Interview with Dmitry Sklyarov

Our guest, Dmitry Sklyarov, is a well-known programmer and information security specialist working for ElcomSoft. Author of the book "The Art of protecting and hacking information." In the summer of 2001, he was arrested by the FBI immediately after his speech at the DEFCON hacker conference on charges from Adobe. In December 2002, Dmitry was convicted by a jury court in San Jose City of the incriminated crime. Dmitry is currently working on several projects, including Elcomsoft iOS Forensic Toolkit, a specialized tool for conducting forensic analysis of devices running Apple iOS.

- Let's start with an obvious and simple question - how did your career begin, why IT, cryptography, programming?
My parents both graduated from Moscow State Technical University (former name of Bauman Moscow State Technical University. - Approx.] [), Faculty of instrument-making, department P6. Then the cars were different - they occupied 100 square meters. m. The pope subsequently worked at Moscow Higher Technical School for more than 20 years in the main post of the head of the computer. So I was attached to computer technology from my early fingernails. There were punched cards at home, ADCU-shnaya paper was surrendered to school ... By the way, the school was without any bias, but in the last two years we had a very good math teacher. In addition, we were lucky - from the sixth grade, we began professional education. One day a week was devoted to the improvement of professional skills. While two thirds of the class was practiced on the machine tools of the Salyut plant, another third was sent to an industrial training center connected with computers. Once a week we spent six hours there, we were given lectures, there were some practical exercises ... We started with the Agat company, and in the last year of study at this plant even personal persons appeared. At that time, it was unrealistic to afford a computer at home. That is, Agat was already sold in stores and cost about 4.5 thousand rubles, while Zhiguli was worth about 6 thousand.
In 91 I graduated from school and was going to go to college. I wanted to have as many computers around as possible - this was my main goal. I really wanted to get to the department of computer-aided design, there everything is on computers. In the end - Baumanka, native university. True, that year they did not enter the department, but the faculty, and the distribution among the departments took place after the first course. Naturally, I didn’t go where I wanted: I was assigned to the department of materials resistance. And although after the semester, I still transferred, I still think that of all the departments of the faculty, the sub-mat is the most powerful department, that is, they are the best taught there. But since my school years, I realized that I like not so much programming as to understand how programs work, to look for mistakes.
')
- And after the institute?
Even in parallel with my studies at the institute, I worked at a company that was engaged in geo-informatics — I wrote programs that automated the work on creating electronic maps. Later, some time developed a similar software for Americans. It was all through the institute, that is, through the department. After graduation, I thought about where I should go, and just then (it was the 97th year) the department of information security was opened. I already understood that I like security, and I still believe that this is one of the most dynamic areas of IT. I went there to graduate school. The thesis, however, still has not defended, although it is written in 80%. It is called the “Method of Analysis of Electronic Documents Protection Software”. The same report that I used to go with Defcon in 2001 is just a piece of thesis. Now I am in Baumank part-time - I give one lecture a week, I lead graduates - and I have enough. We have such a thing - a course of choice. Students are free to choose what to go. I read to the fifth year students a course that I call “Engineering Introduction to Information Security”. I got the impression that, having reached the fifth year, many students do not understand what they are doing. I enjoy communicating with the younger generation and I work there not at all for my salary.

- Please tell us how you got into Elcomsoft.
I just wrote a piece of code for my needs. A friend of mine lost access to his Access database, asked for help. I sat down, figured out and ... helped. As a result, I got a code that could be useful to other people, but I did not know how to sell programs. It was then that I learned that there is such a company - Elcomsoft, which is located in Moscow. I got in touch with them, talked about what I have, and asked if it would interest them. I answered: "Come, talk." Initially, I wanted to ask for a little money for my software and say goodbye. But I was offered to work on a regular basis, then there was a six-month probation period ... And then they took me to the staff.

- That is, the main focus of Elcomsoft at first was password recovery?
First there was the recovery of passwords, and only then appeared related directions. The main buyers of software for password recovery, of course, were home users. There are many of them, they are easy to find, they actually come themselves. Forgotten password is a very common situation. Then came the products associated with data recovery. For example, we have a great product EFS Recovery. There is a product for auditing - in fact, it performs the same password recovery, only on the scale of the Active directory. We recently entered the so-called computer forensics market. This is also the restoration of passwords, but not for home users, but for law enforcement agencies, which are also often interested in this.

- Just wanted to ask a question about law enforcement. :)
Oh, we have a lot of thanks hanging on the wall, including from law enforcement agencies of various countries of the world. Somehow they sent a letter to our CEO saying that he was an honorary assistant to the sheriff of Texas. Back in the 90s, the Texas police arrested a man for some terrible accusation, and encrypted files were found on his computer. The police turned to Elcomsoft, and we provided them with a program. The decrypted files contained evidence of the guilty detainee.

“But it happens that people“ forget ”passwords from other people's data.
Yes, of course, this also happens, but ... For example, we recently released a toolkit for researching Apple's phones for iOS (for any device except iPhone 4S and iPad2). We were the first in the world to do this. We do not sell it to everyone, there is no open sale at all, but this product is in demand from representatives of government agencies. Therefore, the organization must provide evidence of what is relevant to law enforcement.

- Apple and other manufacturers do not mind that the company from Russia is digging into their products, and do not interfere with this? For the time being, keep silent about Adobe.
In addition to us, similar products are now being released by three or four more companies known in the global market for computer forensics. Telephone manufacturers, oddly enough, do not mind. Still, this cooperation with law enforcement agencies, the help of the law ... From Apple, we were never approached, we didn’t make any complaints. In general, with regard to claims, it often happens the other way around.

- The task regarding security pdf you put in Elcomsoft or ...?
No, the pdf idea was mine. I came and offered to do this format. I was told: "Well, if you're interested, take care." In this sense, we have a unique company - there is no tight schedule for developing software. There is no external customer who dictates the terms to us.

- From this idea was born the unforgettable Advanced eBook Processor, because of which you were arrested in 2001 at Defcon?
In general, yes. In fact, with my participation, a program was developed that allowed removing protection from legally purchased pdf documents, including electronic books. She was released in 2001. We in Russia at that time had a law, according to which any person had the right to legally make one backup copy of legally acquired products without informing the copyright holder. That is, creating this product in Russia, we did not break anything. Then we started selling it in the USA. It was just a couple of weeks before my trip to the States on Defcon. During this time, it was bought, if I'm not mistaken, only 12 or 20 copies of the program. Less than a week from the start of sales, our provider, with whom we hosted, notified us that Adobe was complaining to it. We stopped selling.
I flew to Defcon, calmly made a report on the Advanced eBook Processor there, everything was fine. But two days later, when I left the room to go to the airport, I was met by the FBI and politely offered to drive with them.

- Hands do not wring? :)
They littered, only ... You see, at the conference there is a huge number of games related to the local police. One of them is Spot the fed. There are indeed federal agents at the conference (of course, covertly), and in its course the question of the questions and answers from the audience is to calculate the person who is a federal and in any way point to him. When I left the room and came across four people who introduced themselves as federal agents, I first decided that this was a continuation of a game, although the conference was already over at that time. Tried to bypass them. One of them stopped me, grabbed my wrist, showed me a token, and I realized that I would not run anywhere, I surrendered to the authorities.

- Tell us what happened next. After all, it turned out to be a very loud story, you were detained for almost a month, you were not allowed to leave the United States for more than six months.
Federal agents brought me back to the room, looked at my suitcase and were very surprised when they found that I didn’t have a laptop with me. The fact is that with me there were other guys who after the conference flew to another city in the States. The laptop was not mine, I made a report from it, gave it to them, and they left. The FBI are disappointed. Although he would not have found any crime on the laptop.
Then I was taken to the local court building in Las Vegas. There are no pre-trial cells in the States and there are no places for permanent detention. Everything is united, as most people go out on bail even before they enter the cell. They refused to let me out on bail: there was a great risk of “escaping,” because nothing attached me to the USA. As a result, I was left in the Las Vegas prison, where I spent 11 days. And then the fun began. It turns out that Andrei Malyshev, another of our employees, who was with me and was present at my arrest, immediately called Moscow, to the head office, and said that they had arrested me. In Moscow, all put on the ears. The consulate sent a request to the prison to find out if they really contain me in it. They answered: "No, there is no such thing." It turns out that the American system is very tricky. A lawsuit against me was filed in California. Accordingly, the court was also to be held in California. And while I'm not in California - I'm not in prison, I'm in transit. The information that I am in prison is not available, and information about prisoners in transit is not given out in principle. As a result, I still found two days later.

