This is Behind the Blog, where we share our behind-the-scenes thoughts about how a few of our top stories of the week came together. This week, we discuss getting people to talk to us, and collapsing civilizations on the internet.
JOSEPH: In bed this morning I read through some presentation slides from Mark Dowd, a veteran of the exploit and offensive capability development industry (hacking tools for governments). They’re from a 2023 talk Dowd gave at a security conference but he just uploaded them today. They are fascinating, and if you have any sort of interest in the world of zero-days, exploits, or government hacking, I highly recommend you have a look at them. It is not often you get someone with Dowd’s deep real world experience talk (or I guess, write slides) on this topic and then you get to read them.
For those who don’t know, Dowd was a founder of Azimuth Security, a boutique offensive security firm that for years was probably the most important hacking outfit many people had never heard of. Me and my former colleague Lorenzo revealed the company’s existence, and significance, in a 2018 article at Motherboard called How a Tiny Startup Became the Most Important Hacking Shop You’ve Never Heard Of. Basically at the time, media, civil society, and lawmakers were only talking about the shadier parts of the offensive security industry. Think your NSO Groups, Hacking Teams, or Finfishers. The stereotypical mercenary hacking companies that provide powerful tools to some of the most despicable regimes on the planet, and some European cops on the side too I guess.