# how many forum members does it take to summon the evil who turns out to be a very sexy girl?

there is a well-known joke. “how many forum members does it take to change a light bulb?“. it’s funny, but it’s true. I would say the very true. instead of answer a question, people usually just piss off the topic starter.

what happened to me is: reading the article about San-Francisco, I met the ad, offering me to sell my soul for a fair price, just dial 1-800-666-EVIL. interesting… is it real?! well, I sold my soul twice (yep, do you think devils use computers? hell, no! everything they have is goose-quill and sheepskin! imagine, how large their database should be, and how long it takes to find out that they bought something that they have already paid for. ups, gays, if you read all this, please don’t be pissed of, nothing personal, business is business).

well, 1-800 is not toll-free for me (however, it’s quite cheap), so the first thing I did was… yeah, googling! after all it was just curiosity. ops! looks like it’s a popular question and people flood forums trying to find out the answer, but 99% replies were far from it. like, oh, come on, there is no Satan — the son of God, it’s just a phone. I do know it’s a phone, and it’s served not by Satan himself of course, but… what’s all about?! I wonder… I wonder…

eventually, I just dialed 8P101-800-666-3845, a woman with angel’ voice warned me that it’s not a toll-free number and I will be charged for an international call… beep-beep… and wow! it’s not Satan’s phone, it’s BDSM-sex pay phone, accepting VISA and Master-Card. $1 per minute. but it’s worth what it costs, especially if you’re tired of vanilla life.

well, if you’re going to San-Francisco… don’t forget your soul on a way back, because my soul is there.

dial it now or never!


# San-Francisco – A Dream Came True

ever had a dream that came true exactly the way you saw it? I had a dream and it came true. the story began on Wednesday, April 23, 2008 03:03 AM when I sent a mail to Maryellen O’Connell who is a senior recruiter at Macrovision. “23″ is my lucky number as well as “#3″ and it was a lucky shoot. I shot in the dark. there was just me, my den and a job offer posted on OpenRCE board.

Macrovision was looking for motivated, experienced, and intellectually curious engineers to develop-n-implement security code for Blu-ray discs in their San Francisco office. at that time I was nobody. I had no education, never wrote a resume before, never ever tried to find a job in US, my English was just terrible (especially the spoken one) and I had no real experience at all, but I was a very successful writer, published a dozen hacker books, some of them were translated to English and became quite popular. well, we all began as something else…

the first resume in my life were written by Maryellen. yeah, I’m serious. I just sent her a letter to introduce myself and she had done the rest of paperwork. she was the first HRM I met, but she is the best, she is very professional. only because of her I found myself in Macrovision, or to be more specific – former Cryptograph Research Team, acquired by Macrovision, but at that moment I had no idea who I was going to work for.

there was a phone interview with manager of the group and I was not good on phone. I got a challenge and failed it. the H-1 visa’s applications had been closed that year, so Maryellen had no idea what we could do. she did not say allez-vous en, none the less.

time was getting on and on, I was keeping my head high, trying to be strong, telling myself: “you can not give up your dreams” and Maryellen was the only one who could make it happen and it’s actually happened.

Friday, July 25, 2008 12:55 AM. Maryellen wrote me: “working on bringing you here in the next couple of weeks…..“. the fire in my eyes was slowly fading out until I’d realized that I had no chance to be there. I’m not a welcome person to US. life never turns out the way you want it.

Sunday, May 31, 2009 8:48 PM: Finally, I’ve got my visa. it took more than a year!!! I was afraid that Maryellen forgot me, because… well, who would wait for an employee more that a year?!

could you believe that they did remember me and still were interested?! wow! but at this moment I wasn’t nobody. I became a well-recognized person, a part of McAfee team (former Endeavor Security) and got two my own projects there. my projects, my co-workers, my boss (now – my supervisor) who is my best friend. I was just keeping myself hooked up to that line, and it worked as it’s working now. It takes me to another dimension of relieving the reality, like I’ve been up on ecstasy, my module, my shell-code detector, had been integrated into a commercial product and I was so excited about. I had no intention to leave McAfee and I have no intention to do it now, but I wanted to be the front line of defense against pirates of Blu-ray content, research and implement novel and foremost tamper resistance techniques or, simple, anti-dbg tricks. the only motive I had is to make something out of my life. I wanted to be on the edge and the former Cryptograph Research Group was the excellent opportunity.

