AOH :: IS1934.HTM

Security Threat Analysis: Interview With Dino A. Dai Zovi

Security Threat Analysis: Interview With Dino A. Dai Zovi
Security Threat Analysis: Interview With Dino A. Dai Zovi

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By Alan Dang
Tom's Hardware US
April 6, 2009


In our continuing series on personal computing security, today we=E2=80=99re 
talking with Dino A. Dai Zovi. Three years ago, the organizers of 
CanSecWest started a contest titled Pwn2Own. This contest involved the 
challenge of exploiting fully-patched retail laptops. Hack the laptop 
and you=E2=80=99d win the machine as the prize. Dino A. Dai Zovi was the first 
person to take down a Mac during the first Pwn2Own. Last year and this 
year, Charlie Miller took the honor of taking down two fully patched 
Macs. Dino and Charlie are co-authors on the The Mac Hacker's Handbook.

Alan: Thank you for taking the time to chat with us. So, before we 
begin, why don't you tell a little bit about yourself?

Dino: I am a computer security professional and independent security 
researcher. My professional experience spans penetration testing, 
software security auditing, and security management. I am a co-author of 
two books, the most recent being The Mac Hacker's Handbook with Charlie 
Miller. I often speak at security conferences about my security research 
on exploitation techniques, 802.11 wireless client security, and 
hardware virtualization-based rootkits. I focus on offensive security 
research because I believe that it is necessary to view systems as an 
attacker would in order to design more secure systems.

Alan: Is =E2=80=9Coffensive=E2=80=9D security research what=E2=80=99s most commonly practiced 

Dino: It is in the rarity of the computer security industry, and still 
considered =E2=80=9Ctaboo=E2=80=9D by many practitioners. While some conferences, such 
as the Black Hat Briefings and CanSecWest, have a large number of talks 
that discuss security weaknesses, the larger conferences such as the RSA 
Expo cover it significantly less.


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Best Selling Security Books and More! 


Site design & layout copyright © 1986-2014 CodeGods