In our continuing series on personal computing security, today we’re talking with Dino A. Dai Zovi. Three years ago, the organizers of CanSecWest started a contest titled Pwn2Own. This contest involved the challenge of exploiting fully-patched retail laptops. Hack the laptop and you’d win the machine as the prize. Dino A. Dai Zovi was the first person to take down a Mac during the first Pwn2Own. Last year and this year, Charlie Miller took the honor of taking down two fully patched Macs. Dino and Charlie are co-authors on the The Mac Hacker's Handbook.
Alan: Thank you for taking the time to chat with us. So, before we begin, why don't you tell a little bit about yourself?
Dino: I am a computer security professional and independent security researcher. My professional experience spans penetration testing, software security auditing, and security management. I am a co-author of two books, the most recent being The Mac Hacker's Handbook with Charlie Miller. I often speak at security conferences about my security research on exploitation techniques, 802.11 wireless client security, and hardware virtualization-based rootkits. I focus on offensive security research because I believe that it is necessary to view systems as an attacker would in order to design more secure systems.
Alan: Is “offensive” security research what’s most commonly practiced now?
Dino: It is in the rarity of the computer security industry, and still considered “taboo” by many practitioners. While some conferences, such as the Black Hat Briefings and CanSecWest, have a large number of talks that discuss security weaknesses, the larger conferences such as the RSA Expo cover it significantly less.
Alan: I did not realize that distinction. Now it makes sense why Black Hat Briefings and CanSecWest always seems to have the most interesting and innovative work being presented. How did you get started in the security business?
Dino: I had begun teaching myself computer security in high school and had been doing some miscellaneous consulting work since then, mostly performing penetration tests for local and remote businesses. That wasn't enough to pay my way through college, so I also worked part-time as a Unix systems administrator. I kept focusing on security in school and at work, and eventually I began working as a contractor for a research lab performing security analysis for their Unix administration group. From there, I was also able to start working for their Red Team and was eventually hired into that group to perform Red Team security assessments for external organizations. After I had graduated from college, I moved to NYC and started working for @stake, the digital security consulting firm that was later purchased by Symantec.