members of L0pht (Brian Oblivion, Kingpin, Mudge, Space Rogue, Stefan Von Neumann, John Tan, Weld Pond) famously testified before the Congress of the United States that they could shut down the entire Internet in 30 minutes.
In October 1999 L0pht was featured in a lengthy article in the New York Times Sunday Magazine. In the article Jeffrey Hunker, NSC's then Director of Information Protection, raved about L0pht, "Their objective is basically to help improve the state of the art in security and to be a gadfly, so to speak."
In January 2000, L0pht Heavy Industries merged with the startup @stake, completing the L0pht's slow transition from an underground organization into a "whitehat" computer security company. Symantec announced its acquisition of @stake on September 16, 2004, and completed the transaction on October 8 of that year.
On March 14, 2008, several members of L0pht sat at a panel at a standing-room-only group of infosec professionals at SOURCE:Boston. Present were Weld Pond, John Tan, Mudge, Space Rogue, Silicosis and Dildog.
As L0pht occupied a physical space, it had real expenses such as electricity, phone, Internet access, and rent. Early in the L0pht's history these costs were evenly divided among L0pht members. In fact, L0pht originally shared a space with a hat-making business run by the spouses of Brian Oblivion and Count Zero, and the rental cost was divided between these. This was soon subsidized by profits made from selling old hardware at the monthly MIT electronic flea market during the summer.
Occasionally, shell accounts were offered for low cost on the L0pht.com server to selected individuals; while these individuals had access to the L0pht.com server they were not members of L0pht. One of the first physical products sold for profit by L0pht was a POCSAG decoder kit, which was sold in both kit and assembled form. Subsequently, the Whacked Mac Archives were transferred to CD-ROM for sale, soon followed by CD copies of the Black Crawling System Archives. The command line version of L0phtCrack, the password cracker for Windows NT, was given away free, but the GUI version was sold as a commercial product. This was followed by the creation of the Hacker News Network website to host advertisements. However, even with these sources of income, L0pht barely broke even, and eventually began doing custom security coding for companies like NFR.
In January 2009, L0phtCrack was acquired by the original authors Zatko, Wysopal, and Rioux from Symantec. L0phtCrack 6 was released at the SOURCE Boston Conference on March 11, 2009. L0phtCrack 6 contains support for 64-bit Windows platforms as well as upgraded rainbow tables support.
L0pht membership varied but included at various times:
- Brian Oblivion
- Count Zero
- Golgo 13
- Space Rogue 
- Thomas Icom (Ticom)
- Weld Pond
- White Knight
- Mudge - later became a program manager at DARPA and now works for Google
- tan (John Tan)
- The Flea at MIT | The MIT Radio Society
- Smolan, Rick; Erwitt, Jennifer (1996). L0pht dumpster diving cited in 24 Hours in Cyberspace by Rick Smolan and Jennifer Erwitt. QUE Macmillan. ISBN 978-0-7897-0925-7. Retrieved 2008-12-12.
- "Online NewsHour: L0pht on Hackers". 1998-05-08. Archived from the original on 2000-03-11.
- "Weak Computer Security in the Government: Is the Public at Risk?". 1998-05-19. Archived from the original on 2011-07-21.
- Bruce Gottlieb (1999-10-03). "HacK, CouNterHaCk". The New York Times.
- "Odd coupling links hackers with security firm". 2000-01-07. Archived from the original on 2004-11-16.
- "Symantec Completes @stake Acquisition". 2004-10-08. Archived from the original on 2004-10-09.
- "SOURCE:Boston L0pht Panel on the SOURCE:Boston blog". Retrieved 2008-03-14.
- "Brian Oblivion on "function and direction of the L0pht" in 1998". Archived from the original on 1998-02-05. Retrieved 2008-12-12.
- "NFR and L0pht to Deliver Improved IDS". InfoSecNews.org. Archived from the original on 2007-05-10.
- Fitzgerald, Michael (2007-04-17). "L0pht in Transition". CSO.
- "L0pht Heavy Industries Home Page". Retrieved 2008-04-20.
- "Space Rogue from L0pht and Hacker News Network Joins Tenable Network Security". Retrieved 2014-01-07.
- "Internet Archive Wayback Machine saved copy of Stefan's L0pht Heavy Industries Home Page". Archived from the original on 1999-02-20. Retrieved 2008-12-12.
- Current L0pht homepage
- The Hacker News Network
- L0phtCrack homepage
- Black Crawling Systems Archive CD
- Space Rogue's Blog
- Kingpin Empire
- Legacy of the L0pht[dead link] April 9, 2014
- "Hacking Around". PBS NewsHour. 1998-05-08. Archived from the original on 1999-10-12. Retrieved 2015-04-01.
- "U.S. Senate Press Release: Hearings Announced on Computer Security Failures in Government". US Senate. Archived from the original on 2011-09-27. Retrieved 2015-04-01.