Alec Muffett Profile picture
everybody deserves good security. see also: @alecmuffett@mastodon.social

Aug 14, 2020, 8 tweets

Earlier today I got a shout-out for a presentation that I did at "Access All Areas 2" in 1995 - a UK @defcon-alike organised by @mala and @FakeDaveGreen (IIRC?)

Thing is: I still have the talk online, and it's mildly significant.

The pitch was "INTERNET TOOL OF DOOM!" which was riffing on the "SATAN" hysteria of the year previous, and also my experienced with publishing Crack, prior:

The attached are my speaker's notes, near verbatim, with some crappy 1996-era HTML added to infix the images and source code of the tools.

What's interesting is that the code cited is essentially a cut-down version of AutoHack which I had developed inside SunMicrosystems a year or two, previously, and had presented at USENIX but was not permitted to open-source. It's a lot like AutoHack v0.1
usenix.org/conference/5th…

In the design you can see a lot of what came subsequently in Nessus and other tools; although much of the functionality which NMap later came to dominate was forged by @cklaus1's original "iss" tool, and of course SATAN and others.

Infosec tooling is a cycle of reinvention.

If you would like to read it for yourself, and scroll back 25+ years of both web design and infosec:
dropsafe.crypticide.com/alecm/presenta…

Also, I'm pretty sure it was the first time I met @thedarktangent, @marcwrogers, @JackGavigan and several other then (and now?) reprobates. :-)

I do sometimes wonder, though, what would have happened if I *had* successfully persuaded my recalcitrant and somewhat conservative management, that there was a net good in releasing AutoHack.

For one thing: Sun would perhaps have owned SOC-as-a-Service offerings...

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling