In recent weeks, the joy that is LIGATT security has rumbled on via Twitter, and I have finally bowed down to my internal pressures to write this entry. For those of you who have been living in a cave for a while, LIGATT are a farce of the highest order. They are headed by the insanely vocal Gregory. D. Evans (an ex-con and shouty Yankee loudmouth). Greg is a douche. It’s fairly simple. Attrition know it. Lots of folk on Twitter know it. Apparently Greg is the number one hacker in the world, and has even written a book about it (http://www.amazon.com/How-Become-Worlds-No-Hacker/dp/0982609108, which I refuse on the grounds of good taste to link to). I say written, in as much as he plagiarised most of it (see here for more data on that). Greg may also have threatened Chris John Riley (an awesome guy and good company at HAR btw). Like I say, Greg is a douche. Matthew Hughes at SHITcast scored a coup by getting an interview with Greg and Greg dutifully revealed his douche-bag self for some of the world to hear. Greg is also apparently a millionaire (as well as an ex-con) with ‘celebrity friends’ (this being odd bearing in mind that the current Amazon sales rank for his tome is 675,217 (with sales ranks 10,000+ equates to between 1 and 5 a week, so I reckon Greg is selling like one a month, which will NOT make you a millionaire). Greg has also called racism on the industry, and claimed he is regularly insulted by folks out there (Greg that’s not because you are African American, it’s because you’re a douche). So what though? A bullshitting Yank speaking bullshit, not that shocking…
What is shocking (at least to my cynical self) is that LIGATT have been hit seriously hard by the computer security industry / community / call it what you will. Almost without exception all of Greg’s claims have been refuted / disputed / and generally showed up for the BS that they are. This is awesome news of the highest order. Now I’ve worked for flim-flam men like Greg in the past (the last freelance gig I did, I spent all of two weeks working for one until I figured out their Barnum-esque nature) and there are plenty floating about. What is awesome is that at least in the case of LIGATT, they are getting serious scrutiny (and being showed up as the deceptive, duplicitous, and fraudulent ‘business’ that they are). This gives me real hope for the future. I have thought for years that it’s actually time to run the idiots out of the industry (be they fraudulent in the case of LIGATT or believers in delivering low value at high cost as in the case of a number of large consultancies I could mention) and in the case of LIGATT it actually seems to be happening.
I have no great or burning desire to promote, endorse, or indeed support LIGATT in any way (and this post gives them the oxygen of publicity which sucks), and I can only sincerely hope that their ‘CEO’ is arrested for securities fraud (he appears to be doing a pump and dump scheme of the highest order) and that a very visible set of cowboys are run out of the industry. If the last scenario doesn’t happen, and the douche actually does end up making money I will most probably end up leaving the industry in disgust, and taking up basket weaving. Meantime the fact that Greg is getting such treatment as he is currently receiving gives me real hope about the industry I love, and call home.
I agree 100% that he is a douchebag and the industry has enough retards in it.
I for one once made the mistake of writing a security white paper and selling it for 200 bux, only to have the guy who bought it claim it as his own and speak at every conference under the sun on it, and not one person has questioned him on the similiarities between my published paper datemarked 18 months ago, and his. They both have something in common – they are smooth talking deceptive salesmen with no real skills other than how to manipulate others into their spiel.
Who does this remind me of? Greg reminds me of a modern day Mitnick (another douche bag I have no respect for), that made money off of books, and got his fame by being arrested. How does one get the title for ‘worlds best hacker’ if they get busted? I thought the point of it was to NOT get busted?
By the way, it appears that through clever SEO, I had to dig through 5 pages of google searches to get here, so anyone googling ‘Ligatt security bullshit’ has to sift through a lot of it to get to the goods.
As an added bonus, here is something I digged up from their facebook comments that made me lol
http://attrition.org/errata/charlatan/gregory_evans/ligatt-yes_you_were_hacked.png
So who stole your research? Name and shame….
It never ceases to amaze me how someone with literally no credentials can go through a industry and claim without proof to be something they indeed are not. So far his credentials have been brought to question and proven in most cases (still investigating two) that his certs and claims are fake.. Also on his NationalCyberSecurity.com website he clearly uses peoples names and credentials that have no clue of him, ligatt, or the site.. I recently talked to one of these people http://www.hackerforhire.com
@Mike
I was paid for my ‘research’, albeit a low price. I should have asked for royalties or something. I’m going to keep his name confidential as I don’t want to start a shitstorm.
Well at least you learnt the value of negotiation. That said, if you have proof of payment, naming and shaming might be the way to go rather than letting it eat you up…
Mike, Ref. June 18th post…
What is a douche? You reckon Greg is selling one book a month…. Why are you rebelling? You are one of those out there in the group who regularly insults Greg Evans. BS Yank, is that not racist?
Hummmm….Cynical self, people really believe those who are cynical. Nothing is shocking to cynical people.
While you are pointing fingers at deception, duplicitous and fraudulent business, you are those exact terms.
I hope you included yourself in the group of idiots…define idiot. Furthermore what does Greg Evans have to do with your career choices? Maybe if you basket weaved, you will be quick to listen, slow to speak and therefore slow to anger. It is so evident that you discuss yourself because you can’t make any money…if you were making money you would not have time to slam people all day.
What? The treatment such as he is getting from people like you. You should be ashamed of yourself. You are the true enemy of the industry. You are the cankerworm eating up the opportunity for others to succeed. All by yourself, can you prove anything you just said?
Woo-hoo… I just got Greg’d (Source IP of this and other comments (bullshit and thus not approved) ties back to 72.151.116.19)
PS: Hi Greg, I still maintain you are a douche (if you knew what that was, you’d be really pissed)
PPS: I am the true enemy of the industry – I smell t-shirt…
Yankees are hardly a race.
Also, screw you, Greg, I’m running out of money just to buy t-shirts with your quotes on them.
“define idiot
idiot (n): Gregory Evans”
“If you were making money you would not have time to slam people all day.” <– this one is my favourite
"I am the true enemy of the industry"
Ooooh I want a t-shirt with that written on it.
“I am the true enemy of the industry” because Gregory D. Evans said so!
“Osagioduwabenin” has posted before from the Ligatt IP address, and was found out then too. You would think he would learn to use a different nickname and a proxy to post.
http://securitymusings.com/article/1950/ligatt-honestly-and-truly-scares-me#comment-43684