@Stake's pitch: Hackers are your friends

Start-up employs hackers to offer a wide selection of security services.

By Ellen Messmer
Network World, 02/07/00

CAMBRIDGE, MASS. - Security start-up @Stake has caused quite a sensation since its recent launch as a professional services firm employing members of the hacker nether world as hired guns sent out to test corporate networks for vulnerabilities.

So far, @Stake has no marquee corporate customers willing to state they have actually hired any of the company's two dozen or so hacker employees to give them advice on how to secure their networks, from selecting firewalls and antivirus software to setting up e-commerce applications.

These employees include Mudge - the leader of the underground group L0pht - and even more amazingly, Dildog, top dog in the notorious Cult of the Dead Cow (CDC).

@Stake says corporate America is bound to buy into the idea that the hacker underground is the best source of independent security consulting you can get.

"We don't have a hidden agenda based on a product," claims Mudge, co-founder of @Stake along with security analyst Ted Julian, who brought in executives from CertCo, Compaq and Cambridge Technology Group as management.

Mudge says he will continue to use the moniker Mudge, even though he is now well above ground with @Stake, funded by Battery Ventures to the tune of $10 million.

Mudge's Boston-based group, L0pht, is famous for developing the password-cracking software Crack as well as AntiSniff, software for detecting someone using a sniffer to spy on your network.

Mudge says L0pht - a registered corporation - has made money for years selling its software and providing advice to U.S. government agencies, including the Departments of Justice, Defense and Energy.

L0pht is now being restructured to play the role of a nonprofit company with a scholarship fund.

"It'll be more like a charity, maybe for the Cancer Society," Mudge says.

Other underground figures employed by @Stake are going to be a much harder sell than Mudge, who swears he never broke into a corporate network.

Take Dildog, the main author of the Trojan horse program dubbed Back Orifice 2000. Last summer at the Defcon hacker convention, Dildog cavorted onstage with about two dozen CDC members exhorting an audience of thousands to use his creation, Back Orifice, to take over Windows-based networks.

But now, faced with the prospect that he could get rich if @Stake ever goes for an initial public offering, Dildog is ready to renounce his past.

"We didn't advocate breaking into networks," Dildog says. "It was all a joke on the media. And I never broke into a network in my life."