Last January, I wrote an article about the SOLDIERX Hacker Database entitled Welcome to the World’s Largest Public Hacker Database which was about some of HDB’s hacker or security profiles, interesting resources and its significance to the OSINT (Open Source Intelligence) community. I received both criticisms and praises about my article so I decided to make another one by interviewing RaT, the High Council President of SOLDIERX, in order to clear up some misconceptions and to know more about SOLDIERX.
RaT has been with SOLDIERX since its formation in 1997, when Clinton H. Weir (Kefka/Ordune/Shto) founded it as an RPG group known as “SOLDIER.” RaT was then appointed as the President of the group and RPGMaster as its Vice President. More detailed information about SOLDIERX’s history can be found on this link which contains the evolution of the “SOLDIER” group to “SOLDIERX,” plus RaT’s adventures and misadventures. He has also written an interesting Hacker Manifesto entitled ‘Updated Hacker Manifesto (The Conscience of a Real Hacker)‘ and I think it is a very interesting read!
RaT is also known for originally cracking the Geek Squad MRI since version 4.8.1 and for coding a tool called Agent Steal, which was written as an apology to Geek Squad for cracking their MRI.
In this interview, RaT shares with us some of his exclusive stories, so sit back and relax…
What is the role of a High Council President in SOLDIERX or what do you usually do?
“My role mostly consists of guiding SOLDIERX in the direction that I think it should be going. I also spend a great deal of time assisting and brainstorming with members of the crew. When I’m not spending time with the crew, I’m generally doing some kind of work with the web server in order to improve site performance. I’m also the primary point of contact for the site, so I usually spend about 1-2 hours a day responding to emails.”
As the president of SOLDIERX, what are the big challenges you usually encounter?
“The largest challenge is trying to find talented people and getting them to do work for free. While hackers are largely driven by passion, the security industry is so lucrative that it’s often very difficult to get people to produce for SOLDIERX. I would say the second largest challenge is trying to keep track of everything and keep things organized. I’m looking forward to reducing my responsibilities to alleviate some of my time constraints.”
The Geek Squad knows the SOLDIERX Crew for cracking their MRI. Can you share why you cracked their MRI and what are the things you discovered from Best Buy’s Geek Squad?
“This has a bit of interesting history back to around 2007-2008 when Durandal was working for Geek Squad as an Agent. He shared a good deal of information that indicated that Best Buy employees were not only ripping off customers, but also harvesting interesting user data (such as nude photos). One of the most interesting stories involved a Geek Squad Agent stalking a customer using information that he found on her personal computer. If you want a good laugh, search for “soldierx” on their private forums.
“Back to the first part of the question, we cracked their MRI at Durandal’s request. After he went into detail about the corruption that was going on within Best Buy and Geek Squad, we felt cracking the software and releasing it for free was the right thing to do.”
Can you explain the philosophy behind the slogan ‘Nobody Can Stop Information Insemination’? Do you have proposed plans and projects to promote information insemination?
“This is actually a throwback to hackers.com in the 90s (their token phrase was “Information Insemination”). I used to talk a great deal with Hyper Viper and had a great deal of respect for him and the rest of the HDC crew. With his permission, we coined the “Nobody Can Stop Information Insemination” slogan to further their ideas of sharing security information freely (even in the presence of hostile government or other oppressors).
“My plans are always based on the capabilities and information that I have at the time. The only constant is that I will continue to push for a community full of free educational resources. At the moment, I’m hoping that the HDB continues to grow and be recognized as the best open source intelligence resource for profiling various individuals in the security or hacking community.”
Do you think we will have a State-segregated Internet?
“I don’t personally think we will. I am of course opposed to this and hope that the security community at large continues to oppose this. In the case that we did have a State segregated Internet, I would hope that hackers would rise to the challenge and come up with innovative ways to get around restrictions and control.”
I read in the SOLDIERX History that you went on a hacking spree and compromised many servers but was brought down by the feds in August 1999. What were the lessons you learned after the takedown? Did you ever regret what you did?
