HOME

TheInfoList



OR:

Alexander Sotirov is a
computer security Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and computer network, n ...
researcher. He has been employed by Determina and VMware. In 2012, Sotirov co-founded New York based Trail of Bits with Dino Dai Zovi and Dan Guido, where he currently serves as co-CEO. He is well known for his discovery of the ANI browser vulnerability, as well as, the so-called Heap Feng Shui technique for exploiting heap buffer overflows in browsers. In 2008, he presented research at Black Hat showing how to bypass memory protection safeguards in Windows Vista. Together with a team of industry security researchers and academic cryptographers, he published research on creating a rogue
certificate authority In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. Thi ...
by using collisions of the
MD5 The MD5 message-digest algorithm is a widely used hash function producing a 128-bit hash value. MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function MD4, and was specified in 1992 as Request for Comments, RFC 1321. MD5 ...
cryptographic hash function in December 2008. Sotirov is a founder and organizer of the Pwnie awards, was on the program committee of the 2008 Workshop On Offensive Technologies (WOOT '08), and has served on the Black Hat Review Board since 2011. He was ranked #6 on Violet Blue's list of The Top 10 Sexy Geeks of 2009.


References


External links


Alexander Sotirov's website

Trail of Bits

The Pwnie Awards
{{DEFAULTSORT:Sotirov, Alexander Living people Computer security specialists University of Alabama alumni Year of birth missing (living people)