http://www.nashuatelegraph.com/apps/pbcs.dll/article?AID=/20080501/STYLE/964766890/-1/style By TRICIA BISHOP The Baltimore Sun May 1, 2008 BALTIMORE - It was 2003, it was Las Vegas, and Johnny Long was a rock star. He slung the blue speaker badge around his neck - careful to make sure everyone could see it - and strutted through the Def Con hacker convention with his nose in the air and his ears set to whisper mode, listening for the buzz. Too cool to make eye contact, the 32-year-old cut a path through the crowd. Long, who once networked computers in his back yard for fun, had grown up to become a professional hacker, joining an elite team of cyber superheroes - called "StrikeForce" . that was paid to break into computer systems. And that, along with his knack for using Google to help break into cyber security systems, had just won him a coveted speaking slot at the world's biggest underground hacker convention. Johnny (or j0hnny, as he was known online) had arrived. And yet, he was surprised to realize that the only thing he felt was emptiness. He returned to his home outside Baltimore, where he stewed for a couple of months, and he decided he had to shake things up. And so, he sat before his computer one day and let his fingers tap out the most explosive thing he could think of to say about himself on his Web site. Under the heading, "Who is this johnny guy?" he typed out this description: "a hacker and a follower of Jesus." And with that, Long was sure he officially had stuck his neck out and all but asked for someone to hack away at it. Little did he suspect that the months of uncertainty and doubt would lead him to a dusty and desperate Ugandan village and a spiritual renewal unlike anything he ever had experienced. For the record, Long is funny, self-effacing and a hands-on dad to his three kids. He takes in stray cats, houses a Korean exchange student, mentors dozens and wants to be a ninja (he has a brown belt in Bujinkan Budo Taijutsu). His mother, Sharon Long, fills out the profile of the hacker as a youth. "He was a terrible student; he was bored in school," she recalls. "But he would test through the ceiling." By the time Long was a teen, he was a regular on virtual gaming bulletin boards, which started out free but eventually began to charge. That's when a hacker was born. Soon enough, he began plugging in various user names and passwords until he cracked the codes and gained entry, slipping past the virtual cashier directly onto the boards. It was his first taste of the exhilaration that comes from beating a system. And one of the few ways he ever did it illegally. He might have had an outlaw streak in him, he realized early, but he wasn't an outlaw. "We were cut from the same rock of ethics, so to speak," said Chris Cooper, Long's best friend in middle school. "We were decent kids; we didn't get into a whole lot of trouble. The bond for John and I wasn't so much computers. The bond for John and I was the type of people we were." And that type was Christian. Long was taught to be God-fearing, to honor the church and to emulate its leaders, according to his parents. And he was OK with most of it, except this: Churchgoers, to youthful Johnny, just weren't cool. And if there's one thing he wanted to be, it was cool. Despite lackluster grades, Johnny made it out of high school with his diploma in 1989. He got a job as a computer operator at Catonsville Community College, took a few classes, got bored and dropped out. He took an IT job with a health insurance company and spent three unfulfilling years there until a friend took him to a career fair in 1996. There, Johnny landed an engineering position at Computer Sciences Corp. Within months, he and a select few at CSC banded together to create StrikeForce, their version of good-guy hacker heaven. And before he knew it, Long was on his way to being famous . among those impressed by that kind of thing, anyway. "He's made a name for himself in that arena," says Jeff Moss, who founded the Def Con hacker convention in Vegas in 1993. When the Def Con committee selected speakers in 2003, Long's name was on the list. It's been there every year since. "There's probably a handful of people that you know will fill a room, and Johnny's one of them," said Moss, who's based in Seattle. "He's pretty much a rock star." Surprisingly, rock star proved not to be enough. Long figured that out after Def Con. So he outed himself as a Christian and hoped by simply saying it publicly, it would take hold, even if it ruined his professional reputation. way to being famous - among those impressed by that kind of thing, anyway. "He's made a name for himself in that arena," says Jeff Moss, who founded the Def Con hacker convention in Vegas in 1993. When the Def Con committee selected speakers in 2003, Long's name was on the list. It's been there every year since. "There's probably a handful of people that you know will fill a room, and Johnny's one of them," said Moss, who's based in Seattle. "He's pretty much a rock star." Surprisingly, rock star proved not to be enough. Long figured that out after Def Con. So he outed himself as a Christian and hoped by simply saying it publicly, it would take hold, even if it