Christien Rioux

Last updated
Christien Rioux
Citizenship Flag of the United States.svg American
Alma mater Massachusetts Institute of Technology
Known for Security
Scientific career
Fields Computer science
Institutions L0pht
@stake
Symantec
Veracode

Christien Rioux, also known by his handle DilDog, [1] is the co-founder and chief scientist for the Burlington, Massachusetts based company Veracode, for which he is the main patent holder. [2]

Educated at MIT, Rioux was a computer security researcher at L0pht Heavy Industries and then at the company @stake (later bought by Symantec). [1] While at @stake, he looked for security weaknesses in software and led the development of Smart Risk Analyzer (SRA). [3] He co-authored the best-selling Windows password auditing tool @stake LC (L0phtCrack) and the AntiSniff network intrusion detection system. [4]

He is also a member [5] of Cult of the Dead Cow [6] and its Ninja Strike Force. Formerly, he was a member of L0pht. [7] [8]

DilDog is best known as the author of the original code for Back Orifice 2000, [6] [9] [10] an open source remote administration tool. He is also well known as the author of "The Tao of Windows Buffer Overflow." [11] [12]

Related Research Articles

<span class="mw-page-title-main">Buffer overflow</span> Anomaly in computer security and programming

In programming and information security, a buffer overflow or buffer overrun is an anomaly whereby a program writes data to a buffer beyond the buffer's allocated memory, overwriting adjacent memory locations.

Back Orifice is a computer program designed for remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location. The name is a play on words on Microsoft BackOffice Server software. It can also control multiple computers at the same time using imaging.

<span class="mw-page-title-main">L0pht</span> American hacker collective

L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. The L0pht was one of the first viable hackerspaces in the US, and a pioneer of responsible disclosure. The group famously testified in front of Congress in 1998 on the topic of ‘Weak Computer Security in Government’.

<span class="mw-page-title-main">Back Orifice 2000</span> Computer program for remote administration

Back Orifice 2000 is a computer program designed for remote system administration. It enables a user to control a computer running the Microsoft Windows operating system from a remote location. The name is a pun on Microsoft BackOffice Server software.

<span class="mw-page-title-main">Shellcode</span> Small piece of code used as a payload to exploit a software vulnerability

In hacking, a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called "shellcode" because it typically starts a command shell from which the attacker can control the compromised machine, but any piece of code that performs a similar task can be called shellcode. Because the function of a payload is not limited to merely spawning a shell, some have suggested that the name shellcode is insufficient. However, attempts at replacing the term have not gained wide acceptance. Shellcode is commonly written in machine code.

<span class="mw-page-title-main">Blaster (computer worm)</span> 2003 Windows computer worm

Blaster was a computer worm that spread on computers running operating systems Windows XP and Windows 2000 during August 2003.

<span class="mw-page-title-main">Dan Geer</span> American computer scientist

Dan Geer is a computer security analyst and risk management specialist. He is recognized for raising awareness of critical computer and network security issues before the risks were widely understood, and for ground-breaking work on the economics of security.

L0phtCrack is a password auditing and recovery application originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, hybrid attacks, and rainbow tables.

Buffer overflow protection is any of various techniques used during software development to enhance the security of executable programs by detecting buffer overflows on stack-allocated variables, and preventing them from causing program misbehavior or from becoming serious security vulnerabilities. A stack buffer overflow occurs when a program writes to a memory address on the program's call stack outside of the intended data structure, which is usually a fixed-length buffer. Stack buffer overflow bugs are caused when a program writes more data to a buffer located on the stack than what is actually allocated for that buffer. This almost always results in corruption of adjacent data on the stack, which could lead to program crashes, incorrect operation, or security issues.

Josh Buchbinder, better known as Sir Dystic, has been a member of Cult of the Dead Cow (cDc) since May 1997, and is the author of Back Orifice. He has also written several other hacker tools, including SMBRelay, NetE, and NBName. Sir Dystic has appeared at multiple hacker conventions, both as a member of panels and speaking on his own. He has also been interviewed on several television and radio programs and in an award-winning short film about hacker culture in general and cDc in particular.

<span class="mw-page-title-main">Peiter Zatko</span> American computer security expert

Peiter C. Zatko, better known as Mudge, is an American network security expert, open source programmer, writer, and hacker. He was the most prominent member of the high-profile hacker think tank the L0pht as well as the computer and culture hacking cooperative the Cult of the Dead Cow.

