| EMPLOYMENT: |
|
|
Senior Staff Software Engineer, Open Source Security Team
Google LLC
|
September 2011 - present
(Full Telecommute) Portland, Oregon
|
|
Lead the Linux Kernel
Self-Protection Project. Research and solve classes of security flaws in the
Linux kernel, especially as used in
Android
and Chrome OS. Develop
compiler-based C language security vulnerability mitigations in
Clang/LLVM. Port and develop other security
vulnerability mitigation techniques for low-level Linux libraries and other software.
|
| |
Technical Lead of Ubuntu Security Team
Canonical, Inc.
|
September 2006 - September 2011
(Full Telecommute) Portland, Oregon
|
|
Publish security updates for millions of Linux systems running the Ubuntu
distribution world-wide.
Develop regression tests for updated packages.
Research security flaws in commonly used Ubuntu software, resulting in many
assigned CVEs, including local root
escalations in the Linux kernel.
Develop and drive integration of proactive compiler and kernel
security hardending
features in the Ubuntu distribution, including stack-protector,
fortify-source, address space layout randomization, read-only relocations,
position independent executables, and immediate relocations, among others.
Wrote Yama LSM for symlink, hardlink, and ptrace restrictions. Assisted with
Linux kernel address leak restrictions and kernel module
read-only/non-executable memory markings.
Maintain AppArmor as the default LSM in Ubuntu.
Integrate new upstream software written in a wide range of languages into
the Ubuntu package archive. Use bazaar, git, and subversion for version
control.
|
| |
Senior Network Administrator
Open Source Development Labs
|
March 2003 - September 2006
Beaverton, Oregon
|
|
Supported office network and system infrastructure, including 200+ lab
machines, with individually customized hardware/software configurations
and Linux distributions for external and internal project use.
Performed network and server security audits and penetration testing.
Redesigned, implemented, and support fully redundant network consisting of
Foundry BigIron core, with Dell Powerconnect and HP Procurve edge.
Designed and implemented strong anti-spam and anti-virus systems.
Created centralized file and email repository and wrote software to unpack,
index, and search for subpoena terms.
Administer kernel.org's mirror registration/publication system and handle
account requests.
Trained 2 junior system administrators.
Recommended and reviewed quotes for network, server, and storage upgrades.
Participated in several Open Source projects: rackview, STP, PLM, systemimager,
mimedefang, and others.
Used CVS for change management, cfengine for distributed system configurations.
Relocated entire lab over a weekend.
|
| |
Embedded Software Engineer
Reach Technology, Inc.
|
November 2002 - February 2003
Lake Oswego, Oregon
|
|
Designed and developed 8051 firmware in C for several boards working together
as a medical pill/syringe dispenser,
including servo control, current measurement, IR detection, LED control,
button-push notification, and RS485 communication.
Created production test suite for validating dispenser hardware and software.
Wrote firmware in C for a Mitsubishi microprocessor running a multi-panel LCD
controller, including touch-screen support, external bitmap storage, and a
serial downloaded protocol for writing to the on-board EEPROM.
Updated Xilinx logic used for panel control.
Designed and developed LCD controller firmware support tools.
Reconfigured office network and set up a VPN for mobile access
to office resources.
|
| |
Embedded Software Engineer
Snap-On Diagnostics
|
March 2001 - December 2002
(Partial Telecommute) Lincolnshire, Illinois
|
|
Worked on new-product development team to create
next-generation
hand-held vehicle diagnostics device.
Designed and developed driver under WinCE 3.0 for real-time
waveform capture card on ZFMicro x86.
Created prototype capture driver under QNX RTP and QNX 4.0 for MPC8xxx.
Rewrote WinCE kernel cache flush routines for ZFMicro.
Assisted in creating Platform Builder environment for ZFMicro target.
Wrote WinCE i2c driver for motherboard controller,
back-lighting, contrast, power management, and slot power ICs.
Rewrote system management PIC firmware to handle parallel events.
Wrote utilities for testing and debugging i2c bus, ISA bus, PCI bus, and
waveform card under WinCE.
Used Visual Source Safe for source and documentation revision control.
Used TrackRecord for bug tracking and feature additions.
