Alec Muffett

Last updated

Alec Muffett
Alec Muffett Head Black and White.jpg
Born
Alec David Edward Muffett

(1968-04-22) 22 April 1968 (age 56)
Occupation(s)Internet-security evangelist, architect, and software engineer

Alec David Edward Muffett (born 22 April 1968) is an Anglo-American internet security expert and software engineer.

Contents

Career

Muffett joined Sun Microsystems in 1992, working initially as a systems administrator. He rose through the ranks to become the principal engineer for security, a position which he held until he was retrenched, with many others, in 2009 [1] (shortly before Oracle acquired Sun). While at Sun he was one of the researchers who worked on the factorization of the 512 bit RSA Challenge Number; RSA-155 was successfully factorized in August 1999. [2] He created Crack, the original password cracker for Unix, and for the CrackLib password-integrity testing library.

In 2015, Muffett was named as one of the top six influential security thinkers by SC Magazine . [3]

Muffett assisted in creating .onion websites for The New York Times, [4] Wikipedia, [5] BBC News, [6] Brave, [7] Twitter, [8] The Guardian, [9] and Reddit. [10]

Related Research Articles

<span class="mw-page-title-main">Brute-force attack</span> Cryptanalytic method for unauthorized users to access data

In cryptography, a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found. Alternatively, the attacker can attempt to guess the key which is typically created from the password using a key derivation function. This is known as an exhaustive key search. This approach doesn't depend on intellectual tactics; rather, it relies on making several attempts.

<span class="mw-page-title-main">Daniel J. Bernstein</span> American mathematician, cryptologist and computer scientist (born 1971)

Daniel Julius Bernstein is an American mathematician, cryptologist, and computer scientist. He is a visiting professor at CASA at Ruhr University Bochum, as well as a research professor of Computer Science at the University of Illinois at Chicago. Before this, he was a visiting professor in the department of mathematics and computer science at the Eindhoven University of Technology.

Articles related to cryptography include:

In mathematics, the RSA numbers are a set of large semiprimes that were part of the RSA Factoring Challenge. The challenge was to find the prime factors of each number. It was created by RSA Laboratories in March 1991 to encourage research into computational number theory and the practical difficulty of factoring large integers. The challenge was ended in 2007.

<span class="mw-page-title-main">Peiter Zatko</span> American computer security expert

Peiter C. Zatko, better known as Mudge, is an American network security expert, open source programmer, writer, and hacker. He is currently the chief information officer of DARPA. He was the most prominent member of the high-profile hacker think tank the L0pht as well as the computer and culture hacking cooperative the Cult of the Dead Cow.

<span class="mw-page-title-main">.onion</span> Pseudo–top-level internet domain

.onion is a special-use top-level domain name designating an anonymous onion service, which was formerly known as a "hidden service", reachable via the Tor network. Such addresses are not actual DNS names, and the .onion TLD is not in the Internet DNS root, but with the appropriate proxy software installed, Internet programs such as web browsers can access sites with .onion addresses by sending the request through the Tor network.

Crack is a Unix password cracking program designed to allow system administrators to locate users who may have weak passwords vulnerable to a dictionary attack. Crack was the first standalone password cracker for Unix systems and the first to introduce programmable dictionary generation as well.

<span class="mw-page-title-main">Tor (network)</span> Free and open-source anonymity network based on onion routing

Tor is a free overlay network for enabling anonymous communication. Built on free and open-source software and more than seven thousand volunteer-operated relays worldwide, users can have their Internet traffic routed via a random path through the network.

<span class="mw-page-title-main">DuckDuckGo</span> American software company and Web search engine

DuckDuckGo is an American software company that offers a number of products intended to help people protect their online privacy. The flagship product is a search engine that has been praised by privacy advocates. Subsequent products include extensions for all major web browsers and a custom DuckDuckGo web browser.

<span class="mw-page-title-main">Moxie Marlinspike</span> American entrepreneur

Matthew Rosenfeld, better known by the pseudonym Moxie Marlinspike, is an American entrepreneur, cryptographer, and computer security researcher. Marlinspike is the creator of Signal, co-founder of the Signal Technology Foundation, and served as the first CEO of Signal Messenger LLC. He is also a co-author of the Signal Protocol encryption used by Signal, WhatsApp, Google Messages, Facebook Messenger, and Skype.

<span class="mw-page-title-main">Texas Instruments signing key controversy</span> Refers to Texas Instruments response to a project to factorize cryptographic keys.