“But you didn't just sit in Vegas, right?” What was the “experience with” American prisons?
Transportation was generally fun. By law, a person who is in transit cannot be held in the same prison for more than 21 days. It can be transported from one prison to another and only then brought to where it should end up. How much time should take transportation, no one regulates. I spent 11 days in Las Vegas, after that I was taken by plane for prisoners to Oklahoma, to the federal transit prison. It is built right on the edge of the airfield, that is, the plane goes directly into it. The prison itself is five rooms with TVs, a microwave oven, an ice-making machine, a lot of food ... well, almost a hotel. :) I spent a week in Oklahoma, after which I was transported by plane to California, San Jose.
As for prisons, before getting into an American prison, I managed to work in the construction team and attend training camps in the army. So, in the American prison is more comfortable than in the construction team and the army. So that the guard would beat the prisoner for no reason - I didn’t see anything like that. White fraternity, black fraternity - also ... in Las Vegas half of the prisoners are generally Mexicans, they are Hispanic.

- Why did the matter continue if Adobe withdrew its claims?
Yes, while I was being taken to San Jose, Adobe managed to drop its claims. But the “machine” has already been launched - I was accused of a criminal offense, the plaintiff was not Adobe, but the state. Adobe just filed a complaint, well, so they say. Accordingly, the state said: "No, we will not close the case, the person is sitting, here and let him sit." Public opinion was clearly on my side, manifestations began all over the world.

- What exactly were you accused of?
In addition to me, Elcomsoft was among those accused in the case. And I was accused of “benefiting from the distribution of a prohibited program” and “promoting a prohibited program to the market”. I did not do this. I developed it. I was not a co-owner of the company, making a profit, was not responsible for advertising. But there was one connecting point - “collusion”. The prosecutor's office decided that I was in collusion with the company. On the reasonable question of how a subordinate may be in collusion with his leadership, the prosecutor's office stated that I probably conspired with the company and with third parties. With what persons, the prosecutor's office refused to speak before the court. Thus, all the accusations against me were based only on the assumption of collusion.

- In the end you were still released on bail?
Yes, during the second hearing (in San Jose) I was released on bail of 50 thousand dollars, which Elcomsoft paid. Well, our consulate promised that I would not run away, a lot of people promised that they would be on my side. There was a place to live. The first was offered to live with him an American, whom I had never known before. Then came the Russian guys, with whom I, too, was not familiar before, beautiful people. I lived with them for a month. Then the family came to me, we moved to their friends, and after some time they rented an apartment, where they lived for another six months. Once a week I had to call the court and appear in person once a week. In general, they arrested me in mid-July 2001, released me on bail on August 6, and the trial took place in December 2002. Fortunately, I was allowed to return to Russia (thanks to lawyer Joe Kicker), but only on the following conditions: the case is not closed against me, but it is suspended, I am not an active investigative defendant, but I must appear at the first request of the court. Before I left, I had to do deposition (affidavit) - video of my testimony. I was asked funny questions, for example: "Have I ever received money from the Russian government?" I honestly admitted that yes: I was a student and received money from the Russian government. Then they asked if Elcomsoft is financing the Russian government and whether it ordered the development of this program. Obviously there were such spy ideas here. As a result, in December 2001, I was allowed to leave the States, which I quickly did.

- The court, as already mentioned above, took place only in December 2002. Did you attend it?
I and the president of Elcomsoft, Alexander Katalov, were not given a visa, but were allowed into the country for trial by a special document Public Interest Parole. Four days of the jury thought and, as I recall, on December 17, Elcomsoft was found innocent on all five counts. Since then, the case is considered closed. I am considered the person who was arrested and charged, then the charge was dropped and the case was closed. Everything.