Wednesday, June 10, 2009 2:40 PM (UTC+4), DOMODEDOVO, Moscow, Russia. Flight Number 159. Seat 12A. American Airlines. Departure. Boeing-767. nice 2 rows seats plain my first transatlantic flight. I was in Malaysia (Boeing 747, KLM), I was in Israel (Boeing 737, Transaero), I was in South Africa (Boeing 747, KLM), I was in Korea (Boeing 777, Koran Airlines), I was… hell I remember… but it was my first transatlantic flight (cam on the board is allowed. will upload my shoots soon). well, basically it’s just nothing. annoying noise, dirty clouds, ugly crew members (American stewardesses are the worst nightmare I’d ever had in my life, even Aeroflot crew members much better and friendly).

Wednesday, June 10, 2009 9:20 PM (UTC-8), San Francisco, CA. Wow! I’m in SFO, riding to Galleria Park Hotel (very nice hotel, btw, but it’s nothing compared to Asian hotels, well, even South Africa hotels have much better erumpent and better service, and of course, the better view of windows, well, never mind, it’s my dream after all, I was not looking for luxury, I came not as a tourist).

the next morning. I was walking SFO streets dispatching my route to Macrovision office which is only two bocks away. ok, this is it. ground zero. 575 Market Street. high building with two doors: McDonald and the closed one. what’s the hell?! called to Naomi (the gal that runs the office) and asked her to bring me up. in a few seconds I met her. she is a) while, b) skinny; c) beautiful. I thought she is black. I don’t know why. I love black girls! fat chance to meet a black girl in the states. there is no one left. they’re not black. if you want to meet a real one – come to Zimbabwe. black girls there are just awesome!!! well, never mind. I came to US not for girls. anyway, Naomi is not my girl, she is the one who brought me up to the office. we passed a bridge over A-River, decorated with stones – what’s a beautiful place! I liked it from the first sight. I like stones, Korean people do unbelievable things with stones. I just wonder, who designed #575 building? it’s very different from the regular ones, composed of metal and glass. Cryptograph Research building is awesome. good place to work!!!

a few minutes later. I met the team. some people I knew, but most of them – not. what could I say? I found the smartest team I’d even seen in my life. there was Jeremy (you can met him at OpenRCE and Hex-Rays). this guy is a genius. and there was Jonny. he has more patents than I could even imagine. and there was Neil. a black guy. not wonder that we got on like a house on fire and quickly chummed up. I like black guys especially after being in South Africa. they’re open-mind and friendly. so, I was very happy to be among these people.

the next day. I got a challenge. an obfuscated crack-me. it was simple (no anti-dbg tricks, simple math algo, FPU registers were used by engine, but they were not obfuscated at all, so basically there was no obfuscation, bur even if it were, lack of resistance against black-box analyze allowed to hack the crack-me in a second), but… I get used to work in my den, _not_ in foreign environment. I was not nervous, the code was clear for me, but… I could not concentrate. probably because of getting so much exciting feelings in short time. so, I failed the task. well, not really. my motto is: never give up. giving up is easy, I did not want to ruin my dream, and had to intention to throw away my life. to give up without a fight – it’s not my way, so I just cheated. yeah. I always cheat if want to take control, but I can’t. and it worked. they were supposed to say something like: go away, but they did not. don’t know why. maybe because I explained _why_ I cheated. I’m a hacker. can you understand the word I just said? I never go the way I’m supposed to. I prefer to do something unexpected. finally, there is always one more way than it’s expected. that way – is my way. real life asks only “what” (need to do), but never wonders “how”. real protection is not a crack-me, begging, oh, please, don’t patch me, oh, man, you should understand the logic. should I? why? for what reason?

