http://www.nashuatelegraph.com/apps/pbcs.dll/article?AID=/20080501/STYLE/964766890/-1/style
By TRICIA BISHOP
The Baltimore Sun
May 1, 2008
BALTIMORE - It was 2003, it was Las Vegas, and Johnny Long was a rock
star.
He slung the blue speaker badge around his neck - careful to make sure
everyone could see it - and strutted through the Def Con hacker
convention with his nose in the air and his ears set to whisper mode,
listening for the buzz.
Too cool to make eye contact, the 32-year-old cut a path through the
crowd. Long, who once networked computers in his back yard for fun, had
grown up to become a professional hacker, joining an elite team of cyber
superheroes - called "StrikeForce" . that was paid to break into
computer systems.
And that, along with his knack for using Google to help break into cyber
security systems, had just won him a coveted speaking slot at the
world's biggest underground hacker convention.
Johnny (or j0hnny, as he was known online) had arrived.
And yet, he was surprised to realize that the only thing he felt was
emptiness.
He returned to his home outside Baltimore, where he stewed for a couple
of months, and he decided he had to shake things up.
And so, he sat before his computer one day and let his fingers tap out
the most explosive thing he could think of to say about himself on his
Web site. Under the heading, "Who is this johnny guy?" he typed out this
description: "a hacker and a follower of Jesus."
And with that, Long was sure he officially had stuck his neck out and
all but asked for someone to hack away at it. Little did he suspect that
the months of uncertainty and doubt would lead him to a dusty and
desperate Ugandan village and a spiritual renewal unlike anything he
ever had experienced.
For the record, Long is funny, self-effacing and a hands-on dad to his
three kids. He takes in stray cats, houses a Korean exchange student,
mentors dozens and wants to be a ninja (he has a brown belt in Bujinkan
Budo Taijutsu).
His mother, Sharon Long, fills out the profile of the hacker as a youth.
"He was a terrible student; he was bored in school," she recalls. "But
he would test through the ceiling."
By the time Long was a teen, he was a regular on virtual gaming bulletin
boards, which started out free but eventually began to charge. That's
when a hacker was born. Soon enough, he began plugging in various user
names and passwords until he cracked the codes and gained entry,
slipping past the virtual cashier directly onto the boards.
It was his first taste of the exhilaration that comes from beating a
system. And one of the few ways he ever did it illegally. He might have
had an outlaw streak in him, he realized early, but he wasn't an outlaw.
"We were cut from the same rock of ethics, so to speak," said Chris
Cooper, Long's best friend in middle school. "We were decent kids; we
didn't get into a whole lot of trouble. The bond for John and I wasn't
so much computers. The bond for John and I was the type of people we
were."
And that type was Christian.
Long was taught to be God-fearing, to honor the church and to emulate
its leaders, according to his parents. And he was OK with most of it,
except this: Churchgoers, to youthful Johnny, just weren't cool. And if
there's one thing he wanted to be, it was cool.
Despite lackluster grades, Johnny made it out of high school with his
diploma in 1989. He got a job as a computer operator at Catonsville
Community College, took a few classes, got bored and dropped out.
He took an IT job with a health insurance company and spent three
unfulfilling years there until a friend took him to a career fair in
1996. There, Johnny landed an engineering position at Computer Sciences
Corp.
Within months, he and a select few at CSC banded together to create
StrikeForce, their version of good-guy hacker heaven.
And before he knew it, Long was on his way to being famous . among those
impressed by that kind of thing, anyway.
"He's made a name for himself in that arena," says Jeff Moss, who
founded the Def Con hacker convention in Vegas in 1993.
When the Def Con committee selected speakers in 2003, Long's name was on
the list. It's been there every year since.
"There's probably a handful of people that you know will fill a room,
and Johnny's one of them," said Moss, who's based in Seattle. "He's
pretty much a rock star."
Surprisingly, rock star proved not to be enough. Long figured that out
after Def Con.
So he outed himself as a Christian and hoped by simply saying it
publicly, it would take hold, even if it ruined his professional
reputation.
way to being famous - among those impressed by that kind of thing,
anyway.
"He's made a name for himself in that arena," says Jeff Moss, who
founded the Def Con hacker convention in Vegas in 1993.
When the Def Con committee selected speakers in 2003, Long's name was on
the list. It's been there every year since.
"There's probably a handful of people that you know will fill a room,
and Johnny's one of them," said Moss, who's based in Seattle. "He's
pretty much a rock star."
