Sunday, October 11, 2015

Rampa: "Username / password credentials are outdated"

Ramón Martínez (Rampa). Hackers master.

In 1987 Ramon Martinez, from Monóvar (Alicante), wrote the first manual in Spanish about hacking and phreaking, under the alias Ender Wiggins. He was a member of the legendary group Apòstols and he organized at least two BBS, a meeting place for hackers then surfing X25 seas and assaulting machines connected there. Delgado, shy, nervous, visionary always 'on'... Ramp is now a child of 46 years, hacker likes it or not.

But when you have 3 kids you have to grow, or to look like that, so Rampa turned his BBS into the first commercial ISP of the 90s:: Encomix, one of the best in Spain at the technical level. It was so reliable that the world of finance trust him for the first online banks. In 1999 he sold his creation to an ISP in the United States for an exorbitant amount, bought a building and was devoted to what he liked: the music recording. After many laps today he's still leading the way, playing as always with the newest things.

- Hi, Ramón. What's your business right now?

I'm trying to make easy dual channel authentication. I'm CTO of Digital Human Identity, a company dedicated to voice biometrics where we try to validate persons by voice - both spoken and recognition of biometric.

- When you look at today hackers, what do you think about?

- I'm envious about the amount of information available. But on the other hand I also think about how messy it is. Both excess and defect make it difficult to find good information.

- If there is a boy telling you that he wants to be a hacker, what do you tell him?

- First of all, install a Linux at home and start there. The law is now very tight, almost dictatorial in relation to cybercrime. Now anything is a crime. If you read the Penal Code to the letter, even getting connected to a Web system without administrator permission, it may be a crime.

The problem will come in a few years, when they discover that terrorists know much about breaking national security, and the states will have no hackers for counterattacks. Either because someone has led them to desist or being cautious of coming to light - going to jail. Phil Zimmerman, creator of PGP, said "if privacy is outlawed, only outlaws will have privacy."

- Tell us an annecdote, a prescribed one, from your beginnings :)

- There are so many... One night we found a machine of a hotel chain dedicated only to process payments by VISA X25. It had a lot of circuits, but they were not all set. With the this huge number of circuits, we thought it was a good place to set up a chat. So we went chat software, compile it and Depeche began to change machine inittab. He downloaded the file to his machine, added the necessary lines and uploaded it back. But the communications program translated Unix carriage returns to MSDOS. He began to edit it while we were talking and I hear him say. "Shit... I lost carrier...". As a result, the machine went offline for over a month... :-) The good thing is that when it came back to life, it was still the same username and password the first time we met.

- Many hackers speak with reverence of what it feels like when the computer control is achieved. Could you describe it?

- It was a feeling of power and paranoia... You felt winner for controlling the machine, but at the same time you looked out the window, or you were suspecing that someone were following your steps when you went out into the street. It was quite when "phreaking": when you were able to take possession of the lines in silence, your own breathing seemed there was someone on the other side of the line. We even had a cable with a plug connected to the phone line, to plug into 220V if necessary!!!

- As a hacker, did you have / have you an ethics?

- Yes. Do not break anything, do not bring anything from there. Do not change anything that is not necessary and try to not attract attention.

- I've always heard you that "the Internet is to share and not to compete". You must feel pretty sad about nowadays Internet...

- - I feel sad. Internet (and the TCP / IP protocol) were born to share, and this thing and the hacker culture brought free software. Everything is here to be shared, and when shared, everyone can improve it... It's something like traditional cuisine: it has come down to us by word of mouth, improving each one the recipes as better as possible, and shared again with more people. The Internet of today is the restaurant recipe: they inherited the traditional recipe, added some "secret" and sell it. That recipe will die unnoticed because hardly anyone will test it, and no one had it.

- Security based on firewalls and IDS is adequate, in your view?

- No. Having a switch that is replicating all traffic to a mouth seems an attack on privacy.

- But how to defend against the NSA, if not with barriers and paranoia?

- In my village there has always been nosy ladies who spoke at your backs. If you do not want them to know something, do not tell it :-) Cryptography is the solution to this today.

- Speaking of governments: are they destroying the free network, or do you think this one will win?

- Internet is four companies. It depends on how governments decide to take with them.

- In the first 90 you mounted online banks in Spain and have worked extensively with banks. If you could get carte blanche, what will you change about their security?

- The access system!! Username / password credential are outdated and unsecure... but of course, explain to someone whose credit cards still have a four-digit number.

- This statement is yours, "If you do not steal or break anything, I do not think that is bad getting into a computer." Did you affirm?

- I ratify, but I complete it with an "and if no one knows."

Text: Mercè Molist


Post a Comment