The Texas Instruments signing key controversy resulted from Texas Instruments' (TI) response to a project to factorize the 512-bit RSA cryptographic keys needed to write custom firmware to TI devices.

<span class="mw-page-title-main">Proton Mail</span> End-to-end encrypted email service

Proton Mail is a Swiss end-to-end encrypted email service founded in 2013 headquartered in Plan-les-Ouates, Switzerland. It uses client-side encryption to protect email content and user data before they are sent to Proton Mail servers, unlike other common email providers such as Gmail and Outlook.com. The service can be accessed through a webmail client, the Tor network, Windows, macOS and Linux (beta) desktop apps and iOS and Android apps.

On August 31, 2014, a collection of nearly five hundred private pictures of various celebrities, mostly women, with many containing nudity, were posted on the imageboard 4chan, and swiftly disseminated by other users on websites and social networks such as Imgur and Reddit. The leak was dubbed "The Fappening" or "Celebgate" by the public. The images were initially believed to have been obtained via a breach of Apple's cloud services suite iCloud, or a security issue in the iCloud API which allowed them to make unlimited attempts at guessing victims' passwords. Apple claimed in a press release that access was gained via spear phishing attacks.

<span class="mw-page-title-main">Riseup</span> Tech collective

Riseup is a volunteer-run collective providing secure email, email lists, a VPN service, online chat, and other online services. This organization was launched by activists in Seattle with borrowed equipment and a few users in 1999 or 2000, and quickly grew to millions of accounts.

<span class="mw-page-title-main">Brave (web browser)</span> Chromium-based open-source web browser

Brave is a free and open-source web browser developed by Brave Software, Inc. based on the Chromium web browser. Brave is a privacy-focused browser, which automatically blocks most advertisements and website trackers in its default settings. Users can turn on optional ads that reward them for their attention in the form of Basic Attention Tokens (BAT), which can be used as a cryptocurrency or to make donations to registered websites and content creators.

The Facebook onion address located at facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion is a site that allows access to Facebook through the Tor protocol, using its .onion top-level domain.

<span class="mw-page-title-main">Dream Market</span> Online black market

Dream Market was an online darknet market founded in late 2013. Dream Market operated on a hidden service of the Tor network, allowing online users to browse anonymously and securely while avoiding potential monitoring of traffic. The marketplace sold a variety of content, including drugs, stolen data, and counterfeit consumer goods, all using cryptocurrency. Dream provided an escrow service, with disputes handled by staff. The market also had accompanying forums, hosted on a different URL, where buyers, vendors, and other members of the community could interact. It was one of the longest running darknet markets.

<span class="mw-page-title-main">Bitwarden</span> Open-source password manager


Bitwarden is a freemium open-source password management service that is used to store sensitive information, such as website credentials, in an encrypted vault. The platform hosts multiple client applications, including a web interface, desktop applications, browser extensions, mobile apps, and a command-line interface. The platform offers a free US or European cloud-hosted service as well as the ability to self-host.

References

  1. "Alec Muffett, Profile". LinkedIn. Retrieved 30 January 2020.
  2. RSA-155 is factored! Archived 2012-07-22 at the Wayback Machine , rsa.com; accessed March 23, 2017.
  3. "Top 6 influential security thinkers". SC Media. 14 December 2015.
  4. Sandvik, Runa (27 October 2017). "The New York Times is Now Available as a Tor Onion Service". Medium. Retrieved 21 May 2023.
  5. "Wikipedia over Tor? Alec Muffett experiments with an Onion Wikipedia site". WMUK. 27 November 2017.
  6. al-Salmi, Abdallah (30 October 2019). "Leveraging the Tor Network to circumvent blocking of BBC News content". BBC . Retrieved 21 May 2023.
  7. Kero, Ben (5 October 2020). "Brave.com now has its own Tor Onion Service, providing more users with secure access to Brave". brave.com. Retrieved 21 May 2023.
  8. Robertson, Adi (9 March 2022). "Twitter is launching a Tor-friendly version of its site". The Verge . Retrieved 21 May 2023.
  9. Soul, Jon; Kokkini, Ioanna (6 October 2022). "How we built the Guardian's Tor Onion service". The Guardian . Retrieved 7 October 2022.
  10. "Reddit Onion Service Launch : r/redditsecurity". Reddit . 25 October 2022. Retrieved 21 May 2023.