nowadays. I know nothing, I mean _nothing_ about cryptography (though, McAfee is going to patent my finding, related to crypto), I’d never even seen Blu-Ray disk, but I’m on my way to work for former Cryptography Research group, focused on protecting Blu-Rays. It was my dream and it came true. I _will_ do move to San-Francisco or bay area. even if Macrovision will decide do not hire me, well, there is McAfee headquarters in Santa-Clara. even if McAfee will decide do not hire me, well, it’s California – the cradle of many companies. and I’m a reverser. I will do find my job there. well, maybe not… my team is in DC. we were together more than a year. I know them, they know me, I have a job, I like what I’m doing and (what is more important) I see my future in McAfee, but have no idea what I’m going to do for Macrovision.

the funniest thing is – I’m still an independent consultant. I have no position neither in McAfee, nor in Macrovision and this fact pissed me off. and the more important thing is – why the states? moving to the states it’s a standard. moving to South Africa it’s… yeah, it’s something that nobody expects me to do. come on, I’m serious. South Africa it’s a good place to live! and for me is no problem to earn money working remotely. but… remote job means to be alone. fuck. what’s a fucking world. I don’t know why I wrote this post and what’s it for. I’m like Buridan’s ass placed exactly in the middle between two stacks of hay of equal size, starves to death since it’s too hard to make any rational decision to start eating one rather than the other. the only way is – just forgot these two stacks and find the third. this is the only way to solve the problem, especially if one stake exclude another.

San Francisco, 575 Market St, 11th floor, Macrovision office outview (former Cryptograph Research)

# badly kept garden

nezumi-lab was deserted and tumbling into ruins. abandoned. felling into disusing. like a dead track. what I was doing with my life? what I’m doing with it now? where am I? as always – in the middle of something very important that keeps me alive, makes me busy, adsorbs days and nights. no free time. hell existence called life. where am I? what’s happening to me? what is this pain I feel? why does it hurt? something definitely wrong with me, but who cares? I’m moving forward, madding maybe the biggest mistake in my life trying to find a way to heaven.


# back to civilization

my trip (see: “I’m on my way to South Africa“) is over, time to wind into the bushes of my den and dive into reversing work. where am I? what’s happening to me? everything’s so cold, everything’s so dark, what is this pain I feel? why does it hurt? please no, let me die!!! brick stones. four walls. a dozen computers. five monitors. three telescopes. my native workplace raped by gothc music: BlutEngel, Sirenia, LAme-Immortelle… but why I feel kind of a great depression? my den… it’s not just stuff, it’s a part of me, it’s me by myself. so, why I’m unhappy? I live in the best place ever (see photos), I have everything I want: computers, kang (see Chinese dictionary), fast Internet connection, a good job – this is not what I do, this is what I am, but why the best place does not make me happy anymore. well, it does, but there are better places! they are different, exotic and very-very attractive.

should I compare my den with the Capital of the South AfricaPretoria – city where I was tripping for two weeks? guess, better do not. basically, Pretoria is a big village. clear air, a lot of tress, very friendly people, who hail you even we never met before. most of them are white. and they look good. but black people look better. they are just amazing! especially girls. I met a girl from Zimbabwe. if she were not married I would offer her my heart.

blacks and whites. what’s a contrast!!! friendly people and barbed wire up and down with “armed response” banners (means: we shoot you first, and ask who you’re – the second). interesting. yeah. there are a lot of problems there. but, you know, guys, South Africa is my second favorite place. the first is Israel. South Africa is too European. Israel is very special. kind of ethereal energetic is there. I can feel it (meanwhile, I’m religious neutral).

Right now I’m working for McAfee. it’s remote job and there are a lot of problems. I’m tired of my den, tired of loneliness. this is the reason why I started to offer Reverse Engineering Course to everybody. I’m just enjoying being with clever men, smart teams.

What’s about South Africa? oh, you would not believe me. there is a very special and unique firm called Sense Post, focused on pen-testing, consulting, training, etc. this is the smartest team I ever met in my life. they’re bright and creative. dress-code is a bull-shit. the only civil man there was my fried from Iran. the rest wear whatever they want. wow!!! this is what I call a freedom. ideal place to grow and generate new ideas, speaking of which I found a new way of immunizing applications and servers against remote attacks. the question is how to find a buyer :=)

had I a worker visa I would move to South Africa or Israel years ago. USA just an option. it’s something, oh! USA! a lot of job, thousands security firms, but… the question is the same: no visa means nothing. like anyone is going to give me a visa to fly to USA. that’s funny. the states does not want me to enter. fine! “highly skilled foreign professional may also be considered for permanent Resident StatusMalaysia Deputy Prime Minister had said

anyway, I’ve returned enriched by new ideas (will describe them soon, follow the news) and, you know, I’m very happy. for the short time I crossed four seasons – flied out of winter to summer, met autumn there and returned to spring. awesome! thanks for Jacqui, Haroon, Nicholasand the rest of Sense Post team! I was really happy to share my knowledge with them and I learned a lot from them as well!!! old ppl say: “you are not great just because you say you are” and Sense Post guys do not say they’re great. they’re just great. in silence.