ruined his professional reputation. For all her devotion, his mother, Sharon Long, wasn't sure it was the wisest professional course. "I don't think we live in a culture that sometimes wants to hear about spiritual matters," she said. "Putting his faith out there was taking a risk." Despite Johnny Long's worry, pretty much nobody noticed his post - or didn't much care if they did. Within a month, a publisher had called and asked Long to write a book (Volume 1 of "Google Hacking for Penetration Testers" was published in 2005, and Volume 2 hit the shelves last year). That led to a dozen more book projects. He became a talking head. Within a year, there were more than 80,000 users registered on his site - johnny.ihackstuff.com. He was also spending more time with members of the nondenominational church he and his wife, Jen, the product of two missionary parents, joined a few years after marrying. "I've seen him get more intentional about his faith, about the role he believes God plays in his life," said Mark Norman, senior pastor of Fulton's Grace Community Church. Norman got to know Long through a church Bible study group. "There was a deepening, a maturity." In 2006, while Long was at another conference in Vegas, his wife was in Uganda with members from Grace Community Church. They were there to help a charity working with children orphaned by AIDS. The pictures she brought back and the stories she told of children living in dirt huts, surviving on one sparse meal per day, did a number on Long. The orphan's eyes, their frail frames, worked their way into his thoughts, and, eventually, his heart. He had to go to them, to offer his help. And the hackers - that group he once thought would blackball him for mentioning his faith - paid his way there. Though the speaking engagements and book deals brought more money into the household, they didn't make the Longs rich. So Johnny wrote a letter about his desire to go to Uganda and last spring sent it to The Hacker Foundation, an organization that connects technology projects with the resources needed to get them off the ground. His missive was posted online and asked its readers to "forego that triple-venti white chocolate mocha, and send (Johnny and Jen) a few bucks instead." Roughly 24 hours later, $4,800 had been raised - $600 more than they needed for the trip. And so, in May, Johnny, Jen and a half dozen others from the church set out for the Jinja district of Uganda, a small country in East Africa obliterated by AIDS. The volunteers were a mix of ages and experiences, and they came with different expectations. Long had romantic notions of manual labor. He wanted to work with his wife and feel the nightly satisfaction of aching muscles and a hard day's work. Instead, he got stuck in an office, charged with making something out of piles of nothing: ancient computer parts and pieces covered in the village's red dust and dirt. He rarely saw Jen, didn't get to interact as much with the kids and was generally annoyed - until others made him see the value of his work. "It was miraculous," said Ginny Driscoll, one of the volunteers. Long took the pieces, separated what was workable from what wasn't and built AIDS Orphans Education Trust, or AOET, a network. "He was very, very skilled. When he talked, it was like he was drawing from a huge resource," Sam Tushabe, the organization's founder, said on a recent visit to the U.S. "He saved us thousands of dollars. I mean thousands of dollars." And for a while, that was enough for Long. He had done something, he had made a difference, he had put his skills to work in a way he never had before. But then the trip was over, and down he went again. Back to the every day. At home, he started pining, then thinking. How could he get that feeling back, but from here? Then he struck on it: He would hack charities. First step: Set up a Web site: www.ihackcharities.org. Second step: Acknowledge how ridiculous that sounds in the intro: "You WHAT? Picking on charities is just plain rude. Thankfully, that's not what we're about." Third step: Explain what you're about: "We're about proving that hackers have amazing skills that can transform charitable organizations. We're about proving that those skills can be translated into careers, one keystroke and one resume bullet at a time." The idea is to get hackers to volunteer their time and used gear to various charities that seriously need technical help, whether it's through securing their sites or finding ways to pair children with sponsors online. Ultimately, the work could save organizations thousands of dollars and, consequently, maybe even a life or two. To attract talent, he offers volunteers personal recommendations and some actual project experience to put on their CVs. It's the kind of carrot that hackers, often just self-taught kids, covet. It's a ticket to a foot in the door at a company and incentive to keep on the straight and narrow. And with that, Long had found a purpose. "It started out with me trying to fill a hole, to make me feel better, but it's not about me anymore," Johnny said. _______________________________________________ Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Fri May 02 2008 - 01:33:59 PDT