Simson Garfinkel

Last updated
Simson L. Garfinkel
2017 Simson Official Photo.jpg
Born1965 (age 5859)
NationalityAmerican
Alma mater MIT (BS 1987)
Columbia University (MS 1988)
MIT (PhD 2005)
Known forThe Computer Book
Cross-Drive Analysis
Database Nation
Practical UNIX and Internet Security
Parents
AwardsDepartment of Defense Value Engineering Achievement Award
Jesse H. Neal National Business Journalism Award
Scientific career
Fields Computer science
Institutions US Census Bureau
Doctoral advisor David D. Clark

Simson L. Garfinkel (born 1965) is the Chief Scientist and Chief Operating Officer of BasisTech in Somerville, Massachusetts. He was previously a program scientist at AI2050, part of Schmidt Futures. [1] He has held several roles across government, including a Senior Data Scientist at the Department of Homeland Security, [2] the US Census Bureau's Senior Computer Scientist for Confidentiality and Data Access [3] and a computer scientist at the National Institute of Standards and Technology. From 2006 to 2015, he was an associate professor at the Naval Postgraduate School in Monterey, California. In addition to his research, Garfinkel is a journalist, an entrepreneur and an inventor; his work is generally concerned with computer security, privacy and information technology.

Contents

Research

Garfinkel's early research was in the field of optical storage. While he was an undergraduate at the MIT Media Laboratory, Garfinkel developed CDFS, the first file system for write-once optical disk systems. [4] During the summer of 1987, he worked at Brown University's IRIS Project, where he developed a server allowing CDROMs to be shared over a network simultaneously by multiple workstations. [5]

In 1991, while a senior editor at NeXTWORLD magazine, Garfinkel created an address book program for the NeXT Computer called SBook. [6] One of SBook's most popular features was a search field that performed a full-text search of all of the records in the address book with each keypress. This kind of search is now standard on many computer programs, including Apple's Mail application and Mozilla Thunderbird. SBook was one of the first programs to incorporate this kind of search technology.

In 1995, Garfinkel moved to Martha's Vineyard and started Vineyard.NET, the Vineyard's first Internet Service Provider. Vineyard.NET was bought by Broadband2Wireless, [7] a wireless ISP, in 2000. The company went bankrupt in September 2001, [8] and Garfinkel bought Vineyard.NET back from the debtor's estate.

In 1998, Garfinkel founded Sandstorm Enterprises, a computer security firm that developed advanced computer forensic tools used by businesses and governments to audit their systems. Sandstorm was acquired by Niksun [9] in 2010. Garfinkel is the inventor of six patents, [10] mostly in the field of computer security.

In 2003, Garfinkel and Abhi Shelat published an article [11] in IEEE Security & Privacy magazine reporting on an experiment in which they purchased 158 used hard drives from a variety of sources and checked to see whether they still contained readable data. Roughly one third of the drives appeared to have information that was highly confidential and should have been erased prior to the drive's resale.

In 2006, Garfinkel introduced cross-drive analysis, an unsupervised machine learning algorithm for automatically reconstructing social networks from hard drives and other kinds of data-carrying devices that are likely to contain pseudo-unique information. [12]

In September 2006, Garfinkel joined the faculty of the Naval Postgraduate School (NPS) in Monterey, California, as an associate professor of Computer Science. [13] He moved to Arlington, Virginia, in June 2010 to help NPS with its research aims in the National Capital Region. He transitioned to the National Institute of Standards and Technology in January 2015, and to the US Census Bureau in 2017.

A common theme throughout Garfinkel's research is introduction of the scientific method to digital forensics. [14] [15]

Education and honors

Garfinkel obtained three BS degrees from MIT in 1987; a MS in journalism from Columbia University in 1988; and a PhD in computer science from MIT in 2005. He was a postdoctoral fellow at the Center for Research on Computation and Society at Harvard University from September 2005 through August 2008. [16] He was named a Fellow of the ACM in 2012, [17] a fellow of the Institute of Electrical and Electronics Engineers in 2019 [18] and a fellow of the American Association for the Advancement of Science in 2021 [19]

