Matt Conover is a member of w00w00 Security Development, that with 30+ active members, is currently the largest non-profit security team in the world.
So here it goes:
How and when did you get interested in computer security?
It was gradual. I was interested in programming and Linux, from there (with the help of various movies), computer security became an interest. I first became interested in around ’96.
Do you have any special interest in the field of security?
Well, I’m very intrigued by finding new forms of vulnerabilities. Finding problems in cryptograpic protocols (by this, I also mean authentication, key exchange, etc.) has also become fairly exciting within the last year or so. Beyond that, I try to study a wide range of areas.
What operating systems do you work on? Which ones do you prefer and why?
I work on most of them. When I’m developing products on Unix, I’ll be sure they port to Linux, BSD, and Solaris. I also work with Windows NT and Windows 2000. From my background, I prefer Unix, but I have recently made my peace with Windows.
How did you get involved with w00w00 and when?
w00w00 was created in early 1998. It was originally started humorously, and I’ve been there since the beginning. Most people doing work in computer security have their own connections, and so when people come together, their connections come with them. This is how w00w00 grew.
Are you satisfied with the work which you have done within w00w00? Do you think you’ve accomplished more as a member?
I think we can always do more, but I’m happy with that’s been happening. Even when we aren’t releasing things, there is still a lot of internal work, and a lot of very brilliant people.
Are there people/groups you look up to in the security scene?
I would call them friends–we like ADM and L0pht, and a lot of commercial organizations, such as Zero Knowledge Systems and Napster.
As regards you articles, what kind of feedback did you receive?
Thankfully, we’ve received a lot of positive feedback and no negative. More commonly, we receive emails from people with additional ideas. We always appreciate them.
What is your opinion on the “mass spreading” of script kiddies these days? What infulence do you think it will have on the security scene in the long run if the trend continues to rise?
Well, it’s a tough question. Personally, I keep myself isolated to w00w00, and so I am not as exposed to it as some might be. w00w00 is a white hat organization, and we don’t support the activities they are doing. With that said, most are young people just trying to get themselves into computer security, and the “script kiddie” phase is the phase were they are beginning to understand security (enough to use exploits), but not fully aware of the consequences. Most, over time, will continue their study and eventually outgrow that phase. If the trend continues to rise, I think it would more imply that there is a boom of people getting interested in computer security, which is great. They just need to slow down for a while and finish learning 😉
Rather than an individual picture, Matt gave us the latest picture of the w00w00 team: