RSnake, Web Security and a few beers

BlackHat Abu Dhabi 2010 is special to me for many reasons, chief amongst them is that I got to meet one of my most favorite hackers - RSnake. When I started taking my baby steps in web security, like most people at that time, I started off by reading the excellent content available on OWASP combined with some heavy use of Google. Around this time I think it was Manish that introduced me to ha.ckers.org, am so glad that he did, it almost immediately became an addiction. Back then I only understood parts of what was written on ha.ckers.org, sometimes an entire post would be beyond my grasp but I still enjoyed reading them. It was not just a blog it was an event, an event where RSnake and his loyal band of commenters had a gala time. There are many instances where I had read a few Wikipedia articles and docs to understand a topic just so that I could know what RSnake and the commenters were laughing about.

I did not have to follow the RSS feeds of a few dozen blogs instead I only checked ha.ckers.org on a regular basis. If there was some interesting news in the web security world then it would be talked about at ha.ckers.org along with RSnake's opinion on how significant it is and how it impacts things, served with a pinch of humor. This was in addition to RSnakes's own bag of tricks which always had something clever. ha.ckers.org was an excellent learning medium and has probably helped and inspired countless folks like me across the world. Its is extremely hard to discuss an advanced topic without making a novice reader feel alienated and bored. Also it is equally hard to discuss a technically simple yet important topic without making the smart ones cringe. Somehow ha.ckers.org managed to do both very well, a feat that is very hard to match.

Coming from a part of the world where you almost never get to meet most of the famous hackers in person, in our heads RSnake usually has a larger than life image, he is more like a WebAppSec folk hero. So meeting him personally was really special. As a person he is very friendly, chilled out and did not seem to mind the fact that I am relatively a n00b :D. We spoke for quite a long time, heard a lot of interesting stories related to ha.ckers.org, his book and more. Though he didn't seem to like my choice of beer, meeting him has only increased my respect for him. He is one of the key figures who has shaped the web security industry and an inspiration for many.

This is an excerpt from a recent interview of his:

..if you love security, don't let the people at the top of the security industry dictate the terms by which you do your research, disclose your vulnerabilities, or do your job.You have a ton of potential, and life is too short.My Father used to tell me that if you love what you're doing you'll never work another day in your life.To paraphrase him - if you aren't having fun in security, you're doing something wrong.Put a smile on your face, and go do what makes you happy!

This probably says more about him than I can in a few dozen posts. As he shuts down ha.ckers.org to go on a different journey I would like to wish him success on behalf of all his followers from India. Good luck RSnake!