Interview : Robert Mears

How many years have you been part of the game ?

I've been at ISW since it started which was just over 3 years ago - I think !

Tell us about your programming background, who and what influenced you ?

My first experience of programming was when I was about 7 or 8 when I learned some very simple BASIC on the ZX Spectrum. Nothing very impressive just printing text and changing the colours. A few years later I messed around with qBasic on the PC and learned a little more there but again nothing too impressive. I progressed to drawing shapes and making it play tunes on the pc speaker but soon got bored. As this was very early in the days of Windows I spent most of my time using MS-DOS and quickly learned how to make batch files to make life easier.

In around '95/'96 I got connected to the Internet and I picked up programming again. I learned HTML and then as I started to get interested in security I learned a little PERL and C but not to a very advanced level. As I had no need to program anything I soon stopped learning them as I found practice exercises boring; I wanted to program something useful.

Then I got involved with ISW (or SWG as it was known then). I started off being responsible for converting the many text files into HTML.This was a long and laborious process but I soon became very good at coding HTML by hand. I programmed most of the current ISW site by hand, only using a visual editor to get the tables looking good. At this time the ISW site was all HTML but as we started to grow it was taking too long to update by hand. As no one on the staff knew
enough to make our own system we opted for PHP-Nuke and I volunteered to install and set it up. This is when I started learning PHP. I never conciously set out to learn PHP I just picked it up when I was customising PHP-Nuke for our own needs.

People often say the best way to learn a language is to go and live in that country for a year and I spent a year making sense of someone elses uncommented PHP code
;-)

Although, I do admit that I do own one PHP book (PHP and MySQL Web Development by Welling and Thomson), I have to say, I learnt most from the excellent PHP manual. After time ISW was being held back by the restrictive PHP-Nuke design and I realised that I probably knew enough to make my own system. The result is the current ISW site.

So, that's my background but as to who and what influenced me I don't really know. I enjoy programming but you have to if you want to take a project like ISW on. For me programming is like a puzzle: some people do crosswords, I try to make a more efficient search function for the text library. I enjoy the challenge it presents me and there's something quite satisfying about seeing my own scripts in action.

What do you consider as your best achievements ?

It would have to be the ISW website as that's the only major project I've ever worked on. The current site is all my own work: the php, the html and the images. I can't take credit for the content though!

Could you tell us how you picked your handle "Resonance" ?

I didn't really put a lot of thought into it. I wanted to post something on a message board and it asked me for a name. That was the first thing I thought of.

Give us your take on the security industry ? Who are the people/groups you like or dislke ?

I don't really have time to follow what's going on in the security world. I occasionally read a few of the papers on ISW and I read up a bit on web site security when I'm programming something but other than that I know little about it. I do support open source code and sites like sourceforge as I've learnt a lot from reading other people's code. I'm also a big fan of phpMyAdmin: it makes my MySQL work much easier.

What comes to your mind when you hear people discussing black, white or gray-hats ?

As, I said before I'm a little out of touch with current security so I may be completely misunderstanding what these terms imply but here goes .. I think those terms are a bit pointless.

"Grey hats" are just trying to justify breaking the law by claiming they are some kind of internet vigilantes hacking sites they have something against. Putting a coloured hat on hacking/cracking doesn't make it any less illegal. People who claim to be "Black hat hackers" are more than likely script kiddies who've used a few canned exploits to hack small sites that have next to no security.

In fact anyone who actually says they are a hacker are more than likely not. If someone has the ability to, and is actually doing the things I would expect from a black hat (hacking banks, NASA etc) then it's not very likely they are going to broadcast the fact they are doing it.

And white hats ? Are these the tame hackers that companies are paying to test there systems ? If so, I don't have a problem with this. Rather they find the security holes than someone with malicious intent. I don't believe for a minute that they have always been the right side of the law though.

Basically, a hacker is a hacker is a hacker and a script kiddie is not a hacker ;-)

Where and what do you want to be in a few years time ?

Well, once I finish my degree I intend to stay on and do a Master's although I'm undecided on which field. I have no plans to quit ISW so I expect I'll still working on the site. It would be nice if I could work on ISW full time but that won't pay the bills so I'll have to go and get a proper job.

Thank you very much for your time! Now, here's your space .. feel free to say anything ..

I'd like to say thanks to the rest of the ISW team for all the work they do and for being so patient when I say "It will be done in a few days" for over a month. In addition, I'd like to thank anyone else who has helped with SWG/ISW over the years.