- What do you think about this story now, after a few years? What do you think was the cause, Adobe complaint, or something else?
Now it all seems so to me. Americans had a DMCA law. At that time, it was never applied to an individual, and therefore they needed a precedent. It was necessary for some person to write a program, after using which he could be found guilty. It was necessary to show that the law works. The result was that Sasha Katalov defended the interests of American citizens for his money, defended their right to write such software.

- All this somehow influenced your future career, life? Have there been offers from other employers?
There was a lot of activity from the media, but after two years everyone successfully forgot about the case. I got no job offers. In the States, the more so - I did not have a work permit there.

- Well, let's leave the business of bygone days and talk about the present. What are you working on now?
Well, I will not describe in detail ... There is a lot of work going on. I cannot promise you any new, breakthrough products. But who knows, maybe someone will have a brilliant idea, and this idea is implemented in practice in two weeks.

- Books are not going to write more?
The situation with the book was simple - I was asked to write it, and I wrote.Perhaps, writing detective stories is economically beneficial, but writing technical or scientific literature ... If I could not do anything else, I would probably have earned just that. But the time spent writing a book did not pay off even for the five or six years during which the book was on sale. Total was printed about 9 thousand copies.

- Recently at CONFidence 2.0 in Prague, you made a report on hacking digital signatures in Canon cameras. Where did this idea come from?
I also like to take pictures, I also have a camera (Canon). The background is as follows - at one time a sysadmin worked for us, who bought himself a Canon 300D, and I, looking at him, bought myself a Canon 350D. Then I learned that Canon has the technology of capturing images that the camera makes, but unfortunately it was not implemented in my device. Two years later, I bought a Canon 30D, where this technology has already been used. I wondered how to get to it. I began to rummage through the Internet and found some groundwork for Canon. It turned out that there is such an open source project called Magic Lantern, within which people add their code to the Canon firmware in order to increase the functionality of the photo camera. There is also a forum for the Canon Hackers Developers Kit project, where people discuss how to extend the functionality of soap dishes and DSLRs.There I found information on how to decipher an update from Canon for later analysis, began to experiment and came to what I came to. The result was successfully demonstrated at CONFidence 2.0. With Nikon cameras, everything turned out to be even easier. After buying a piece of iron (usb-dongle) to verify the signature, everything was very simple. I had enough of someone else's photo with the signature, found on the web, and the piece of iron. Through analysis, I found out how the signature is formed and verified and how to forge it. I didn't even hold a Nikon camera.found on the web, and glands. Through analysis, I found out how the signature is formed and verified and how to forge it. I didn't even hold a Nikon camera.found on the web, and glands. Through analysis, I found out how the signature is formed and verified and how to forge it. I didn't even hold a Nikon camera.

- Can you recommend 5–10 books to be read by a person who wants to be engaged in information security?
Those who want to use cryptography anyway, I recommend Niels Ferguson and Bruce Schneier's Practical cryptography. This is not a reference book, but a book that helps to understand why and how to use cryptography. And so ... I, unfortunately or fortunately, taught safety not by books. When I began to be interested in this, there simply were no such books in Russia. Practice, practice only. Specific books advise, alas, I can not.

- How do you rate Russian IT education? Current students, our programmers?
Generally speaking, with the formation of trouble. They teach well, but students do not have the opportunity to study normally. I look at my students - half of them work, and work full time. How can I study full-time and work full-time, I can not imagine. When they learn and what knowledge they have at the exit, I do not know. But it is clear that they work not because they are bored, but because they cannot survive on a scholarship.
We produce thousands of engineers, but only 1% of them cope with the tasks they are being prepared for. As for programmers, I will have the answer. One of my friends, a very intelligent person who also works in IT, once said: “The number of brilliant programmers in Russia is slightly exaggerated.” We do have cool programmers, but very poorly with a teamwork culture. Therefore, we may have a lot of smart programmers, but there are very few Russian-made products.


Hacker Magazine, # 156, January 2012 .

Subscribe to "Hacker"

• 1 999 . for 12 numbers of paper version
• 1249r. for an annual subscription to iOS / iPad (Android'a release soon!)
• "Hacker" on Android