About NMRC

What This Is

NMRC stands for Nomad Mobile Research Centre, what Simple Nomad typed into the "organization" field of the command line USENET utility tin spur of the moment circa 1995. It became the name of a collective of nerds, artists, makers, tinkerers, engineers, but mainly hackers. In 1997 the domain nmrc.org was registered, and both mail and web services were established that same year.

Like many hacking groups, NMRC has released free security and hacking-related information in the form of FAQs, presentations, advisories, and tools.

Who We Are

Founded in 1995, current members include Simple Nomad, Weasel, hellNbak, grepwzrd, Cask3t, cgistar.

Past members have included Anonpoet, Cybereagle, Cyberiad, Daaihliuh, Grace Clovia Terre (RIP), Irib, Jericho, Jitsu-Disk (RIP), jrandom, Knobster, Hole, MadHat Unspecific, Maniac, Phuzzy L0gik, Rat Toe, Raven, Ring Zero, Sioda an Cailleach, Tanshiai, Up-uat and a few others who may or may not wish to remain nameless.

Our Work

Our work falls into three main categories:

General knowledge: This is just general knowledge within the hacking and security space. Most material published, including most blogs, presentations, code, etc all fall into this category.

Risky issues: Whenever we've done a talk at a conference where we run the presentation by a lawyer or especially if we'd prefer a lawyer looking out for us and be present during the talk, the reason behind it is risk. The risk could involve potential litigation or even some type of law enforcement action, and yes the idea of the lawyer there is partially a "we're serious and we've run this by someone from a legal standpoint so don't fuck with us" show of position. This has included:
  • Simple Nomad's "Hacking the Friendly Skies" from ShmooCon 2 in 2006. The talk details were withheld from the conference website in case of retaliation of some sort by a U.S. federal agency. Thanks to Jennifer Granick for slide editing notes as well as attending the talk in case something happened. This generated a surprising amount of press, considering the lameness of the Wi-Fi "zero day" released at that time.
  • Raven's "Pen-Testing the Backbone" (very poor audio) from DEF CON 13 in 2005. Thanks to Jennifer Granick and the EFF for support and being front and center during the talk. It should be noted that Raven's DEF CON talk was one of the rare DEF CON talks where the presenter actually got a standing ovation. This also generated a lot of press with quotes from Raven, although the entire Ciscogate scenario (which Raven talked about at length) certainly got the much more.
Behind the scenes: NMRC has helped human rights workers, activists, journalists, and other groups that have OPSEC issues or technological needs that are beyond their main skill sets, and NMRC has worked to resolve issues and address concerns. As "behind the scenes" implies, this work is not out in the open.

As a result of some of this work, NMRC has found itself come under direct attack, including but not limited to nation-sponsored APT actors have come after NMRC assets more than once (one incident is documented in this blog post as well as this DEF CON 29 conference talk).