Solar Designer

Alexander Peslyak (Александр Песляк) (born 1977), better known as Solar Designer, is a security specialist from Russia. He is best known for his publications on exploitation techniques, including the return-to-libc attack and the first generic heap-based buffer overflow exploitation technique,[1] as well as computer security protection techniques such as privilege separation for daemon processes.

Solar Designer at PHDays 2012

Peslyak is the author of the widely popular[2] password cracking tool John the Ripper. His code has also been used in various third-party operating systems, such as OpenBSD and Debian.

Work

Peslyak has been the founder and leader of the Openwall Project since 1999. He is the founder of Openwall, Inc. and has been the CTO since 2003. He served as an advisory board member at the Open Source Computer Emergency Response Team (oCERT) from 2008 until oCERT's conclusion in August 2017.[3] He also co-founded oss-security.[4]

He has spoken at many international conferences, including FOSDEM and CanSecWest. He wrote the foreword to Michał Zalewski's 2005 book Silence on the Wire.[5]

Alexander received the 2009 "Lifetime Achievement Award"[6] during the annual Pwnie Award at the Black Hat Security Conference. In 2015 Qualys acknowledged his help with the disclosure of a GNU C Library gethostbyname function buffer overflow (CVE-2015-0235).[7]

gollark: I'd assume they still use it for shipping tangle channels, at least.
gollark: It's entirely possible that these aren't very popular because, despite probably being substantially more energy-efficient than most things, they seem incredibly eldritch to program and describe C as a "high-level language".
gollark: It says> As of Spring 2021, shipments of the EVB002 evaluation kit and of G144A12 chips continue to be made. The arrayForth 3 integrated development system is in use with no reported problems. Design of a new chip, G144A2x, continues; this will be upward compatible with the G144A12, with significant improvements. Development of Application Notes, including that of a solftware defined GPS receiver, continues. on there.
gollark: <@131368513871806464> http://www.greenarraychips.com/
gollark: I think you're anthropomorphizing them too much.

See also

References
  1. "JPEG COM Marker Processing Vulnerability in Netscape Browsers". Retrieved 2009-08-04.
  2. "Top 10 Password Crackers". Archived from the original on 30 August 2009. Retrieved 2009-08-04.
  3. "Open Source Computer Security Incident Response Team". Retrieved 25 October 2018.
  4. "Alexander Peslyak's Bio on openwall.info". Archived from the original on 28 June 2009. Retrieved 2009-08-04.
  5. Michał Zalewski (2005). "Silence on the Wire". No Starch Press. ISBN 1593270461. Retrieved 2015-03-21.
  6. "2009 Pwnie award". Retrieved 2010-12-17.
  7. Qualys (2015-01-27). "CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow". Seclists.org. Retrieved 2015-03-21.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.