CEO of Nethemba - Slovak IT security company founded in 2007, primarily focused on web application security and various penetration tests.
AS A way 0f lifE
USEFUL LESSONS FROM A LIFE of ONE HACKER
For my first 8-bit Atari XE/XL I created a special software "Wild Coder" to help "Pirate groups" to create "DRM protected" copies of their sold software (in order to put other pirate groups out of their business :)
1989 - 1993 My first computer
HaCKING IS AN INNOVATIVE APPROACH TO ANY PROBLEM.
HACKING CAN BE FOR FUN OR PROFIT.
My father refused to buy me this beautiful AMIGA 1200:
1994 MY FIRST PC
And instead, he bought me this ugly PC!
IT DOES NOT MATTER WHAT KIND OF COMPUTER YOU HAVE.
YOU CAN BE ULTRA HACKER WITH YOUR CALCULATOR
When I was 16 years old, I attended my best & first geek party!
Demobit 95 (the first Czech&Slovak demoscene party)
1995 DEMOBIT PARTY
HACKERS LOVE PARTIES.
THEY ORGANiZE HUGE CAMPS AND CONFERENCES (CCC)
I decided to study at FEI STU in Bratislava (because they had the best BBS & FTP server :-)
My first real hacking started with UNIX (Ultrix, Digital UNIX, IRIX, FreeBSD) ended up with Linux (now I use Linux for more than 22 years).
With my friends, we created the first chat Internet app!
(many years before Facebook :)
I learned to reveal a lot of vulnerabilities in many Unix/Linux servers and understood how network and application security worked (wrote the first buffer overflow exploit :-)
1997 MY UNIVERSITY STUDIES
REAL HACKERS (USUALLY) STARTED WITH UNIX/LINUX SYSTEMS.
AND THEY FEEL COMFORTABLE IN ANY LANGUAGE
1999-2000 PRIELOM MAG
I started to publish technical hacking articles in Prielom / Hysteria (the first CZ-SK hacker's magazine)
With my friends, we organized the first international IT security conference in Prague / Strahov and I had the first practical hacking presentation in Congress Centre / Prague
HACKING IS A CONSTANT LEARNING.
A COMMUNITY IS THE BEST SOURCE OF KNOWLEDGE.
USE IT AND RETURN YOUR KNOWLEDGE BaCK TO THE COMMUNITY.
2002 - 2006 PROFESSIONAL CARRIER
I finished my university studies (FEI STU and FEL-ČVUT) with my master thesis focused on ultra-secure systems.
I got crucial ethical IT security/ethical hacking certificates.
I gained a lot of practical experiences with penetration testing / ethical hacking in many companies.
And I realized that hackers could live a comfortable life :-)
UNIVERSITY DEGREE OR SECURITY CERTIFICATION CAN HELP YOU FIND A BETTER JOB and GAIN BETTER CONNECTIONS.
BUT THEY DO NOT MAKE YOU NECESSARILY A BETTER HACKER.
EXPERIENCE AND CONSTANT LEARNING DO.
2007 MY FIRST COMPANY
I became a voluntaryist - I believe that all relationships have to be mutually voluntary and reject the other ones.
I created my first IT security company Nethemba based on voluntaryist principles
Every hacker can voluntarily choose a project he or she wants to participate for a price he or she willingly accepts.
HACKERS ARE CREATIVE PEOPLE WHO LOVE FREEDOM.
THEY HATE COERCION.
THEY WANT TO CHOOSE THEIR PROJECTS & REWARDS.
2008 FIRST SECURITY PAPER
In Nethemba, we published a paper "SMS public transport tickets vulnerabilities" describing a serious problem related to easy sharing of SMS tickets https://nethemba.com/resources/SMS-ticket-hack4.pdf
Despite the fact the vulnerabilities were evident, all public transport companies refused to accept these vulnerabilities or just ignored them.
It took a few years for some people to implement a smartphone app "Fare Bandit," which allows sharing SMS tickets easily.
DON'T BE DESPERATE with your first findings:
First, they ignore you; then they laugh at you, then they fight you, then you win.
2009 THE REAL HACKING TOOL
In Nethemba, we released Mifare Classic cracker - the first opensource tool that allows cracking more than one billion of Mifare Classic cards (few millions just in the Czech Republic and Slovakia).
Cracked private keys allow arbitrary manipulation or cloning of all affected Mifare Classic cards.
DO NOT AFRAID TO PUBLISH SERIOUS VULNERABILITIES THAT MAY AFFECT A LOT OF PEOPLE.
ESPECIALLY IN THIS SITUATION, IT IS EXTREMELY IMPORTANT for their privacy.
2010 ANOTHER SMS HACK
In Nethemba, we released a presentation and paper "Vulnerabilities in SMS parking tickets"
how anyone can pay for your parking place USING CALLER ID SPOOFING.
Despite the fact we contacted mobile operators many months before, it took them years to fix this vulnerability.