Designed automated build process.
|
| |
Pre-Sales Systems Engineer
Lucent Technologies
|
August 2000 - March 2001
(Full Telecommute) Lisle, Illinois
|
|
Managed customer accounts interested in buying telecommunications gear.
Assisted in designing a fully meshed optical telephony/data network for
Ohio-based customer.
Trained on Lucent Stinger, MAX, TNT, Chromatis, Access Point, 5ESS, and
Softswitch products.
|
| |
Unix Systems Architect Consultant
AT&T Global Network Services
|
March 1999 - August 2000
(Partial Telecommute) Schaumburg, Illinois
|
|
Worked as technical lead for team of Systems Administrators managing the
1.2 million user e-mail and news service.
Designed and implemented migration of all e-mail accounts from
sendmail and in-house IBM SMTP/POP
software to in-house AT&T "Maillennium" SMTP/POP/IMAP software.
Designed and built network-available RAID5 system for service's
e-mail storage.
Organized and assisted team to relocate 30+ AIX servers
(running sendmail, DB2, and other services)
without interrupting production service.
Migrated entire production FDDI
network to FastEthernet without interrupting production service.
Wrote patches for in-house POP3 tools to improve efficiency,
protect against buffer overflows, and correctly detect errors.
Debugged and tracked AIX system calls under heavy system load.
Wrote task automation and monitoring systems in Perl.
Analyzed network storage solutions and advised on purchasing.
Used in-house change management software.
|
| |
Unix Systems Architect Consultant
Walgreens
|
July 1998 - February 1999
Deerfield, Illinois
|
|
Joined team of System Administrators to advice on efficiency, process, and
system management.
Implemented enterprise-wide backup solution using a StorageTek
9710 with DLT7000 drives and ReelBackup for Sun E10k, E6k, E4k,
and HP & Sequent servers.
Organized and automated a 3.2 terabyte
Oracle DB solution for an E10k using 6 EMC Symmetrix disk
cabinets and Veritas VM.
Performed general Solaris and firmware upgrades and troubleshooting.
Analyzed SCSI driver differences between versions 2.5 and 2.6 of Solaris.
Debugged SCSI commands and communication between servers, SCSI MUXs, and
DLT tape drives.
Debugged and analyzed thread library operation in Oracle under Solaris.
Analyzed runtime and provided efficiency solutions for a parallel tasking
FTP tool used to collect data from 3500 store SCO servers distributed
nationwide over a satellite network.
Wrote Perl scripts for general administration automation and verification.
Started department-wide process documentation initiative.
Used RCS for change management.
|
| |
Senior Systems Administrator
Counterpoint Networking
|
July 1996 - August 2000
Chicago, Illinois.
|
|
Administered all corporate production Linux servers,
providing individuals and small businesses with DNS, email, and web services.
Configured and maintained Cisco/Netopia/Linux firewalls and routers.
Wrote system automation and management tools in Perl and shell.
Designed and implemented secure network topologies,
VPNs, and firewalls for clients.
Provided consulting services for Fortune 500 clients with Solaris, AIX,
and HP-UX machines.
Managed marketing and office staff. Made budget and purchasing decisions.
Used RCS for change management.
|
| |
Systems Administrator
Motorola Cellular Subscriber Sector
|
November 1997 - July 1998
Urbana, Illinois
|
|
Joined team providing primary systems support for Solaris (40+ Ultra, 7 E450),
AIX (8 PPC), NT (20+), Mac (10+) and SysV R4 machines used for
cell phone development projects (ClearCase, Oracle, DDTS).
Configured and maintained a Netscape 2.51 server with LDAP
authentication.
Designed and maintained system and network
administration tools for use on multiple platforms (Perl & shell).
Used ClearCase and RCS for source and documentation revision control.
|
| |
Server/Workstation Support Consultant
Hewlett Packard
|
January 1997 - November 1997
Urbana, Illinois
|
|
Provided campus-wide support for Hewlett Packard and Sun servers
and workstations. Performed system installations and upgrades,
maintained up-to-date patch and install server. Taught systems
administration classes for staff in need of HP-UX and general Unix
training.
|
| |
Research Programmer
Beckman
Artificial Intelligence Lab
|
January 1997 - August 1997
Urbana, Illinois
|
|
Worked on a team building a battleship emergency training simulator.
