Dimitri van de Giessen is certainly our most mysterious speaker at DefCamp 2018.
You don’t have to take our word for it. Here’s the synopsis for his presentation:
In the year 2000 several Microsoft sites have been hacked by a Dutch hacker named Dimitri. Several subdomain servers, such as windowsupdate.microsoft.com, 128download.microsoft.com, events.microsoft.com and so on has been hacked. Not even once but twice in a short period of time.
A secret meeting was planned by Microsoft with Dimitri. Why was it secretly? What actually happened behind the closed doors at MS? And why even after 18 years it is still a secret? This presentation includes some Mystery, Drama, Action & NSFW.
We bet you can imagine how curious we all are to find out more about what sounds like a Hollywood movie (but without all the ridiculous hacker cliches)!
However, we still have a few short weeks to go until DefCamp #9, so the second best thing we could do is interview Dimitri to try to find out more.
He’s not an infosec professional who likes to beat around the bush, so Dimitri was straightforward when we asked him about what stands out from his past years’ experience.
For me, the biggest challenges are companies with little budget and poor politics.
However, when there is an actual cyber attack happening, companies are ready to spend all the budget available.
It is more important to spend money on preventing cyber attacks rather than dealing with the consequences.
Prevention has never been humanity’s strength. Just look at how most people feel about getting their annual check-up. Just like in medicine, we wanted to find out how Dimitri sees the challenges that infosec specialists were dealing with in the year 2000 that are still unsolved today.
Vendors are still setting a lot of default functions, samples, and passwords to “on” instead of “off”. This is relevant for all vendors.
Hardening out of the box devices, appliances, computers, routers, and other IoT is always necessary. Out-of-the-box devices are vulnerable.
Even though some things have stayed the same, others have improved. For example, let’s look at how tech companies deal with vulnerabilities. Something has changed for the better since 18 years ago and Dimitri sees it clearly.
Bug Bounty programs.
In the past, you had to fight for your name in a patch or service pack. Nowadays, Bug Bounty programs are an extra motivation for hackers to be in contact with the vendor.
But it is and has always been a difficult task to be on the same page with the vendor. Typical reactions from now and back then are:
“We already know about this vulnerability”
“We don’t see this as a vulnerability”
or “We will come back about this shortly”. (Still waiting for my bounty 🙂 )
Vulnerability hunting is not the only thing that made an important contribution to his experience. There’s something more Dimitri has been doing for the past years that makes him a better white hat hacker.
At the moment I am always trying to help other companies/people/friends after a hack, even if there is no budget.
It’s a dirty job but somebody has to do it.
Speaking of dirty jobs, we just had to try one more time to find out more details about his upcoming presentation at DefCamp. Dimitri was, once again, cryptic enough to keep us at the edge of our seats:
Here is a quote of Microsoft from 28.04.2018 regarding the permission to present:
“The team is asking that you not use the SAM information or Microsoft’s name. Ultimately the decision is yours”.
I made my decision. See you at DefCamp!
Be there, else you might miss a unique opportunity to hear the story live!
This interview was made by Andra Zaharia. You can get in touch with her on LinkedIn or say hi on Twitter.
DefCamp is powered by Orange Romania and it’s organized by the Association “Research Center for Information Security in Romania” (CCSIR).
DefCamp 2018 is sponsored by Ixia, Keysight Business, SecureWorks and Intralinks as Platinum Partners and it’s supported by IPSX, Bit Sentinel, TAD Group, Enevo, Crowdstrike, CryptoCoin.pro, Siemens, Alef, UiPath, Atos and Kaspersky Lab.