Boris Loza

Last updated
Boris Loza
Boris Loza.jpg
Born (1960-05-05) May 5, 1960 (age 64)
Krasnodar, Russia
NationalityRussian
OccupationInformation Systems Security Professional

Boris Loza (May 5, 1960) is the founder of SafePatrol Solutions and Tego Systems, as well as a Certified Information Systems Security Professional (CISSP). He was born in Krasnodar, Russia, where he attained a Master's degree at the age of 22 and a PhD at the age of 26, both in Computer Science and Cybernetics. While still living in the former USSR, Loza published more than 30 scientific articles, as well as secured one patent. Upon relocating to Canada in 1996, his PhD was confirmed by the Higher Attestation Committee of The University of Toronto.

Contents

Since immigrating, Loza has worked for IBM Global Services as a Senior System Administrator and for Fidelity Investments as a Principal Information Systems Security Specialist.

Loza's interest in computer security has led him to continue developing products as well as to publish articles [1] [2] [3] and a book. His articles have been featured in hacker's magazines, such as the "original" Phrack [4] and 2600: The Hacker Quarterly. He has contributed over 40 articles to US industry magazines, such as Usenix [5] ;login:, [6] SysAdmin, Inside Solaris, Inside the Internet, and several others.

Publications

In 2005, Loza published a computer security book titled "UNIX, Solaris and Linux: A Practical Security Cookbook: Securing UNIX Operating Systems without Third-Party Application." [7] A number of Loza's articles have been featured in the press, including Sun [8] Microsystems, Novell, Linux, and BSD communities. His work, both in Russian and English, has been translated into several languages, including French, Bulgarian and Polish.

Loza holds "Secret Level" clearance from the Government of Canada, and acts as a subject matter expert in courts. He has filed several Information Security patents in the US, and has conducted hundreds of information security assessments, security forensics, penetration tests and white hacking assessments [9]

Recognition

As a speaker, author and trainer, Loza has worked for and consults Fortune and Global 500 companies, including IBM, AT&T and Fidelity Investments, as well as government agencies and start-ups. His work has been cited in books such as "Hack Proofing Sun Solaris 8", among others.

In 2008, Boris Loza was internationally recognized for his work and contribution to the field of Computer Security Awareness. He was a winner of the first international Cyber Security Awareness Contest, [10] held by (ISC)².

Projects

Some of the computer security products developed by Boris Loza, by himself as well as with co-authors, are:

Loza's current project is Notebak [11] —a computer security system used by both personal and corporate systems.

Related Research Articles

<i>Phrack</i> Online hacking magazine

Phrack is an e-zine written by and for hackers, first published November 17, 1985. It had a wide circulation which included both hackers and computer security professionals.

In computer security, an access-control list (ACL) is a list of permissions associated with a system resource. An ACL specifies which users or system processes are granted access to resources, as well as what operations are allowed on given resources. Each entry in a typical ACL specifies a subject and an operation. For instance,

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. The term rootkit is a compound of "root" and the word "kit". The term "rootkit" has negative connotations through its association with malware.

<span class="mw-page-title-main">USENIX</span> Organization supporting operating system research

USENIX is an American 501(c)(3) nonprofit membership organization based in Berkeley, California and founded in 1975 that supports advanced computing systems, operating system (OS), and computer networking research. It organizes several conferences in these fields.

<span class="mw-page-title-main">Matthew Dillon</span> American software engineer (born 1966)

Matthew Dillon is an American software engineer known for Amiga software, contributions to FreeBSD and for starting and leading the DragonFly BSD project since 2003.

chroot is an operation on Unix and Unix-like operating systems that changes the apparent root directory for the current running process and its children. A program that is run in such a modified environment cannot name files outside the designated directory tree. The term "chroot" may refer to the chroot(2) system call or the chroot(8) wrapper program. The modified environment is called a chroot jail.

The Berkeley r-commands are a suite of computer programs designed to enable users of one Unix system to log in or issue commands to another Unix computer via TCP/IP computer network. The r-commands were developed in 1982 by the Computer Systems Research Group at the University of California, Berkeley, based on an early implementation of TCP/IP.

TCP Wrappers is a host-based networking ACL system, used to filter network access to Internet Protocol servers on (Unix-like) operating systems such as Linux or BSD. It allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens on which to filter for access control purposes.

<span class="mw-page-title-main">DTrace</span> Dynamic tracing framework for kernel and applications

DTrace is a comprehensive dynamic tracing framework originally created by Sun Microsystems for troubleshooting kernel and application problems on production systems in real time. Originally developed for Solaris, it has since been released under the free Common Development and Distribution License (CDDL) in OpenSolaris and its descendant illumos, and has been ported to several other Unix-like systems.

<span class="mw-page-title-main">Matt Blaze</span> American researcher

Matt Blaze is an American researcher who focuses on the areas of secure systems, cryptography, and trust management. He is currently the McDevitt Chair of Computer Science and Law at Georgetown University, and is on the board of directors of the Tor Project.