Endeavor Security (now Endeavor System – the part of McAfee empire) was like the heaven for me. Christopher Jordan (the CEO) and Barnaby Page (Senior Vice President) are my friends. there’re very friendly, open-mind, wise and clever and technical. not bureaucratic. nobody plays political games. it was good. but now… Endeavor is a part of McAfee, things are changing and I just don’t know what to expect for. Alone in the dark. over and over. the endless story. oh… a lot of thing to do. and when you have a lot to do, start with a meal!

South Africa, Zebra Hotel

# I’m on my way to South Africa

Hi all! Guess where I am now? In the dessert of cold snow, in the an international airport of Moscow on my way to Amsterdam (transit) and South Africa (the final destination). There is summer now, so from winter to summer – what’s a trip I’m going to get. Quite long trip I should say. I have not slept 3 days. My mind just freezing like beta version of Windows. But it’s worth what it costs. Far away from my den, I’m not alone. There are a lot of people here and I just enjoy talking and chasing girls. You know guys, girls are easy on trips. They’re expected to be diseased, oh, no not diseased, I mean they are just so sexy and they want what I want – find the best way to kill time.
I would rather watch girls on youtube, but wifi Internet is quite expensive here – about $10/hour. And I forgot my headset. Damn! There is so much noise, my ASUS eee has no too powerful speaker, so I hear nothing. Btw, my ASUS eee is she, not he. I’m not a gay after all. Um, don’t read this crap, I just too sleepy and type it for one reason only – do not fall asleep. It’s Moscow!!! You fall asleep and you lost everything you have had. In my case it’s ASUS eee with stuff prepared for RE-training, Nikon D80 (cheap, but good enough for me, however, I’m going to buy D300). Did I miss something? Well, cell phone, cash, etc. so, better to keep myself awake, typing any crap on my blog. Um, I will delete this post anyway :=) guess, nobody is going to read it. Well, maybe not. Maybe I’m wrong and people want to know how good (bad) Moscow it. Of course, different people have different points of view, but in general, Moscow is a huge, noise, ugly, dirty, cold city. Architecture is just awful. Much worse than Kuala-Lumpur, Tel-Aviv, Jerusalem or Amsterdam. I would not like here, I prefer to stay at my place – North Caucasus or… move to Israel, or to South Africa. Why not? Maybe I will fall in love with that place from the first sight. Who knows? The only way to find it out – check it out, making a try. So, I’m flying to South Africa.
Meanwhile – is was not easy to get my visa to South Africa! It was just a mess! We (me and Sense Post company) were very nervous about it. We all invested a lot of money and… getting a visa was a real issue, bug problem, solved from the both side. Sense Post grabbed lawyers to called to the embassy and explain how important to make a visa in time. Me? Well, I’m far away from Moscow and have no lawyers, but I asked the best traveling agency for help and it actually worked out!!! In 12 hours I’ll fly to Amsterdam. It’s about 4 hours. And about 13 hours of flying from Amsterdam to South Africa. Kind of torture, but never mind. I get used to it – changing places, planes, hotels. Sorry my terrible English. There is no dictionary, no spell-checker, and I just hate small notebook’ keyboard!!!


