Security News > 2009 > April > Security Threat Analysis: Interview With Dino A. Dai Zovi

http://www.tomshardware.com/reviews/dino-dai-zovi,2260.html By Alan Dang Tom's Hardware US April 6, 2009 Introduction In our continuing series on personal computing security, today we’re talking with Dino A. Dai Zovi. Three years ago, the organizers of CanSecWest started a contest titled Pwn2Own. This contest involved the challenge of exploiting fully-patched retail laptops. Hack the laptop and you’d win the machine as the prize. Dino A. Dai Zovi was the first person to take down a Mac during the first Pwn2Own. Last year and this year, Charlie Miller took the honor of taking down two fully patched Macs. Dino and Charlie are co-authors on the The Mac Hacker's Handbook. Alan: Thank you for taking the time to chat with us. So, before we begin, why don't you tell a little bit about yourself? Dino: I am a computer security professional and independent security researcher. My professional experience spans penetration testing, software security auditing, and security management. I am a co-author of two books, the most recent being The Mac Hacker's Handbook with Charlie Miller. I often speak at security conferences about my security research on exploitation techniques, 802.11 wireless client security, and hardware virtualization-based rootkits. I focus on offensive security research because I believe that it is necessary to view systems as an attacker would in order to design more secure systems. Alan: Is “offensive” security research what’s most commonly practiced now? Dino: It is in the rarity of the computer security industry, and still considered “taboo” by many practitioners. While some conferences, such as the Black Hat Briefings and CanSecWest, have a large number of talks that discuss security weaknesses, the larger conferences such as the RSA Expo cover it significantly less. [...]

News URL

http://www.tomshardware.com/reviews/dino-dai-zovi,2260.html