Designed and implemented intelligent agents playing roles in the
trainer, written in ART Enterprise, Lisp, and Visual C++.
Created external database interface for simulation components.
Maintained medical expert systems written in Prolog.
|
| |
Associate Systems Administrator
Motorola Computer Group
|
January 1996 - January 1997
Urbana, Illinois
|
|
Joined team providing primary systems support for AIX (8 PPC, 1 RS6000),
System 5 (30+ 68K), NT (2), and Mac (5) machines used for
operating system development and testing projects.
Designed and maintained system and network administration tools
for remote management, revision control, and monitoring
on multiple platforms (Perl & shell).
Wrote departmental process documentation.
|
| |
On-Site Consultant
UIUC Computing and Communications Labs
|
August 1994 - June 1995
Champaign/Urbana, Illinois
|
|
Assisted students with system and software problems.
Maintained 30+ PC & Macintosh computers per lab, running on a
campus-wide Novell network, offering a variety of software
and services.
|
| |
|
| PRESENTATIONS: |
|
|
|
Linux Kernel Self-Protection
|
2011 - present
Linux Security Summit
Linux Plumbers Conference
|
|
Present multiple times a year on Linux kernel security flaw mitigations and C language security hardneing.
|
| |
|
Chrome OS Hardening
|
November 2012
BsidesPDX
|
|
Review of the security hardening techniques in the Chrome OS platform,
ranging from compiler hardening and user-space confinement to verified
boot and ring-0 isolation.
|
| |
Finding kernel vulnerabilities using Coccinelle
|
August 2012
Linux Security Summit
|
|
Demonstrated use of Coccinelle static source code analyzer for finding
Linux kernel vulnerabilities, both large and small.
|
| |
Kernel Exploitation Via Uninitialized Stack
|
August 2011
DefCon
|
|
Walk-through of leveraging uninitialized stack memory into a full-blown
root escalation in the Linux kernel. Covers finding vulnerabilities,
avoiding the pitfalls of priming the stack, and turning memory corruption
into a stable exploit.
|
| |
Roundtable Discussions: Kernel Hardening, LSM Architecture
|
September 2011
Linux Security Summit
|
|
Led round-table discussions on the state and future of Kernel Hardening
(threats, mitigations, and enhanced seccomp), and the LSM Architecture
(need for modularity and stacking).
|
| |
"Widely Used But Out-Of-Tree"
|
August 2010
Linux Security Summit
|
|
Review and examination of many security systems, features, and patches that are
not in the mainline Linux kernel, but are widely utilized by distributions and
end-users.
|
| |
"Security for Human Beings: Protecting Ubuntu"
|
July 2007
O'Reilly Open Source Convention
|
|
Overview of the daily life of an Ubuntu Security Engineer, covering reactive
responses, vulnerability research, and proactive development.
|
| |
"DVR Happiness: Gluing MythTV and TiVo Together with Galleon"
|
July 2006
O'Reilly Open Source Convention
|
|
Integrating multiple Digital Video Recorder technologies including examples
of hardware, conversion, streaming, and management.
|
| |
"Embedded Interface Testing with Python: PyUnit and PySerial"
|
August 2005
O'Reilly Open Source Convention
|
|
Walk-through of PyUnit module and its use for unit and regression testing,
especially in the case of evaluating embedded device interfaces.
|
| |
"Email Security Techniques: Filtering the Future"
|
August 2005
O'Reilly Open Source Convention
|
|
Presented case study of using advanced email filtering techniques for
mitigating the constant flood of incoming spam.
|
| |
|
| AFFILIATIONS: |
|
|
|
Linux Foundation Technical Advisory Board
|
2019 - present
|
|
Member of the Linux Foundation Technical Advisory Board. Advise the Linux Foundation Board of Directors and the management of The Linux Foundation on matters related to supporting the technical agenda of The Linux Foundation.
|
| |
|
Linux Foundation Job Task Analysis Committee
|
January 2014 - July 2014
|
|
Member of the Job Task Analysis Committee. Recruited by The Linux
Foundation to serve as part of a global committee of Linux experts
developing a list of knowledge, skills, and abilities (KSAs) essential for
different levels of Linux system administration professionals. Activities
included developing surveys to gather critical task information, analyzing
and providing expert guidance on KSAs, providing key feedback regarding
required domains for the exam content blueprint, and collaborating with
other Committee members to then create the exam content blueprint for
use by the Item Writing Committee.