# truth is out there…

going to South Africa to Sense-Post firm, I spend every free second on watching SA flicks. just want to know more about the place.

and what’s interesting… there are so many different points of view. one clips show us real heavens – nice weather, friendly people, wild nature, very beautiful landscape, unique culture. other clips show us… dirt, blood, violence, racism – a very dangerous place where you could be killed, rapped or rubbed every second.

the question is – where is the truth? do you want to be scared? well, see this:Child Prostitution – South Africa and now, see, this:South Africa Video Blog (Part 1) and this: South Africa Video Blog (Part 2)

well, “Child Prostitution” is Journeyman Pictures stuff. they see dirt everywhere. I don’t buy it and prefer to trust the personal blog. it’s real impression of the real girl. I will tell you my own impression when I return from South Africa. just need to get a visa and it’s going to be a problem. the hotel where I’m planning to stay located in a restricted area (according to the embassy) and they want to see original of the invitation letter like scans are not good enough. um, never mind, I hope we can handle it (we – me and Sense Post).


# Hill of Spring => Unity In Diversity

! שָׁלוֹם I mean goeie dag from Tel-Aviv!

what’s a wonderful place! I feel like I traveled another planet, or returned from the future, where architecture is absolute different from everything I have ever seen before, not speaking how amazing shore line is, the line’s occupied by endless hotels scratching the sky and bursting my mind with nuclear bomb of exploding creativeness. I shot a few photos and started to upload some of them on my photo-blog:

outside Israel some people believe that there is a war and Tel-Aviv is not safe for traveling. bullshit! just a few girls with guns and… soft-ice. could you believe? girls who love soft-ice more than OllyDbg?! wow! they ever more sexy than girls with guns. I asked to touch a gunpoint or at least kiss her but was sent out. well, except for that people are very friendly. whether is just fine, men are incredible smart – it was a pleasure for me to share my ideas with them (I learned many new things at the same time :-). dozens security firms are interested by my work – means a lot of job – no way to be unemployed there and no way to starve. food is natural, cheap and unbelievable delicious. what’s else one could whish for?

it was my second but definitely not the last visit to Israel. I like Israel with all my heart. too much so positive feelings. too many so good and so smart people there. it’s just incredible. it can’t be, but it’s real. it’s a dream, or maybe a dream came true? I don’t know, but I’m 100% sure that Israel is the best place of Earth to live and work. um, I have not seen other countries yet (Malaysia is an exception). well, going to fly to South Africa, Johannesburg Area on Feb-19 to lecture RE course (the syllabus is not available yet) to Sense-Post company – we met at the last HITB 2008 conference and were exchanging tons of mail for a while. Sense Post is very creative company crafted with experienced people who definitely know what they are doing and what for.


# RE course in Tel-Aviv

…in a few hours I will leave my den, step aboard and fly to Tel-Aviv to lecture RE course for reverse engineers. the syllabus is available. who ever would have thought it! for years I had never crossed the border of my country. think what a sacrifice he has made. I lost my solitariness. but I’m still free. don’t know how long though. right now I’m working for Endeavor Security, Inc. it’s a non-exclusive position means my boss closes his eyes to my little “business”. so I lecture RE courses world-wide. it does not bring a lot of money and I’m thinking maybe it’s a good idea to get a full-time job, but… all offers I have got – they are exclusives => losing my freedom. so, I’m thinking… is that worth what it costs? well, maybe not. anyway, I’ll do my best to continue lecturing reverse courses just to meet smart clever people, just to share ideas with. it’s really amazing! well, if you’re interesting, drop me a line or leave a comment.


S7 airlines is under attack!

I’m going to Tel-Aviv to lecture RE-course for security engineers well, I went to my favorite S7 Air company web site to book tickets and what I saw? wow! site was not working more than six hours due to hacker attack and I’m still not sure that my booked tickets are good enough to flight. ok, we will see…

click to see full-size image

San-Francisco – the place to meet

…in a few hours I’ll fly to Moscow to meet USA’ consul for an interview and giving them my fingerprint. if everything will be fine (a dream that’s coming true) I will fly to San Francisco on Feb-4 till Feb-9. I would be happy to meet you guys there! my cell phone is: +7 (918) 268-37-76. buzz me or send SMS.

San-Francisco is an amazing, beautiful and kinky city! never been there, but why knows, maybe it will be my second home. an atomic opportunities to change my life. it’s a nuclear bomb. a real one, earthshaking everything that surround me and all. it’s not about the job or big salary, it’s all about the most interesting people to work with there, doing right things. the pot of gold at the end of the rainbow. ok, like my favorite movie hero says: just wait and see.