Publications

Garfinkel is the author or co-author of 16 books, and the author of more than a thousand articles. [20] He is a contributing writer for Technology Review [21] and has written as a freelancer for many publications including Wired magazine , The Boston Globe , Privacy Journal, and CSO Magazine. His work for CSO Magazine earned him five regional and national journalism awards, including the Jesse H. Neal Business Journalism Awards in 2003 and 2004. [22]

Garfinkel is also the editor of The Forensics Wiki

Books

  1. The Computer Book: From the Abacus to Artificial Intelligence, 250 Milestones in the History of Computer Science (Sterling Milestones), by Simson L. Garfinkel and Rachel H. Grunspan. 2018 (Sterling)
  2. Usable Security: History, Themes, and Challenges], by Simson Garfinkel and Heather Lipford, 2014. (Morgan & Claypool, part of the Synthesis Lectures on Information Security, Privacy and Trust series.)
  3. Lorrie Cranor and Garfinkel, Simson (2005). Security and Usability. O'Reilly and Associates.
  4. Garfinkel, Simson and Beth Rosenberg (2005). RFID: Applications, Security and Privacy. Addison-Wesley.
  5. Garfinkel, Simson and Gene Spafford and Alan Schwartz (2003). Practical UNIX and Internet Security, 3rd Edition. O'Reilly and Associates. ISBN   978-0596003234.
  6. Garfinkel, Simson and Michael K. Mahoney (2002). Building Cocoa Applications : A Step by Step Guide. O'Reilly and Associates. ISBN   0-596-00235-1.
  7. Web Security, Privacy and Commerce, with Gene Spafford. 2001. (O'Reilly & Associates, Inc.)
  8. Garfinkel, Simson (2000). Database Nation; The Death of Privacy in the 21st Century . O'Reilly and Associates. ISBN   0-596-00105-3. (review by Peter G. Neumann and review by Eugene Spafford, in the RISKS Digest)
  9. Garfinkel, Simson (1999). Architects of the Information Society . MIT Press. ISBN   9780262071963.
  10. Garfinkel, Simson & Alan Schwartz (1998). Stopping Spam. O'Reilly and Associates. ISBN   1-56592-388-X. (review by Rob Slade in the RISKS Digest)
  11. Garfinkel, Simson with Eugene Spafford (1997). Web Security and Commerce . O'Reilly and Associates. ISBN   9781565922693.
  12. Garfinkel, Simson and Eugene Spafford (1996). Practical UNIX and Internet Security. O'Reilly and Associates. ISBN   1-56592-148-8. (review by Peter G. Neumann in the RISKS Digest)
  13. Garfinkel, Simson (1995). PGP: Pretty Good Privacy. O'Reilly and Associates. ISBN   1-56592-098-8.
  14. Garfinkel, Simson; Weise, Daniel; Strassman, Steven, eds. (1994). UNIX-HATERS Handbook . IDG. ISBN   1-56884-203-1.
  15. Garfinkel, Simson and Michael K. Mahoney (1993). NeXTStep Programming. The Electronic Library of Science. ISBN   0-387-97884-4.
  16. Garfinkel, Simson and Eugene Spafford (1991). Practical UNIX and Security. O'Reilly and Associates. Bibcode:1991pus..book.....G.

Related Research Articles

<span class="mw-page-title-main">Multics</span> Time-sharing operating system

Multics is an influential early time-sharing operating system based on the concept of a single-level memory. Nathan Gregory writes that Multics "has influenced all modern operating systems since, from microcomputers to mainframes."

<span class="mw-page-title-main">Paul Vixie</span> American internet pioneer

Paul Vixie is an American computer scientist whose technical contributions include Domain Name System (DNS) protocol design and procedure, mechanisms to achieve operational robustness of DNS implementations, and significant contributions to open source software principles and methodology. He also created and launched the first successful commercial anti-spam service. He authored the standard UNIX system programs SENDS, proxynet, rtty and Vixie cron. At one point he ran his own consulting business, Vixie Enterprises. In 2002, Vixie held the record for "most CERT advisories due to a single author".

<span class="mw-page-title-main">Phil Zimmermann</span> Creator of Pretty Good Privacy (PGP)

Philip R. Zimmermann is an American computer scientist and cryptographer. He is the creator of Pretty Good Privacy (PGP), the most widely used email encryption software in the world. He is also known for his work in VoIP encryption protocols, notably ZRTP and Zfone. Zimmermann is co-founder and Chief Scientist of the global encrypted communications firm Silent Circle.

