Pavol Luptak
CEO of Nethemba - Slovak IT security company founded in 2007, primarily focused on web application security and various penetration tests.
For my first 8-bit Atari XE/XL I created a special software "Wild Coder" to help "Pirate groups" to create "DRM protected" copies of their sold software (in order to put other pirate groups out of their business :)
My father refused to buy me this beautiful AMIGA 1200:
And instead, he bought me this ugly PC!
When I was 16 years old, I attended my best & first geek party!
Demobit 95 (the first Czech&Slovak demoscene party)
I decided to study at FEI STU in Bratislava (because they had the best BBS & FTP server :-)
My first real hacking started with UNIX (Ultrix, Digital UNIX, IRIX, FreeBSD) ended up with Linux (now I use Linux for more than 22 years).
With my friends, we created the first chat Internet app!
(many years before Facebook :)
I learned to reveal a lot of vulnerabilities in many Unix/Linux servers and understood how network and application security worked (wrote the first buffer overflow exploit :-)
I started to publish technical hacking articles in Prielom / Hysteria (the first CZ-SK hacker's magazine)
With my friends, we organized the first international IT security conference in Prague / Strahov and I had the first practical hacking presentation in Congress Centre / Prague
I finished my university studies (FEI STU and FEL-ČVUT) with my master thesis focused on ultra-secure systems.
I got crucial ethical IT security/ethical hacking certificates.
I gained a lot of practical experiences with penetration testing / ethical hacking in many companies.
I became a voluntaryist - I believe that all relationships have to be mutually voluntary and reject the other ones.
I created my first IT security company Nethemba based on voluntaryist principles
https://slides.com/nethemba/the-most-free-company#/
Every hacker can voluntarily choose a project he or she wants to participate for a price he or she willingly accepts.
In Nethemba, we published a paper "SMS public transport tickets vulnerabilities" describing a serious problem related to easy sharing of SMS tickets https://nethemba.com/resources/SMS-ticket-hack4.pdf
Despite the fact the vulnerabilities were evident, all public transport companies refused to accept these vulnerabilities or just ignored them.
It took a few years for some people to implement a smartphone app "Fare Bandit," which allows sharing SMS tickets easily.
In Nethemba, we released Mifare Classic cracker - the first opensource tool that allows cracking more than one billion of Mifare Classic cards (few millions just in the Czech Republic and Slovakia).
https://nethemba.com/resources/mifare-classic-slides.pdf
Cracked private keys allow arbitrary manipulation or cloning of all affected Mifare Classic cards.
In Nethemba, we released a presentation and paper "Vulnerabilities in SMS parking tickets"
https://nethemba.com/resources/SMS-parking-hack.pdf
Despite the fact we contacted mobile operators many months before, it took them years to fix this vulnerability.
With a bunch of friends, we started the first hackerspace in Slovakia - Progressbar in Bratislava accumulating all local hackers, organizing the first hacker's events.
We started to visit & enjoy hacker's conferences & camps.
I became a member of Czech contemporary art group Ztohoven.
And I participated in my first Ztohoven's project "Moral reform" where we re-used the caller ID spoofing hack towards Czech parliament, prime minister, ministries and of course Czech president!
With my friends, we started to write a collaborative project - Travel Hacking Guide (unfortunately in Slovak language only):
https://docs.google.com/document/d/160Q1p_i0ZPDcEK_vOOrfX5mqcP1wE2lKYmhvLya13J0/edit?hl=sk
The fusion of Ztohoven artists and hackers led to the creation of Paralelni Polis in Prague!
A unique place of freedom that promotes ideas of parallel society & crypto technologies. Accepting cryptocurrencies only. Based on original ideas of Vaclav Benda / Charta 77.
At the same time, we started a world's cryptoanarchist conference HCPP!
Because of ethical and economical reasons, we started an initiative:
"We don't work for governments & governments institutions".
https://prezi.com/bawwtpe3qzfm/nepracujeme-pre-statsk/
Now we have more than 20 companies that did the same ethical decision.
In Ztohoven we finished the project "President's dirty red pants" and "Decentralization of power."
The goal was to show that any president function is a post-monarchist and obsolete relict. We should not trust society with a dominant alpha-male, and we should call for a decentralization of power.
With my friends, we launched the first Central European hacking platform https://hacktrophy.com with more than 1000+ registered hackers.
It allows anyone to submit his or her website and use the power of a hacking crowd to hack it.
I have become a perpetual traveler & state hacker,
and started to work on my "OPT OUT" plan:
By Pavol Luptak
Useful lessons from the life of one hacker
CEO of Nethemba - Slovak IT security company founded in 2007, primarily focused on web application security and various penetration tests.