<span class="mw-page-title-main">Peiter Zatko</span> American computer security expert

Peiter C. Zatko, better known as Mudge, is an American network security expert, open source programmer, writer, and hacker. He was the most prominent member of the high-profile hacker think tank the L0pht as well as the computer and culture hacking cooperative the Cult of the Dead Cow.

<span class="mw-page-title-main">Dan Farmer</span> American computer security researcher and programmer

Dan Farmer is an American computer security researcher and programmer who was a pioneer in the development of vulnerability scanners for Unix operating systems and computer networks.

In software development, time-of-check to time-of-use is a class of software bugs caused by a race condition involving the checking of the state of a part of a system and the use of the results of that check.

OS-level virtualization is an operating system (OS) virtualization paradigm in which the kernel allows the existence of multiple isolated user space instances, called containers, zones, virtual private servers (OpenVZ), partitions, virtual environments (VEs), virtual kernels, or jails. Such instances may look like real computers from the point of view of programs running in them. A computer program running on an ordinary operating system can see all resources of that computer. However, programs running inside of a container can only see the container's contents and devices assigned to the container.

<span class="mw-page-title-main">GNOME Keyring</span>

GNOME Keyring is a software application designed to store security credentials such as usernames, passwords, and keys, together with a small amount of relevant metadata. The sensitive data is encrypted and stored in a keyring file in the user's home directory. The default keyring uses the login password for encryption, so users don't need to remember another password.

<span class="mw-page-title-main">FreeBSD</span> Free and open-source Unix-like operating system

FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD). The first version of FreeBSD was released in 1993 developed from 386BSD and the current version runs on x86, ARM, PowerPC and RISC-V processors. The project is supported and promoted by the FreeBSD Foundation.

chsh is a command on Unix-like operating systems that is used to change a login shell. Users can either supply the pathname of the shell that they wish to change to on the command line, or supply no arguments, in which case chsh allows the user to change the shell interactively.

<span class="mw-page-title-main">Marcus J. Ranum</span> Computer and network security researcher (born 1962)

Marcus J. Ranum is a computer and network security researcher. He is credited with a number of innovations in firewalls, including building the first Internet email server for the whitehouse.gov domain, and intrusion detection systems. He has held technical and leadership positions with a number of computer security companies, and is a faculty member of the Institute for Applied Network Security.

;login: is a long-running technical journal published by the USENIX Association, focusing on the UNIX operating system and system administration in general. It was founded by Mel Ferentz in 1975 as UNIX News, changing its name to ;login: in 1977. Currently, issues from 1997 through the present are available online directly from USENIX, whereas issues between 1983 and 2000 have been archived in the Internet Archive since 2018.

<span class="mw-page-title-main">Brendan Gregg</span> Australian computer scientist

Brendan Gregg is a computer engineer known for his work on computing performance. He works for Intel, and previously worked at Netflix, Sun Microsystems, Oracle Corporation, and Joyent. He was born in Newcastle, New South Wales and graduated from the University of Newcastle, Australia.

References

  1. "Turn a Solaris Box into a Packet-filtering Firewall". Printfu.org. Retrieved 2011-11-20.
  2. "Sniff Your own Networks with Tcpdump". pdf.io. Archived from the original on 2012-09-14. Retrieved 2011-11-20.
  3. "Anti-Hacking School" (PDF). www.infosecurity.pro. Archived from the original (PDF) on 2012-04-25. Retrieved 2011-11-20.
  4. "Phrack Magazine". Phrack.org. Archived from the original on 2011-11-23. Retrieved 2011-11-20.
  5. Boris Loza (2005). "Finding Trojans for Fun and Profit" (PDF). ;login: . 30 (5). USENIX (published October 2005): 19–22. ISSN   1044-6397. Archived from the original (PDF) on 2011-11-10. Retrieved 2011-11-20.
  6. Boris Loza (2005). "Under Attack" (PDF). ;login: . 30 (3). USENIX (published June 2005): 54–58. ISSN   1044-6397. Archived from the original (PDF) on 2011-11-09. Retrieved 2011-11-20.
  7. Nemeth, Evi (2005). UNIX, Solaris and Linux: A Practical Security Cookbook: Securing UNIX Operating System without Third-Party Applications (9781420848243): Boris Loza: Books. AuthorHouse. ISBN   1420848240.
  8. Requires membership: http://sun.systemnews.com/articles/40/2/opt-sysadmin/4043
  9. "Changing banking". thestar.com. 2008-03-29. Retrieved 2011-11-20.
  10. "ISC2(R) Announces Winners of Cyber Security Awareness Contest". Reuters. Archived from the original on 2013-07-06. Retrieved 2011-11-20.
  11. "Laptop Safety: Recover/Erase Vital Data, Track and Locate, Live Webcam Images". Notebak.com. Retrieved 2011-11-20.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.