<p>Soon-to-graduate researcher in the <a href="https://seclab.cs.ucsb.edu">UCSB Computer Security Group</a>, I am passionate about defending users (and coders!) from exploits and bad practices in programming and on the web. In short, I want <i>programs</i> to behave how users and programmers <i>intend</i> them to. <p>I first worked on defending binaries via a fast-and-crazy 32-on-64 dynamic binary translation (DBT) system, then turned to the web to detect frauds and catch bad guys via their very own obfuscation shenanigans. I also cooperated in projects looking at how the Android UI opens the door to new (and horribly powerful) UI attacks on users, and I'm now looking at how HTTPS is deployed in practice and how this is sometimes failing even when the crypto is all-right. <p>I don't disdain working on attacks, though, in fact I was a major contributor to how we found the vulnerabilities that led us to qualify to the finals of the DARPA Cyber Grand Challenge, the fully-automated program-vs-program security competition. And, in case you're wondering, yes, we did get the money and we're adapting our system to participate in the finals next year :) <p>On the side, I was for many years a system and network administrator (even for UCSB's security lab itself), tasted wine and tons of good food, learned to love small things in life, and coded many random things -- like a ridiculously-popular Chrome extension, a visual editor for MediaWiki, and some software for a moon-ready hexapod robot. (Yep, you read that last one right :D)
Nothing yet? :(
Create more subtitles!