“I learned a great deal about covering your tracks. At that point in time in the 90s, I was using proxies but not much network encryption (such was the standard in the 90s). Long story short, I was caught because I had become a beta tester in my area for high speed Internet (most everybody was using dial-up at this point) and didn’t realize that my traffic was being monitored by my ISP. Without encryption, my proxies ended up being useless as the ISP sent my information over to the FBI and I was arrested shortly after.
“Another lesson I learned with this is that the justice system doesn’t really do much to help people. Aside from the hacking, I was a fairly decent kid. I ended up being sent to a facility with a bunch of gang bangers who I ended up teaching credit card fraud to in order to get their respect. I could probably write a book on this topic, but what I’m getting at is that you come out much more criminal than you were when you went in.
“I regretted the hacking during my punishment for sure. I was very scared that it would negatively affect me later on in life, but luckily it didn’t due to me being a minor. Hacking is a tough one because in many cases it’s hard for you to see where you hurt anybody. In my case, I was mostly just gathering files from various places (such as DISA) to build my ego. I did end up doing one web defacement and I see that as being very immature or lame. I definitely regret the web defacement, as I think you’re definitely causing damage at the point that you tamper with things.”
The SOLDIERX HDB is the largest public hacker database in the net; what made SOLDIERX initiate such a project?
“I’ve been involved in hacking or security for a very long time. As a result, I’ve known a number of individuals and groups throughout the years. I became upset when some of the newer hackers didn’t know who some of the older hackers were. I decided that a database of hackers would be a great way to preserve the history. It’s also a nice way to look somebody up if they give you their name or handle and you want to know their reputation. It took a lot of scouting and coaxing to get people to help me with building it. Luckily, we were able to get a few key people (such as our current curator) and became the largest public hacker database within our first year of hard work.”
The SOLDIERX HDB has been highly acclaimed and, at the same time, badly criticized by some information security professionals, whitehats, and blackhat hackers – what can you say about these critics?
“Honestly, most of the critics have been prima-donnas like Christopher Thompson (aka Space Rogue) who are for some reason upset that the HDB article on them doesn’t coincide with their own over inflated sense of self importance. If you look at these critics, you will find evidence that most (if not all) have very large egos. In the case of Christopher, I’ve seen cases where he has bashed a document for putting the limelight on a member of l0pht that wasn’t him.
“All reasons aside, my only real issue with the critics is that they refuse to offer constructive criticism. They’ll say the HDB is inaccurate – but refuse to give any concrete examples. We really strive for accuracy, so we’re always looking to improve the HDB. We can’t fix mistakes if we don’t know about them. As I’ve said before, we don’t have a monetary budget or a network of snitches like the FBI does. We’re doing the best we can with the resources we have.
“For anybody reading this, we are always looking for more help on the HDB. If you see something that is wrong or missing – please contact our HDB curator (email@example.com).”
Ethical Hacking Boot Camp — 93% Exam Pass Rate
Would you like to share more of your stories about SOLDIERX or some explanations perhaps on some of the misconceptions about your community?
“It’s always tricky to figure out what can be shared without attracting the wrong kind of attention. As far as misconceptions go, I would say the only one I would like to clear up is why we do what we do. We do not do it for money, we do not do it for fame or attention, we do it because we are driven to do it. We love hacking, building, teaching, etc. SOLDIERX is a project of passion. Anything that contradicts that is a misconception.
“Now, I’ll tell a very, very short story. One of my favorites was when some key members of SOLDIERX crashed an iDefense party by bringing Stephen Watt (going by Unix Terrorist at the time) and a few other members of pr0j3kt m4yh3m to the event. Without giving out any identifying information, this was able to happen because one of the members of SX was invited to the iDefense party with the ability to bring guests. By the end of the night, our group of miscreants were behind the bar (at the private suite party following the main party) selling iDefense their own alcohol back to them. There were other awesome things that took place there, such as an all-access card to the Hard Rock getting swiped and cisc0ninja trying to fight club with UT. I’ll let you figure out the rest of the details in order to protect the guilty ;-)”
Want to read another interview? Check out this Interview with Joshua Arvin Lat: the Kaspersky International Cup 2012 and Kaspersky Asia Pacific & MEA Cup 2012 winner.