Johnny Long, otherwise known as "j0hnny" or "j0hnnyhax", is a

computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...

expert, author, and public speaker in the

United States The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territorie ...

. Long is well known for his background in Google hacking, a process by which vulnerable servers on the Internet can be identified through specially constructed Google searches. He has gained fame as a prolific author and editor of numerous computer security books.

Career in computer security

Early in his career, in 1996, Long joined

Computer Sciences Corporation Computer Sciences Corporation (CSC) was an American multinational corporation that provided information technology (IT) services and professional services. On April 3, 2017, it merged with the Enterprise Services line of business of HP Ente ...

and formed the corporation's vulnerability assessment team known as Strike Force. Following a short position at Ciphent as their chief scientist, Long now dedicates his time to the

Hackers for Charity Hackers for Charity is a non-profit organization started by Johnny Long dedicated to make skills-training available for people in Uganda }), is a landlocked country in East Africa East Africa, Eastern Africa, or East of Africa, is th ...

organization. He continues to provide talks at many well-publicized security events around the world. In recent years, Long has become a regular speaker at many annual security conferences including

DEF CON DEF CON (also written as DEFCON, Defcon or DC) is a hacker convention held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyer ...

, the

Black Hat Briefings Black Hat Briefings (commonly referred to as Black Hat) is a computer security conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world. Black Hat brings together ...

, ShmooCon, and Microsoft's

BlueHat BlueHat (or Blue Hat or Blue-Hat) is a term used to refer to outside computer security consulting firms that are employed to bug test a system prior to its launch, looking for exploits so they can be closed. In particular, Microsoft uses the term ...

internal security conferences. Recently, his efforts to start the Hackers for Charity movement have gained notable press attention. His talks have ranged from Google hacking to how Hollywood portrays

hackers A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...

in film.

Google hacking

Through his work with CSC's Strike Force, Johnny was an early pioneer in the field of Google hacking. Through specially crafted search queries it was possible to locate servers on the Internet running vulnerable software. It was equally possible to locate servers that held no security and were openly sharing personal identifiable information such as

Social Security number In the United States, a Social Security number (SSN) is a nine-digit number issued to U.S. citizens, permanent residents, and temporary (working) residents under section 205(c)(2) of the Social Security Act, codified as . The number is issued to ...

s and

credit card A credit card is a payment card issued to users (cardholders) to enable the cardholder to pay a merchant for goods and services based on the cardholder's accrued debt (i.e., promise to the card issuer to pay them for the amounts plus the o ...

numbers. These efforts grew into the creation of the Google Hacking Database, through which hundreds of Google hacking search terms are stored. The field of Google hacking has evolved over time to not just using Google to passively search for vulnerable servers, but to actually use Google search queries to attack servers. Google Dorking has been used to commit various forms of cybercrime, such as the doxing of Supreme Court justices in 2022 and the hack of the Bowman Avenue Dam. According to Star Kashman, a legal scholar who has explored the legal implications of this technique, while Google Dorking is used for legitimate purposes like conducting research or assessing vulnerabilities, it could also be utilized for malicious purposes as well.

Hackers for Charity

In his latest endeavor, Johnny Long has created the

non-profit organization. Known by its byline, "I Hack Charities", the organization collects computer and office equipment to donate to underdeveloped countries. Along with coordinating the donation of goods and supplies, Johnny lived in Uganda with his family for seven years full-time where they personally setup computer networks and helped build village infrastructures. In addition, they started a computer training center which provides free and low-cost technical training, a hackerspace, a restaurant and a leather working program all based in Jinja Uganda. Each of these projects are still running (as of May 2019). Each of these projects were funded by donations from the hacker community through fundraising efforts at various conferences.

Personal life

Long is known to publicly pronounce his faith in

Christianity Christianity is an Abrahamic monotheistic religion based on the life and teachings of Jesus of Nazareth. It is the world's largest and most widespread religion with roughly 2.38 billion followers representing one-third of the global pop ...

. He begins and ends each of his presentations with information regarding

and regularly donates proceeds from his books to help HFC.

Published works

Long has contributed to the following published works: * ''Google Hacking for Penetration Testers'', Syngress Publishing, 2004. (Author, book translated into five different languages) * ''Aggressive Network Self-Defense'', Syngress Publishing, 2005. (Author, Chapter 4, "A VPN Victim's Story: Jack's Smirking Revenge" with Neil Archibald. * ''InfoSec Career Hacking'', Syngress Publishing, 2005. . (Author, Chapter 6, "No Place Like /home – Create an Attack Lab") * ''Stealing the Network: How to Own an Identity'', Syngress Publishing, 2005. . (Technical Editor, Author, Chapter 7, "Death by a Thousand Cuts"; Chapter 10, "There's something else" with Anthony Kokocinski; and "Epilogue: The Chase") * ''OS X For Hackers at Heart'', Syngress Publishing, 2005. (Author, Chapter 2, "Automation" and Chapter 5, "Mac OS X for Pen Testers") * ''Penetration Tester's Open Source Toolkit'', Syngress Publishing, 2005. (Technical Editor, Author, "Running Nessus with Auditor") * ''Stealing the Network: How to Own a Shadow'', Syngress Publishing, 2007. * ''Google Talking'', Syngress Publishing, 2007. (Technical Editor and Contributor) * ''Techno Security's Guide to Managing Risks for IT Managers, Auditors and Investigators'', Syngress Publishing, 2007 . (Author, Chapter 8, "No-Tech Hacking") * ''Asterisk Hacking'', Syngress Publishing, 2007. (Technical Editor) * ''Google Hacking for Penetration Testers, Volume 2'', Syngress Publishing, 2007. (Author) * ''TechnoSecurity's Guide to E-Discovery and Digital Forensics'', Elsevier Publishing, 2007 (Author, "Death by 1000 cuts"). * ''No-Tech Hacking'', Elsevier Publishing, 2008 (Author)

References

External links

* {{DEFAULTSORT:Long, Johnny Living people Writers about computer security Year of birth missing (living people)