'Hackers who broke Windows' coming to Malaysia
By JULIAN MATTHEWS
20th August 2003 (The Star)

PETALING JAYA: Polish celebrity hackers The Last Stage of Delirium (LSD) Research Group will be coming to Malaysia to attend the country's first major hackers' conference in December.

"The event seems to be very promising. We are glad to accept the invitation," confirmed the group's spokesman Tomasz Ostwald in an e-mail response.

The three-day conference is being hosted by Hack In The Box (M) Sdn Bhd, the company that runs a popular security site of the same name at www.hackinthebox.org.

"This is a coup for the local network security community," said conference organiser Dhillon Andrew Kannabhiran. "We are very proud that LSD Research has consented to our invitation. It will raise awareness of the level of technical expertise available in Malaysia on global security issues."

LSD Research (http://lsd-pl.net) has been labelled the "hackers who broke Windows." The four-man group who prefer to be called "security engineers" have uncovered and documented vulnerabilities in nearly every version of Microsoft's Windows operating system.

The "Blaster" worm, which infected hundred of thousands of computers worldwide and sent network administrators scrambling to download the patch recently, exploited a critical flaw first discovered by the group in June this year.

Even Microsoft, not known to be appreciative of the hacking community, has thanked and acknowledged the group for its efforts.

The discovery of the "DCOM RPC" flaw was a source of embarrassment to the Redmond, Washington-based software giant as it affected its most popular offerings including the Windows NT 4.0, Windows 2000, Windows XP and its much touted "most secure ever" server, Windows Server 2003.

All four founder members of LSD Research -- Michal Chmielewski, Sergiusz Fonrobert, Adam Gowdiak and Ostwald -- are expected to attend the Hack In The Box conference set for Dec 12-14 at the Mid Valley Exhibition Centre and Cititel Hotel in Kuala Lumpur.

Ostwald said it will be the group's first trip to Malaysia. "We have heard it is a very nice place and will be glad to visit and hope to stay for a week after the conference and take in the sights."

He added that the group was aware of the strong interest in security issues among Malaysians and hoped to take some "interesting meetings" during the conference.

"We have also heard a little about Malaysia's Multimedia Super Corridor and of course we would like to see the place," said Ostwald.

LSD Research was first formed in 1996 by the four Master's in Computer Science graduates from Poznan University of Technology in western Poland.

In 2001, the group gained notoriety for winning $35,000 (RM217,000) in a hacking challenge run by Argus System Group Inc on its flagship security product PitBull.

LSD Research had cleverly exploited a kernel level vulnerability in the base Solaris x86 operating system that was running on the system that Argus had deployed for the challenge.

Kannabhiran of Hack In The Box said the three-day conference will include an expo, a live "capture the flag" hacking competition, and presentations from various other security experts.

Apart from sharing of network security information, the conference promises "a look at several new attack methods that have not been seen or discussed in public before."

The conference will be limited to 700 participants and about 1,000 visitors are expected daily for the expo.

More details available at http://conference.hackinthebox.org, or e-mail dhillon@hackinthebox.org.