http://www.whitedust.net/article/51/Interview:_Elonka_Dunin/ By Mark Hinge & Peter Prickett 14 Mar 2006 WD> So, tell us, how did you first get into the world of computing? Oh, I got involved with computers at a very young age, in the 1960s. My father was an early computer programmer, teaching mathematics and engineering at UCLA, and then later worked on a NASA project, on the team that launched the very first geosynchronous communications satellite, Syncom. Sometimes when he worked weekends, he'd take me in to his office with him, and as a kid I'd literally play with the big mainframe computers, like an IBM 360. It started off with him programming it to play simple number games with me, and then as I got older, I started doing some programming myself. My first language was Fortran. In my junior high school, one of my math teachers also gave an extra credit programming class, but it was kind of difficult since we didn't have any computers! What the school did was to give us paper punchcards, and we'd use #2 pencils to fill in the dots where the holes were supposed to be punched, then the cards would be shipped downtown to where the holes would be punched and the cards were processed, and our programs would be run. The output would be printed out, and they'd ship that back to us at the school so we could debug. It took days for a single roundtrip, so talk about lagged compile time! In high school (early 1970s), things were a tiny bit better, since the school had a teletype with real-time (ooh!) communication, even though it was all on hardcopy, and the thing was incredibly loud. If you've ever seen the movie 'Andromeda Strain' and remember the teletype machine in that one, that's what our system looked like. Then as I got older, I ran into the other early systems: A co-worker of mine in the USAF got a TRS-80, and then I had my own Osborne 1, and then I got a Mac Classic, and steadily upgraded to faster systems as computers became more and more powerful. I played pretty much every computer game that I could get my hands on, and in the 1980s I started getting involved with BBSes, logging on to systems in Colorado and California where I was working. In 1989, I started getting involved with online multiplayer games, like on the GEnie service, and a new career followed shortly thereafter. WD> Simutronics was founded in 1987. Where does the name come from? The company was founded by David Whatley, a teenager working out of his bedroom in his parents' home (he continues to be President and CEO today), and Tom & Susan Zelinski, a husband & wife team. David had earlier written some BBS software under a different company name, and when it came time to form a company with the Zelinskis, he just chose the name 'Simutronics' because he liked it. WD> How has the company evolved since 1987? I started getting involved with the company as a customer in 1989, and then moved to St. Louis in 1990 which is when I started working for Simutronics. We moved the base of operations out of the David's bedroom into an apartment loft in another part of town, and managed the games from there. We had the top products on the GEnie online service, like our text games GemStone III and DragonRealms. Then in 1993 our 3D graphical game CyberStrike won the very first 'Online Game of the Year' award from 'Computer Gaming World' magazine (they created the category so they could give us the award, the game was so ahead of its time), and the award started getting us more attention and more contracts. We moved into our own office, and opened up portals to our games from Prodigy, America Online, and CompuServe. In 1997, we launched our own website, play.net. Games that we've created over the years have included Orb Wars, GemStone II-IV, DragonRealms, Modus Operandi, and Alliance of Heroes (originally Hercules & Xena: Alliance of Heroes). Our next big game is going to be Hero's Journey, a graphical MMORPG. We showed a preliminary version at E-3 in 2005 and got a lot of attention -- for example, mmorpg.com listed us as 'Best of Show'. Our office right now is a 10,000 sq. foot location in St. Charles (a suburb of St. Louis), and we have another office in Maryland. WD> Like many of the people we have interviewed you worked in the military before computing. Why do you think that is? I can't speak for other people, but for me, being in the military definitely changed my work habits and made me much more disciplined in terms of complex projects. It also gave me a lot more confidence in my own abilities. Those factors may be an edge which helps entrepreneurs to marshal the focus and drive that's necessary to become personally successful, whereas some other people may have ideas that are just as good, but not be able to pull together the discipline, confidence, and persistence to make their ideas happen. WD> How long did you work for the US Air Force? Why did you leave? I first enlisted for 4 years in 1977, but without making a clear choice on which career I wanted. So they kind of put me where they needed me, and I ended up doing avionics repair, troubleshooting aircraft instrumentation on cargo and reconnaissance aircraft. I did okay at it, but I wasn't really stellar -- what I really wanted to do was something with computers. But every time I applied to cross-train, I was told that my job, 'Instrumentation,' was a 'shortage' career field, meaning that they didn't have enough people to fill it, and so I wasn't allowed to cross-train out unless it was into something that had even more of a shortage, like air traffic controller. I extended my enlistment for two years to try and push the paperwork through, but kept getting rejected, so