The last time I saw Barnaby Jack, at the CanSecWest security conference in Vancouver, he was bleary-eyed at the hotel bar with a drink in his hand. It was not yet 10:30 a.m.
The last detailed conversation I had with him, after his famous Black Hat “jackpotting” ATM talk in Las Vegas, he seriously scolded me for insisting on full technical details of the research, making it clear he would never act irresponsibly to suit anyone.
This is the Barnaby I remember, a man who partied so hard that you worried about his health and well-being. Yet, he was a shy, responsible security researcher who was so well respected that, at age 35, he was already a mentor to an entire generation of hackers.
Tales of Barnaby’s hijinks of alcohol, dirty words and epic global adventures (I’m told there’s an amusing story of a Russian Mafia kidnapping experience in Latvia) will emerge in the wake of his sudden death but don’t let those stories skew your impression of his value to the security community.
Tom Ptacek says it best:
“Many are famous for ‘stunt hacking’. Lede on #barnes will be ATMs & stuff. Let’s remember also that he that knew his s**t. The real deal.”
When a researcher dominates the news headlines with dramatic images of ATMs spitting out cash, it triggers a lot of jealousy and dismissive chatter about hype and media-whoring. With Barnaby, it was different because his peers appreciated all the quiet, behind-the-scenes work he did to make the computing world a better, safer place.
A quick glance at his resume shows stints at Foundstone, eEye, Juniper, McAfee and IOActive. He is perhaps best known today for hardware hacking — ATMs, Wi-Fi routers and medical implants — but Barnaby’s hacking talents date back to the 1990s.
Marc Maiffret, a peer from the good-old eEye days, explains:
I first met former eEye Researcher Barnaby Jack almost 10 years ago when I was discovering some of the first remote Windows SYSTEM vulnerabilities in the late 90’s. In searching for like-minded individuals and someone with deep “win32 ASM” knowledge I ended up meeting Barns in a win32 software cracking channel and the rest is history and a lot of good times.
I was privileged to watch Barns grow within eEye Research from his early days of literally writing the book on Win32 exploitation to discovering some of the most critical Windows based software flaws to the point he eventually became bored with such research and moved into the land of hardware hacking.
He quickly made short work of hacking various consumer grade routing devices not by simply leveraging configuration issues, as others had done, but by remotely exploiting buffer overflow vulnerabilities on these devices as he would as simply against Windows.
He never liked being interviewed. I remember in 2006 when he published a remotely exploitable vulnerability in D-Link routers, he casually pointed me to the advisory and turned down the chance to make headlines for himself.
That’s not saying he wasn’t a showman. Showing up at Black Hat in 2010 with live demos of ATMs spitting out cash was beyond brilliant. In Abu Dhabi later that year, he went a step further.
Tiffany Rad, who was there, remembers:
The hotel had heard about his ATM hack that he did on stage for Black Hat Abu Dhabi. Indeed, IOActive shipped the ATM to Abu Dhabi, but they didn’t send any money with which to load it. In the front row, a guy stands up and pulls out gigantic wad of thousands of American dollars from his robe, hands it to Barns and said, “load it up!” He did.
So the hotel manager knew about the ATM hacking presentation, and when Barns told the manager that he thought their gold bar-dispensing machine in the lobby may be vulnerable to the same hack, they were curious and said it was fine if he attempted a compromise. Barns asked me to be around just in case things went south.
I sat in the lobby and watched from afar as he unplugged the cable from the back of the gold machine and hooked it up to his computer. Then security arrived. A picture may exist that captured this moment 🙂 Apparently, the hotel manager thought he had the authority to grant permission for it to be hacked, but the Emirates Palace didn’t actually own the machine. Another company did and they were not happy.
In summary, representatives from American Embassy showed up. But the mistake was explained and all was good.”
That was Barnaby as his core. Curious, daring and always wanting to push the envelope.
As we mourn his sudden passing, I’ll let this Slashdot comment sum up his life:
“He was an interesting character. He helped me sneak a girl into a hacker party at the Peppermill one year during Defcon. No one that drank with him, even once, will ever forget him.
God had better keep an eye on him. If the pearly gates have any exploits, he’ll find them.”
With a beer in hand and a mischievous smile on his face.