I live in Canada and have been telecommuting since January 2011. I will never relocate. I rarely travel, usually once per year for a company's all-hands meeting, and have no interest in changing that. I have three small children, and avoid working beyond ~40 hours a week. People seem to like me and find me useful, despite these things.
Principal Threat Researcher
May 2017 – February 2021
- Write programs to scan the entire Internet for vulnerable or misconfigured hardware and software.
- Collect and aggregate data for feeding into the company's data processing engine.
- Wrote and maintain roughly half of the company's data parsing and issue generation logic.
- Bulletproof processes, code, and continuous integration to ensure all the problems I cause only happen once.
- Strategically break things to prove that they're unsafe.
- Occasionally shout "BIG DATA" while making jazz hands.
Online Business Systems Inc.
Senior Security Consultant, Technical Lead
March 2015 – May 2017
- Performed penetration tests and code audits of desktop, mobile, and web applications.
- Acted as an advisor to clients with security-related questions.
- Assisted with writing statements of work and RFP responses.
- Designed and (remotely) built on-premises customer scanning infrastructure so I never had to travel.
- Uploaded truly impressive numbers of custom emoji to the corporate Slack team.
Leviathan Security Group Inc.
March 2014 – February 2015
- Performed code audits and penetration tests.
- Developed training to help organizations meet their security goals.
Tenable Network Security Inc., Reverse Engineering Dept.
Senior Reverse Engineer, Technical Lead
August 2012 – February 2014
- Reviewed code from my team, prior to submission to Quality Assurance.
- Participated in interviews and assisted in hiring decisions.
- Wrote and maintained NASL protocol libraries, including ACAP, IPMI, JSON, NNTP, SSH, SSL/TLS, and X.509.
- Researched vulnerabilities, applications, and protocols and wrote detection/enumeration/vulnerability plugins.
- Gave presentations on the use of tools to improve our work.
- Wrote a static analysis framework to lower defect rate and maintain consistency across 60,000 plugins.
- Occasionally dove into the Nessus engine to add language features my team needed.
Tenable Network Security Inc., Nessus Plugins Dept.
January 2011 – July 2012
- Wrote hundreds of Nessus plugins, partially listed here.
- Overhauled the entire SSL, TLS, and X.509 subsystems.
- Added support to the SSH library for certificate-based login.
- Designed and implemented a new workflow to transition the department from email-based code review and patch submission to using Git and an issue tracker.
June 2009 – December 2010
- Wrote plugins for Asterisk that perform real-time Fourier analysis for checking phone lines against milliwatt test lines.
- Ported OpenSSH to QNX, creating an emulated 64-bit integer library to work around an ancient C89 compiler.
- Uncovered a local exploit that allowed users to cause a kernel panic QNX 4.
- Wrote a render manager in Python to spread map tile generation across multiple servers.
- Researched and deployed USB smart cards for login to Cisco ASAs, Apache websites, and servers running SSH.
- Convinced organization to start managing configuration and source code by storing it in a centralized, versioned repository.
May 2008 – August 2008 [Co-op Workterm #3]
- Updated a compiler and runtime for a proprietary scripting language — created circa 1985 and mostly left to rot until 2008 — to adhere to modern coding standards including using consistent code formatting, unit testing, version control, and instituted reproducible builds.
- Created several new constructs for the scripting language that offered an interface to speech recognition libraries for interactive voice response (automated telephone) applications.
- Ported the compiler and runtime to an embedded device built atop a PowerPC core.
- Wrote a unit testing framework that emulates the scripter's current environment — Asterisk's AGI interface — to ensure that language constructs operated as expected in a variety of situations.
- Designed and implemented PostgreSQL stored procedures to be used on a geographic information system (GIS) for provincial road condition reporting services.
Government of Manitoba, Information Protection Centre
August 2007 – January 2008 [Co-op Workterm #2]
Seccuris Inc., Labs Dept.
January 2007 – April 2007 [Co-op Workterm #1]
- Added scoping and regular expression support to BSMTrace, a host-based intrusion detection system designed to minimize false positives.
- Benchmarked alternate memory models for high-speed packet capture in FreeBSD.
- Experimented with different synchronization methods for minimizing overhead in the FreeBSD kernel's audit framework.
- Developed a reporting system that created Atom feeds from the logs of intrusion detection sensors at multiple sites, aggregating them to provide reports on malicious and suspicious network traffic.
- Assisted in the design and programming of BSDSVC, a service manager for Unix systems.
Best Buy Canada, TechZONE Dept.
September 2003 – March 2004
- Spent two weeks training to give classes teaching customers how to operate consumer electronics.
- Learned the importance of metaphors, reframing discussions, rephrasing explanations, and talking in the student's own language.
- Taught several scheduled classes every week.
- Offered impromptu explanations and demonstrations as necessary to assist customers.
- Discovered that I am not well-suited for a career in sales.
University of Manitoba
- Received a Bachelor of Science, Majoring in Computer Science.
- Graduated with distinction.
- Completed requirements for the Networks and Security Specialization.
- Completed requirements for the Computer Systems Specialization.
- Received the University Program Medal for the Highest Standing in the Science Major Degree Program.
- Received a Master's of Science, in Computer Science.
SSL Troubleshooting with Wireshark
- Was asked to design and teach a full-day workshop with two weeks notice.
- Did a trial run at SkullSpace, and again at the conference.
- Covered the basics of asymmetric and symmetric cryptography, hashing, and signing. Detailed the structure, contents, and sequence of SSL packets.
Forth Introductory Talk
- Introduced stack-based languages using Forth as an example.
March 2012 – May 2012
- Taught students with varying experience how to program in C.
August 2011 – February 2012
- Taught students with no programming experience how to program in Lua.
Nmap NSE Introductory Talk
- Explained the basics of the Nmap Scripting Engine, and how to write Lua scripts for it.
December 2010 – Present
- Co-founded Winnipeg's first and only hackerspace with two friends.
- Went to various events around town and talked up the concept of a hackerspace.
- Served as a Director at the start, and temporarily in times of crisis.
- SkullSpace currently holds the title of Canada's largest hackerspace.
July 2012 – Present
January 2015 – Present
With a weekend to prepare, I can program (poorly) in just about any language. Languages of which I have a working knowledge are those in which I have completed significant projects, or about which I have read several books. Languages of which I have a basic knowledge are those in which I have written only small projects.
- Basic knowledge of: Assembly (M68K, MOS 6502, SPARC), Erlang, FP, Haskell, Prolog, Scala
Open Source Contributions
- BSMtrace: Added PCRE support.
- Nmap: Wrote a handful of NSE scripts.
- DNSrecon: Rewrote the NSEC zone walker algorithm.
- XMLSEC: Added support for all the algorithms required by SCAP.
- Libnasl: Wrote a Ruby parser for the NASL programming language.
- Pedant: Wrote a static analysis framework in Ruby.
References available upon request.