|
| |
|
Linux Security Summit
|
May 2010 - present
|
|
Member of the Program Committee.
|
| |
|
Debian
|
December 2007 - present
|
|
Debian Developer.
|
| |
|
Ubuntu
|
September 2006 - present
|
|
Core Developer. Member of the
Technical Board since
September 2009.
|
| |
|
Kernel.org
|
February 2004 - February 2012
|
|
Member of the Kernel.org Board of Directors. Contribute to the sysadmin
team that provides the primary Linux kernel software mirror. Handle
mirror registration and validation along with user administration.
|
| |
|
Electronic Frontier Foundation
|
May 2002 - present
|
|
Member.
|
| |
|
USENIX/SAGE
|
March 2003 - March 2007
|
|
Member.
|
| |
|
| PROJECTS: |
|
|
|
Inkscape Scalable Vector Graphics Editor
|
November 2003 - present
GNU C/C++, Bazaar, Subversion, CVS
|
|
Contribute to build processes and packaging. Wrote metadata handling code
including selectable Creative Commons Licenses. Join in pre-release
bug-hunting events.
|
| |
|
DefCon Capture the Flag participation
|
Jul 2003 - Aug 2008
Python, C, x86 assembly, Perl, 6502 machine code, C#
|
|
Participate in the annual DefCon security penetration contest.
Compete against 7 other teams of security professionals and
government agencies. Analyze live networks, audit previously unseen code for
security weaknesses, and exploit flaws in other teams' services. Won in 2006
and 2007.
|
| |
|
Network-Level Anti-Spam Procedures
|
Feb 2002 - present
Perl, m4, CVS
|
|
Developed extensive successful anti-Spam rulesets for sendmail with
MIMEDefang,
including full implementations of
Sender Policy Framework,
Sender Rewriting Scheme,
Sender Address Verification,
Spam URI Realtime Blocklists,
and use of several DNS Realtime Blocklists,
ClamAV,
and custom SpamAssassin rules.
|
| |
|
Chicago Art Exhibitor Database
|
January 2001 - present
PHP, Perl, MySQL, RCS
|
|
Designed and developed back-end and web-site interface for
Chicago-area art exhibitor database. Site provides event announcement
services for subscribed patrons.
Currently supporting 120+ exhibitors and 2000+ patrons.
|
| |
|
Sendpage TAP Paging Server
|
November 1997 - present
Perl, GNU C, CVS
|
|
Wrote server to take alphanumeric pages via SNPP,
queue requests, control a bank of modems, and dial out in parallel to gateways
speaking the Telocator Alphanumeric Protocol.
Developed operating-system-independent serial-port control tool.
Maintain worldwide paging provider TAP telephone number list.
|
| |
|
GOPchop MPEG2 Editor
|
November 2001 - present
GNU C/C++, CVS
|
|
Created a Group-of-Pictures-accurate MPEG2-PS file editor.
Written for the GTK widget set.
Wrote text-based MPEG file parser.
Designed against the output from the BMK MPEG2 video capture board.
|
| |
|
"Hypothal" Natural Language Chat System
|
October 1997 - Jul 2003
GNU C, Perl
|
|
Designed, implemented, and modified several different systems for natural language parsing and response.
Implementations included pattern matching, neural nets, and phrase analysis.
|
| |
|
Msgs Database
|
August 1996 - July 2003
GNU C, Perl, CVS
|
|
Designed and implemented a centralized user messaging database system,
modeled after the simple Sequent "msgs" tool.
Created an SSL-protected network communication protocol for off-site access.
Wrote several clients (text and GTK based) to interact with the database.
|
| |
|
DVD Navigation interface
|
March 2002 - March 2003
GNU C, CVS
|
|
Developed interface between
Linux Movie Player
and
libdvdnav
to support
DVD Menu navigation.
|
| |
|
SCSI Terminal Server Driver for Linux
|
August 2000 - September 2002
GNU C, RCS
|
|
Developed Linux driver interface for the Digi/Central Data SCSI Terminal Server.