when my final enlistment was up, I 'got out'. Oh well, their loss! WD> In what capacity where you involved with the SR-71 and U-2 reconaissance aircraft? Instrumentation repair. Testing, troubleshooting, and replacing the sensors that detected the altitude, engine pressure, fuel status, and other this’es and thats’es that the pilot needs to know about. Basically, picture all the dials that a pilot looks at when he (or she) is sitting in the cockpit. I maintained those instruments, the transmitters that sent signals to them, and the wiring in between. WD> What drew you into cryptography? I'd been interested in puzzles for as long as I could remember. My mother used to talk about when I was a toddler, she'd just put me down on the doorstep with a puzzle, and I'd be happy for hours. Then when I was a little older, a neighborhood boy was studying codes for some project (I think a Boy Scout merit badge or something), and I was constantly over at his house asking questions. He finally just gave me all of his books and notes on the subject. Most of my early involvement with cryptography was just as a hobbyist though. I didn't start getting involved with the public scene until I ran into the PhreakNIC v3.0 Code, while I was giving a talk on gaming at Dragon*Con in 2000. WD> You were the first person to crack the infamous PhreakNIC Code. Could you explain what said code is, and how you cracked it (without giving away the ending)? What was the prize you won for beating the code? It was a challenge created by JonnyX, the organizer of the PhreakNIC hacker convention in Nashville in 1999. He'd also done an easier code for PhreakNIC v2.0 in 1998, but he made something a lot harder for the next version. It was intended to be solved by the attendees at the conference, but no one could figure it out! He kept handing out flyers about it though, and used it to promote the upcoming 2001 convention. He said that the first person to figure it out, would get an all expenses paid trip to the con. I picked the code up with a bunch of other flyers at Dragon*Con 2000. Then, one weekend a bit after the convention, I was stuck at home, sick with the flu or something, and bummed out that I couldn't go to Def Con because I had a scheduling conflict (I'm friends with the lead singer of Blue Oyster Cult, who was playing in St. Louis that same weekend). So I channeled my energies into the Code, playing around with it to see what I could learn, and reading everything in the year's worth of discussion archives about it. I got pretty obsessed with it, and completely anti-social for awhile. Any of my friends who tried to talk to me, all I wanted to talk about was that Code. And, well, it paid off, because I cracked it! I had to completely come up to speed from scratch on several cryptographic techniques, but I learned them all and got to the center, and made the cryptic announcement that it requested (I had to post a certain kind of haiku message to a hacker mailing list), and I won the prize. Then I wrote a tutorial to the mailing list about how I'd cracked it, and included a bunch of cyberpunk humor and in-jokes. That tutorial is now on my website, if anyone wants to read it. It's a fun read, and teaches a lot about cryptography, from simple binary all the way up to some state-of-the-art stuff. WD> What other public recognition have you received for cryptography? Aside from the PhreakNIC Code, the next biggest event was probably the cracking of the Cyrillic Projector cipher. It was a 10-year-old challenge that was on a sculpture in the middle of the University of North Carolina at Charlotte, and it turned out to be extracts from classified KGB documents! I definitely didn't do that one alone -- it was a team effort that involved several different people, some of whom knew each other, and others who didn't. I've also gotten some recognition for a new method I came up with for solving Part 3 of Kryptos, as well as just the websites that I have, on both Kryptos and other of the world's most famous unsolved codes. It's a topic that people are fascinated with, and the webcounter just keeps climbing. This month it rolled over to more than 1.5 million page views, with several hundred thousand unique visitors. I've been invited to speak at several major universities on the subject of cryptography, and in mid-2005, a British book publisher, Constable & Robinson, contacted me and asked if I would write a book about codes. WD> What is your involvement with the CIA's Kryptos sculpture? How is it that you were able to see it in person? I first heard about Kryptos while I was working on the PhreakNIC v3.0 Code, since JonnyX had built some dead-ends into it, and one of them led to Kryptos. But I didn't really give Kryptos much thought at the time other than reading a few articles about it. Then in 2001 I was visiting my cousin in Washington DC (he'd had a really close call on September 11th), and after we visited the memorial at the Pentagon, he asked me if there was anything else that I wanted to see in town. I decided on Kryptos, but we couldn't figure out a way in to CIA (we were turned away by large men with guns, who kept saying, 'Official Business Only'). But then a few months later I was giving talks on steganography, and one of those talks got me an invitation to speak at CIA, so I was able to examine the sculpture up close. I also made some rubbings, and when I got back to St. Louis, I made a single webpage to post scans of the rubbings online -- little did I know that that webpage was going to change my life! WD> The Kryptos Group is working on the sculpture in the CIA headquarters courtyard in Langley, Virgina, attempting