Former L0pht man 'Mudge' leaves Google for Washington
Obama lures hacker out of the roof with gig establishing software transparency lab
Mudge, a once-feared and now-respected member of the "L0pht" hacker collective, is headed to Washington to set up a software version of Underwriters' Laboratory.
While it's not yet clear exactly how the once-famed L0pht member, real name Peiter Zatko, will approach the “CyberUL” (as he put it in the Tweet announcing the move), he said the request to take the role came directly from the White House.
The idea of a CyberUL isn't new: as Threatpost points out, a L0pht member proposed the idea in 1999. In that paper, John Tan proposed that the destructive testing practices UL performs on all kinds of electrical products should be applied to software.
It's also been considered in The Beltway. As recently as April, White House Cybersecurity Coordinator Michael Daniel cited UL's work as a model for the IT sector to follow.
Goodbye Google ATAP, it was a blast.
The White House asked if I would kindly create a #CyberUL, so here goes!— .mudge (@dotMudge) June 29, 2015
Mudge's most recent gig was at Google, working for the Chocolate Factory's Advanced Technology and Projects team. Before that he worked at the US military's fun-factory, DARPA.
L0pht co-founder and CTO of Veracode Chris Wysopal told Security Ledger software remains among “the last products that has no transparency to what the customer is getting, adding that the “pseudo-monopolies” in the industry can simply refuse to co-operate with third-party testers.
While the call came from the White House, Mudge said in a Tweet that the gig will be external to the administration. ®