http://www.tomshardware.com/reviews/dino-dai-zovi,2260.html
By Alan Dang
Tom's Hardware US
April 6, 2009
Introduction
In our continuing series on personal computing security, today we’re
talking with Dino A. Dai Zovi. Three years ago, the organizers of
CanSecWest started a contest titled Pwn2Own. This contest involved the
challenge of exploiting fully-patched retail laptops. Hack the laptop
and you’d win the machine as the prize. Dino A. Dai Zovi was the first
person to take down a Mac during the first Pwn2Own. Last year and this
year, Charlie Miller took the honor of taking down two fully patched
Macs. Dino and Charlie are co-authors on the The Mac Hacker's Handbook.
Alan: Thank you for taking the time to chat with us. So, before we
begin, why don't you tell a little bit about yourself?
Dino: I am a computer security professional and independent security
researcher. My professional experience spans penetration testing,
software security auditing, and security management. I am a co-author of
two books, the most recent being The Mac Hacker's Handbook with Charlie
Miller. I often speak at security conferences about my security research
on exploitation techniques, 802.11 wireless client security, and
hardware virtualization-based rootkits. I focus on offensive security
research because I believe that it is necessary to view systems as an
attacker would in order to design more secure systems.
Alan: Is “offensive” security research what’s most commonly practiced
now?
Dino: It is in the rarity of the computer security industry, and still
considered “taboo” by many practitioners. While some conferences, such
as the Black Hat Briefings and CanSecWest, have a large number of talks
that discuss security weaknesses, the larger conferences such as the RSA
Expo cover it significantly less.
[...]
|