Surprisingly, rock star proved not to be enough. Long figured that out
after Def Con.
So he outed himself as a Christian and hoped by simply saying it
publicly, it would take hold, even if it ruined his professional
reputation.
For all her devotion, his mother, Sharon Long, wasn't sure it was the
wisest professional course.
"I don't think we live in a culture that sometimes wants to hear about
spiritual matters," she said. "Putting his faith out there was taking a
risk."
Despite Johnny Long's worry, pretty much nobody noticed his post - or
didn't much care if they did. Within a month, a publisher had called and
asked Long to write a book (Volume 1 of "Google Hacking for Penetration
Testers" was published in 2005, and Volume 2 hit the shelves last year).
That led to a dozen more book projects.
He became a talking head. Within a year, there were more than 80,000
users registered on his site - johnny.ihackstuff.com.
He was also spending more time with members of the nondenominational
church he and his wife, Jen, the product of two missionary parents,
joined a few years after marrying.
"I've seen him get more intentional about his faith, about the role he
believes God plays in his life," said Mark Norman, senior pastor of
Fulton's Grace Community Church. Norman got to know Long through a
church Bible study group. "There was a deepening, a maturity."
In 2006, while Long was at another conference in Vegas, his wife was in
Uganda with members from Grace Community Church. They were there to help
a charity working with children orphaned by AIDS.
The pictures she brought back and the stories she told of children
living in dirt huts, surviving on one sparse meal per day, did a number
on Long. The orphan's eyes, their frail frames, worked their way into
his thoughts, and, eventually, his heart. He had to go to them, to offer
his help.
And the hackers - that group he once thought would blackball him for
mentioning his faith - paid his way there.
Though the speaking engagements and book deals brought more money into
the household, they didn't make the Longs rich. So Johnny wrote a letter
about his desire to go to Uganda and last spring sent it to The Hacker
Foundation, an organization that connects technology projects with the
resources needed to get them off the ground.
His missive was posted online and asked its readers to "forego that
triple-venti white chocolate mocha, and send (Johnny and Jen) a few
bucks instead." Roughly 24 hours later, $4,800 had been raised - $600
more than they needed for the trip.
And so, in May, Johnny, Jen and a half dozen others from the church set
out for the Jinja district of Uganda, a small country in East Africa
obliterated by AIDS.
The volunteers were a mix of ages and experiences, and they came with
different expectations. Long had romantic notions of manual labor. He
wanted to work with his wife and feel the nightly satisfaction of aching
muscles and a hard day's work.
Instead, he got stuck in an office, charged with making something out of
piles of nothing: ancient computer parts and pieces covered in the
village's red dust and dirt. He rarely saw Jen, didn't get to interact
as much with the kids and was generally annoyed - until others made him
see the value of his work.
"It was miraculous," said Ginny Driscoll, one of the volunteers.
Long took the pieces, separated what was workable from what wasn't and
built AIDS Orphans Education Trust, or AOET, a network.
"He was very, very skilled. When he talked, it was like he was drawing
from a huge resource," Sam Tushabe, the organization's founder, said on
a recent visit to the U.S. "He saved us thousands of dollars. I mean
thousands of dollars."
And for a while, that was enough for Long. He had done something, he had
made a difference, he had put his skills to work in a way he never had
before.
But then the trip was over, and down he went again. Back to the every
day. At home, he started pining, then thinking. How could he get that
feeling back, but from here?
Then he struck on it: He would hack charities.
First step: Set up a Web site: www.ihackcharities.org.
Second step: Acknowledge how ridiculous that sounds in the intro: "You
WHAT? Picking on charities is just plain rude. Thankfully, that's not
what we're about."
Third step: Explain what you're about: "We're about proving that hackers
have amazing skills that can transform charitable organizations. We're
about proving that those skills can be translated into careers, one
keystroke and one resume bullet at a time."
The idea is to get hackers to volunteer their time and used gear to
various charities that seriously need technical help, whether it's
through securing their sites or finding ways to pair children with
sponsors online. Ultimately, the work could save organizations thousands
of dollars and, consequently, maybe even a life or two.
To attract talent, he offers volunteers personal recommendations and
some actual project experience to put on their CVs. It's the kind of
carrot that hackers, often just self-taught kids, covet. It's a ticket
to a foot in the door at a company and incentive to keep on the straight
and narrow.
And with that, Long had found a purpose.
"It started out with me trying to fill a hole, to make me feel better,
but it's not about me anymore," Johnny said.
_______________________________________________
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com
Received on May 02 2008
Intro