Ported EtherLite drivers to Linux 2.4.x and wrote extensive debugging routines
for SCSI generic functions. Created user-space SCSI-testing tools.
Rewrote firmware updater for the entire line of STS devices.
Wrote SCSI subsystem patch for Linux, which was approved
for release in 2.4.x kernel series.
|
| |
|
SCSI-over-USB Driver for Linux
|
December 1999 - September 2000
GNU C
|
|
Debugged and corrected Linux usb-storage driver for operation with the RBC
subset of the SCSI command set.
Tested using Sony DSC-family digital cameras.
|
| |
|
Distributed Global Shell
|
January 1996 - June 2000
Perl, RCS
|
|
Improved on the Perl example tool "gsh" used for accessing a large
number of computers to perform an identical set of commands on each machine.
Implemented full parallel tasking, a macro language,
and local command execution.
Added support for SSH.
|
| |
|
TIGER/Line Database Interface
|
October 2000 - November 2000
Perl
|
|
Wrote a tool-set to convert US Census TIGER/Line geographic text data into an
indexed SQL database. Designed to assist GPS mapping development.
|
| |
|
| PUBLICATIONS: |
|
|
|
| EDUCATION: |
|
|
|
| SKILLS: |
|
|
|
Programming/Scripting/Interface/Markup Languages
|
|
|
GNU C, GNU C++, Intel Assembly, PIC Assembly, MSVC++,
Java, Lisp, Pascal, MIPS Assembly, ART Enterprise, Fortran 77;
Python, JavaScript, PHP, Bash/Korn Shell, Perl;
CGI, TAP;
HTML, XML, CSS
|
| |
|
Operating/Windowing Systems Internals
|
|
|
GNU/Linux, WinCE 3.0, QNX, Solaris, HP-UX; GTK, X Window System, Photon
|
| |
|
Hardware/Encoding Internals
|
|
|
x86, x86_64, ARM, 8051, Xilinx, PIC, SCSI, I2C, serial, MPC8xx, USB;
MPEG2, DVD-NAV
|
| |
|
Revision Control/Build Tools/Packaging
|
|
|
Bazaar, Git, Quilt, Subversion, CVS, RCS, BitKeeper, VSS, ClearCase;
autoconf, automake, GNU make, WinCE Platform Builder;
debhelper, cdbs
|
| |
|
Operating Systems/Protocols/Services/Disk Management
|
|
|
GNU/Linux, FreeBSD, OpenBSD, embOS, QNX, AIX, Solaris, HP-UX, SysV, DOS, MacOS,
MSWindows, IRIX, SunOS;
TCP/IP, DNS, SMTP, SSH, SSL, HTTP, NFS, IPsec,
SMTP, FTP, UDP, NIS, SNMP, SNPP, BGP, Telnet, RSH;
Apache Web Server, Sendmail, Postfix, OpenVPN, OpenLDAP, Netscape Server, Quagga;
Linux LVM/RAID, AIX LVM/JFS, Veritas LVM/FS.
|
| |
|
Hardware/Telecommunication
|
|
|
Dell PowerEdge,
RS6000 (43P, R50, H70, S80), PowerPC, EMC, Sparc, Ultra Sparc,
Sparc Enterprise, HP9000 (C/J-class), Motorola PPC, IBM-PC and
compatibles, Macintosh family;
Fibre, Cat5e, and coax cabling,
Foundry BigIron, Dell Powerconnect, HP Procurve, Cisco routers/switches,
Lucent(Ascend) network gear (DSLAM, ATM switches, Ethernet switches,
IP routers, ISDN/DSL/T1 pipelines),
FDDI,
3Com switches/hubs
|
| |
|
Software/Databases
|
|
|
GNU tools, OpenOffice, Inkscape, IDA, Legato, ORCAD, TrackRecord, Visio,
ReelBackup, Visual Thought, Borland Products, Netware Clients, MS Products,
WordPerfect, PageMaker, PhotoShop, Web Browsers, Norton Products,
and a wide variety of telecommunication and Internet packages;
MySQL, PostgreSQL, DB2, Oracle, ClearCase
|
| |
|
