Sir Dystic

Pseudonym and Background

Josh Buchbinder, widely known by the handle Sir Dystic, has been a member of the U.S. hacker collective Cult of the Dead Cow (cDc) since May 1997. His pseudonym is drawn from a relatively obscure 1930s bondage comic character named "Sir Dystic D'Arcy." According to Buchbinder, the character "tried to do evil things but always bungles it and ends up doing good inadvertently" — a description he has embraced as reflective of his own approach to security research.

Career and Notable Work

Back Orifice

Sir Dystic is best known as the author of Back Orifice (commonly abbreviated BO), a computer program designed for remote system administration of machines running Microsoft Windows. The tool debuted publicly at DEF CON 6 on August 1, 1998, and was conceived as a pointed demonstration of what cDc characterized as serious security deficiencies in Windows 98.

The name itself is a deliberate pun on Microsoft's BackOffice Server software. Sir Dystic has described the intent behind the tool in direct terms: "BO was supposed to be a statement about the fact that people feel secure and safe, although there are wide, gaping holes in both the operating system they're using and the means of defense they're using against hostile code." The release generated significant controversy, though Vnunet.com reported Sir Dystic's claim that the tool's underlying message was privately commended by employees at Microsoft.

SMBRelay and SMBRelay2

Sir Dystic also authored SMBRelay and SMBRelay2, programs capable of conducting SMB man-in-the-middle (MITM) attacks against Windows machines. These tools were released on March 21, 2001, at the @lantacon convention held in Atlanta, Georgia.

NBName

NBName is another tool written by Sir Dystic, designed to carry out denial-of-service attacks capable of disabling NetBIOS services on Windows systems. It was released on July 29, 2000, at DEF CON 8 in Las Vegas. Sir Dystic responsibly reported the underlying vulnerability that NBName exploits directly to Microsoft, and was formally acknowledged in a Microsoft security bulletin.

Public Presence

Beyond his software work, Sir Dystic has been an active public figure within the hacker community. He has appeared at multiple hacker conventions, both as a panelist and as a solo speaker. He has also been interviewed across television and radio programs, and appeared in an award-winning short film examining hacker culture broadly and Cult of the Dead Cow in particular.

Legacy

Sir Dystic's body of work, particularly Back Orifice, played a significant role in shaping public and industry discourse around Windows security in the late 1990s and early 2000s. By releasing functional tools that exposed concrete vulnerabilities, he contributed to a broader conversation about the responsibilities of software vendors and the realities of operating system security during a formative period in the history of cybersecurity.