<span class="mw-page-title-main">Chris Wysopal</span> American computer security expert

Chris Wysopal is an entrepreneur, computer security expert and co-founder and CTO of Veracode. He was a member of the high-profile hacker think tank the L0pht where he was a vulnerability researcher.

<span class="mw-page-title-main">Cult of the Dead Cow</span> Hacker organization

Cult of the Dead Cow, also known as cDc or cDc Communications, is a computer hacker and DIY media organization founded in 1984 in Lubbock, Texas. The group maintains a weblog on its site, also titled "Cult of the Dead Cow". New media are released first through the blog, which also features thoughts and opinions of the group's members.

ATstake, Inc. was a computer security professional services company in Cambridge, Massachusetts, United States. It was founded in 1999 by Battery Ventures and Ted Julian. Its initial core team of technologists included Dan Geer and the east coast security team from Cambridge Technology Partners.

<span class="mw-page-title-main">Solar Designer</span> Russian computer security specialist

Alexander Peslyak, better known as Solar Designer, is a security specialist from Russia. He is best known for his publications on exploitation techniques, including the return-to-libc attack and the first generic heap-based buffer overflow exploitation technique, as well as computer security protection techniques such as privilege separation for daemon processes.

SMBRelay and SMBRelay2 are computer programs that can be used to carry out SMB man-in-the-middle (mitm) attacks on Windows machines. They were written by Sir Dystic of CULT OF THE DEAD COW (cDc) and released March 21, 2001 at the @lantacon convention in Atlanta, Georgia. More than seven years after its release, Microsoft released a patch that fixed the hole exploited by SMBRelay. This fix only fixes the vulnerability when the SMB is reflected back to the client. If it is forwarded to another host, the vulnerability can be still exploited.

Cain and Abel was a password recovery tool for Microsoft Windows. It could recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks. Cryptanalysis attacks were done via rainbow tables which could be generated with the winrtgen.exe program provided with Cain and Abel. Cain and Abel was maintained by Massimiliano Montoro and Sean Babcock.

A zero-day is a vulnerability in a computer system that was previously unknown to its developers or anyone capable of mitigating it. Until the vulnerability is mitigated, threat actors can exploit it. An exploit taking advantage of a zero-day is called a zero-day exploit, or zero-day attack.

Veracode is an application security company based in Burlington, Massachusetts. Founded in 2006, it provides SaaS application security that integrates application analysis into development pipelines.

Veilid is a peer-to-peer network and application framework released by the Cult of the Dead Cow on August 11, 2023, at DEF CON 31. Described by its authors as "like Tor, but for apps", it is written in Rust, and runs on Linux, macOS, Windows, Android, iOS, and in-browser WASM. VeilidChat is a secure messaging application built on Veilid.

References

  1. 1 2 "L0pht in Transition". April 2007. Archived from the original on April 29, 2007. Retrieved May 3, 2007.
  2. Fitzgerald, Michael (2007-04-22). "PROTOTYPE; To Find the Danger, This Software Poses as the Bad Guys". The New York Times. Retrieved 2008-10-28.
  3. "Veracode: Christien Rioux". Archived from the original on 2008-02-04. Retrieved 2009-10-22.
  4. "Christien Rioux, Co-Founder and Chief Scientist". 2006-12-21. Retrieved 2008-10-28.
  5. "Cult of the Dead Cow: Team Bios". Archived from the original on 2006-04-17. Retrieved 2011-04-05.
  6. 1 2 Messmer, Ellen (July 21, 1999). "Bad Rap for Back Orifice 2000?". CNN Online.
  7. Bauer, Mick (September 1, 2002). "Q&A with Chris Wysopal (Weld Pond)". Linux Journal .
  8. Security Scene Errata Archived May 2, 2005, at the Wayback Machine
  9. Messmer, Ellen (1999-07-14). "Hacker group Cult of the Dead Cow tries to convince world its Back Orifice tool is legit". Network World . Archived from the original on 2007-11-05. Retrieved 2007-04-17.
  10. cDc communications. "Back Orifice 2000 Press Release Archived 2005-03-05 at the Wayback Machine ." CULT OF THE DEAD COW Press Release, July 10, 1999. Retrieved April 17, 2007.
  11. Dildog, "The Tao of Windows Buffer Overflow," CULT OF THE DEAD COW issue #351, May 1, 1998. Retrieved April 17, 2007.
  12. Park, Yong-Joon and Gyungho Lee, "Repairing return address stack for buffer overflow protection," Proceedings of the 1st conference on Computing frontiers, ACM, 2004. Retrieved April 17, 2007.