Alec Muffett
Alec David Edward Muffett | |
---|---|
Born |
Pennsylvania | April 22, 1968
Alec David Edward Muffett (born April 22, 1968) is a internet-security evangelist, architect, and software engineer. He is principally known for his work on Crack, the original Unix password cracker, and for the CrackLib password-integrity testing library; he is also active in the Open Source software community.
Alec Muffett was born in Pennsylvania, the third child, and only son, of David Joseph Mead Muffett and Kathleen Jubb; his sisters are Louise and Amanda. Alec was educated at Sacred Heart College, Droitwich and University College London, where he studied Astronomy.[1] After graduation he commenced work as a lab assistant and Unix administrator at the university. In 1988 he took a position as Systems Programmer at the University of Wales in Aberystwyth, and it was there that he wrote the first version of the dictionary attack tool Crack. He was active on the Zardoz list during this period.
Muffett joined Sun Microsystems in 1992, working initially as a systems administrator. He rose “through the ranks” to become the Principal Engineer for Security, a position which he held until he was retrenched, with many others, in 2009[2] (shortly before Oracle acquired Sun). While at Sun he was one of the researchers who worked on the factorization of the 512 bit RSA Challenge Number; RSA-155 was successfully factorized in August 1999.[3] Muffett also worked on the Sun MD5 hash algorithm, which was introduced in Solaris 9 update 2. The new algorithm drew on Muffett's work in pluggable crypt, and it is now implemented in many different languages, for example Python.[4] The algorithm uses the complete text of the famous soliloquy from Shakespeare's Hamlet: "To be or not to be, that is the question..." as the constant data. Muffett justified the choice of this text because "it exposes more programmers to Shakespeare, which has got to be a good thing".[5] After a sabbatical year, Muffett began to work on The Mine! Project project, as lead developer. He subsequently became a director and consultant at Green Lane Security; he also consults for Surevine. He became a director of the Open Rights Group in October 2011.[6] Muffett blogs professionally, for Computer World at Unscrewing Security and personally at Dropsafe, and has numerous publications to his credit, besides being an frequent presenter at technical conferences.[7] Muffett is the a co-inventor (with Darren Moffat and Casper Dik) of the patent "Method and apparatus for implementing a pluggable password obscuring mechanism", United States Patent 7,249,260, Issued June 12, 2003.[8] Alec Muffett's father, David, was a larger than life character:[9] a former British Colonial Administrator in Africa, big game hunter and professor of African studies at Duquesne University at Pittsburgh.[10] Alec has inherited many of his father’s characteristics, and an appreciation of his approach to life, and security, can be gained by watching his famous “Defence in depth: castle assault” video .
Muffett lives in Hartley Wintney, Hampshire, United Kingdom and his interests include cooking, photography and bicycles. He works as a Software Engineer for Facebook.
References
- ↑ , ONEIS Bio.
- ↑ , LinkedIn - Alec Muffett.
- ↑ RSA-155 is factored!
- ↑ passlib.hash.sun_md5_crypt - Sun MD5 Crypt
- ↑ OpenSolaris, Pluggable Crypt, and the SunMD5 Password Hash Algorithm
- ↑ Board of Directors, Open Rights Group
- ↑ Alec Muffett's Speaking History, Lanyrd.
- ↑ "Patent: Method and apparatus for implementing a pluggable password obscuring mechanism", Google Patents.
- ↑ Muffett lived a life full of cannibals and councils. Worcester News.
- ↑ David Muffett - obituary, Telegraph.
External links
Alec Muffett: Almost Everything You Ever Wanted To Know About Security
Alec Muffett, Proper Care and Feeding of Firewalls
Alec Muffett, WAN-hacking with AutoHack, Auditing security behind the firewall