ETHICAL advice FOR GOOD HACKERS:
ALWAYS FOLLOW A RESPoNSIBLE DISCLOSURE POLICY AND CoNTACT a VENDOR/SERVICE PROVIDER FIRSTLY
2010 THE FIRST HACKERSPACE
With a bunch of friends, we started the first hackerspace in Slovakia - Progressbar in Bratislava accumulating all local hackers, organizing the first hacker's events.
We started to visit & enjoy hacker's conferences & camps.
JOIN YOUR LOCAL HACKERSPACE COMMUNITY!
OR PUT TOGETHER ALL EXPLORATIVE HACKER-MINDED PEOPLE aND BUILD YOUR OWN HACKERSPACE!
2011 MY FIRST ARTISTIC PROJECT
I became a member of Czech contemporary art group Ztohoven.
And I participated in my first Ztohoven's project "Moral reform" where we re-used the caller ID spoofing hack towards Czech parliament, prime minister, ministries and of course Czech president!
ARTISTS and hackers are all both explorative people.
THEIR MUTUAL COOPERATION CAN BRING EXTRA-ORDINARY AND MIND-BLOWING RESULTS.
MAKE A FRIENDSHIP WITH YOUR LOCAL ARTIST OR HACKER!
2011 TRAVEL HACKING GUIDE
With my friends, we started to write a collaborative project - Travel Hacking Guide (unfortunately in Slovak language only):
How it is possible to travel cheaply and easily anywhere in the world!
YOU CAN BE A HACKER IN ANY AREA WHERE YOU FIND AN INNOVATIVE APPROACH TO SOLVE PROBLEMS.
2014 PARALELNÍ POLIS
The fusion of Ztohoven artists and hackers led to the creation of Paralelni Polis in Prague!
A unique place of freedom that promotes ideas of parallel society & crypto technologies. Accepting cryptocurrencies only. Based on original ideas of Vaclav Benda / Charta 77.
At the same time, we started a world's cryptoanarchist conference HCPP!
MANY HACKERS ARE CRYPTOANARCHISTS.
THEY BELIEVE THANKS TO CRYPT TECHNOLOGIES like CRYPTOCURRENCIES, DECENTRALIZATION or ANONYMIZATION, WE CAN ACHIEVE A NEW KIND OF BOTH ECONOMIC AND PERSONAL FREEDOM.
2014 ETHICAL REFLECTIONS
Because of ethical and economical reasons, we started an initiative:
"We don't work for governments & governments institutions".
Now we have more than 20 companies that did the same ethical decision.
HACKERS HONOUR FREEDOM & PRIVACY
BUT by WORKING FOR THE GOVERNMENT, you legitimize:
1. censor (we have A censorship in the Czech Republic + Slovakia)
2. upcoming financial dictatorship (EET, eKasa)
3. DISCRIMINATORY distribution of all grants or subsidies.
4. any UNFAIR behavior of your government (e.g., massive surveillance, spying)
2015-2016 ANOTHER NOTABLE ARTISTIC PROJECT
In Ztohoven we finished the project "President's dirty red pants" and "Decentralization of power."
The goal was to show that any president function is a post-monarchist and obsolete relict. We should not trust society with a dominant alpha-male, and we should call for a decentralization of power.
MANY Hackers have problems with authorities.
WOULD YOU HACK AN OPPRESSIVE GOVERNMENT OF NORTH KOREA, CHINA OR RUSSIA?
WHERE IS A BORDER OF "ACCEPTED OPPRESSION" according to you?
2017 HACKTROPHY BUG BOUNTY
With my friends, we launched the first Central European hacking platform https://hacktrophy.com with more than 1000+ registered hackers.
It allows anyone to submit his or her website and use the power of a hacking crowd to hack it.
EXPERIEnCED hACKERS DO NOT NEED TO BE EMPLOYED ANYWHERE or WORK FOR THE BLACKHAT.
THEY CAN EARN A LOT OF MONEY FROM BUG BOUNTIES.
2017-2019 STATE HACKING
I have become a perpetual traveler & state hacker,
and started to work on my "OPT OUT" plan:
- I almost completely switched from bank accounts to cryptocurrencies
- I gave up my permanent residency in Slovakia. I gained a permanent residency in Panama. I also became a citizen of Liberland
- We started service https://Liberation.Travel to help European citizens to give up their residency in the EU and gained the new one in Panama.
- I started to use a global mobile operator (Google FI), global healthcare insurance company (SafetyWing)
DUE TO POLARIZATION OF the first and second realm, STATE HACKING is becoming more popular:
ACHIEVING BOTH PERSONAL AND ECONOMIC FREEDOM USING GLOBALITY AND FLEXIBILITY
DESPITE HACKERS ARE MOSTLY STRONG INDIVIDUALISTS, THEY SHARE & CARE.
Hacking is a state of mind.
Hacking as a way of life (PP version)
By Pavol Luptak