to decode the remaining characters. However, according to Time Magazine in May 1991, former CIA Director William Webster knows what the phrase is. Is the goal to actually crack the code or to develop further code breaking methodologies? The goal is to decrypt those last 97 or 98 characters at the bottom of the sculpture. We know what the top three sections say, but not that last fourth part yet. As for Webster, he was given a sealed enveloped by sculptor Sanborn at the sculpture's dedication in 1990, which supposedly contained the answers. But in a Wired interview in January 2005, Sanborn said that he didn't give Webster the full story. WD> You have also been working in conjunction with the FBI on Al Qaeda codes, and they requested you give a talk on steganography. What did you advise within that talk and to whom? The original request was that I put together a talk on steganography for the local St. Louis task force. We knew that there were agents in the main DC office who understood about steganography, but in the St. Louis field offices, they had a different mission and weren't crypto experts. So they were agreeing to let people from the private sector come in and help them get up to speed. I put together a 70-slide PowerPoint presentation that explained what steganography was, how it was used, and what the current rumors were about whether or not Al Qaeda had been using steganography to play the September 11th attack. I don't believe that they were, and I went into the detailed reasons why not. There was no proof anywhere that they were using steganography -- instead, they tended to use very simplistic codes, like if they were talking on a cellphone and needed to say 'FBI', they might instead say 'Food & Beverage Industry'. Or if they were referring to gas cutters, they were supposed to instead say 'gas stations.' And there was an extensive scan of images done by a team from the University of Michigan, looking through millions of internet locations, and then clustering computers together and running password dictionary attacks on anything that looked suspicious, but they never found a single thing. WD> Did the CIA pay you for this? You say that you will give your talk for free if we see you 'passing by with laptop in hand'? Yes, I made a bit of money from the CIA (even though I insisted I didn't want to be paid!). My main goal was just to get onsite so that I could see Kryptos. As for other locations, if they're nearby, I'll give the talk for free, but if they want me to fly to a different location, I normally ask for something nominal to cover expenses. WD> What do you consider your greatest code-cracking achievement? That's hard to answer. For emotional satisfaction, it has been helping out with the war on terrorism, and educating government agents about steganography and what types of codes that Al Qaeda might (or might not) be using. It gave me a deep sense of contributing my skills to a greater good, and helping to squash some of the rumors out there. Other things I'm particularly proud of would be my Kryptos website -- all the research I've done, people I've tracked down to interview, and the networking I've engaged in, in order to pull together so many disparate bits of information into one place. In terms of sheer personal code-cracking, the whole Cyrillic Projector project was a lot of fun, plus of course there's the PhreakNIC v3.0 Code that started the whole thing - I also enjoyed writing the tutorial for that one, as well as cracking some of the other hacker-con codes, like the Atlantacon ones. Plus it was quite an honor when a British publishing house asked me to write a book! WD> Which is more important to you, cryptography or Simutronics? Simutronics, definitely. It's my day job, and what pays the bills. I've poured my heart and soul into the company over the years, and I am very dedicated to our customers. But cryptography is definitely a hobby of mine that's taken on a life of its own! WD> What other projects are you working on right now? At Simutronics, we're working on a new 3D graphical MMORPG, Hero's Journey, which we'll be demoing at E-3 in May. We also have a related product called HeroEngine: It's a new way that we've come up with which would allow other people to license our technology and utilities and engine to have everything they need to create their own MMORPG, and we'll be demoing that one at the Game Developers Conference in March. Parallel with all of that, I've been spending some time on various MediaWiki databases, such as Wikipedia, and a new wiki we set up this year for the IGDA. I'm also still doing a lot of public speaking, with my next crypto talk being at NOTACON in Cleveland in April. And of course I have a book coming out soon! It's 'The Mammoth Book of Codes and Cryptograms' (in the U.S.), and 'The Mammoth Book of Secret Code Puzzles' in the UK. I've never written a book before, so it's been an interesting learning experience, navigating the world of publishers and bookstores and 'mainstream' marketing. The book has a very impressive list of contributors, as puzzles were submitted from cryptographers all over the world -- of most interest to your own audience, there's even a section by Scott Kim which presents a pencil and paper method of doing asymmetric key encryption. WD> Finally, which of your games do you play the most? Now *that* is a closely-guarded secret. When I'm playing a multiplayer game, I just want to play, and not let anyone know who I am -- I try to stay as incognito as possible! All Right Reserved, Copyright 2005 Whitedust.net _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Wed Mar 15 2006 - 00:33:46 PST