<span class="mw-page-title-main">Ralph Merkle</span> American cryptographer

Ralph C. Merkle is an American computer scientist and mathematician. He is one of the inventors of public-key cryptography, the inventor of cryptographic hashing, and more recently a researcher and speaker on cryonics.

A disk image is a snapshot of a storage device's structure and data typically stored in one or more computer files on another storage device. Traditionally, disk images were bit-by-bit copies of every sector on a hard disk often created for digital forensic purposes, but it is now common to only copy allocated data to reduce storage space. Compression and deduplication are commonly used to reduce the size of the image file set. Disk imaging is done for a variety of purposes including digital forensics, cloud computing, system administration, as part of a backup strategy, and legacy emulation as part of a digital preservation strategy. Disk images can be made in a variety of formats depending on the purpose. Virtual disk images are intended to be used for cloud computing, ISO images are intended to emulate optical media and raw disk images are used for forensic purposes. Proprietary formats are typically used by disk imaging software. Despite the benefits of disk imaging the storage costs can be high, management can be difficult and they can be time consuming to create.

<span class="mw-page-title-main">Robert Tappan Morris</span> American computer scientist; creator of Morris Worm; associate professor at MIT

Robert Tappan Morris is an American computer scientist and entrepreneur. He is best known for creating the Morris worm in 1988, considered the first computer worm on the Internet.

<span class="mw-page-title-main">Project Athena</span> 1983 joint project by MIT, IBM and DEC

Project Athena was a joint project of MIT, Digital Equipment Corporation, and IBM to produce a campus-wide distributed computing environment for educational use. It was launched in 1983, and research and development ran until June 30, 1991. As of 2023, Athena is still in production use at MIT. It works as software that makes a machine a thin client, that will download educational applications from the MIT servers on demand.

<span class="mw-page-title-main">Computer forensics</span> Branch of digital forensic science

Computer forensics is a branch of digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the digital information.

<span class="mw-page-title-main">Jack Dennis</span> American computer scientist (born 1931)

Jack Bonnell Dennis is an American computer scientist and Emeritus Professor of Computer Science and Engineering at Massachusetts Institute of Technology.

<span class="mw-page-title-main">Gene Spafford</span> American computer scientist

Eugene Howard Spafford, known as Spaf, is an American professor of computer science at Purdue University and a computer security expert.

<span class="mw-page-title-main">Digital forensics</span> Branch of forensic science

Digital forensics is a branch of forensic science encompassing the recovery, investigation, examination, and analysis of material found in digital devices, often in relation to mobile devices and computer crime. The term "digital forensics" was originally used as a synonym for computer forensics but has expanded to cover investigation of all devices capable of storing digital data. With roots in the personal computing revolution of the late 1970s and early 1980s, the discipline evolved in a haphazard manner during the 1990s, and it was not until the early 21st century that national policies emerged.

SSLeay is an open-source SSL implementation. It was developed by Eric Andrew Young and Tim J. Hudson as an SSL 3.0 implementation using RC2 and RC4 encryption. The recommended pronunciation is to say each letter s-s-l-e-a-y and was first developed by Eric A. Young ("eay"). SSLeay also included an implementation of the DES from earlier work by Eric Young which was believed to be the first open-source implementation of DES. Development of SSLeay unofficially mostly ended, and volunteers forked the project under the OpenSSL banner around December 1998, when Tim and Eric both commenced working for RSA Security in Australia.

Crack is a Unix password cracking program designed to allow system administrators to locate users who may have weak passwords vulnerable to a dictionary attack. Crack was the first standalone password cracker for Unix systems and the first to introduce programmable dictionary generation as well.

<span class="mw-page-title-main">Paul Dourish</span> British-American computer scientist

Paul Dourish is a computer scientist best known for his work and research at the intersection of computer science and social science. Born in Scotland, he holds the Steckler Endowed Chair of Information and Computer Science at the University of California, Irvine, where he joined the faculty in 2000, and where he directs the Steckler Center for Responsible, Ethical, and Accessible Technology. He is a Fellow of the AAAS, the ACM, and the BCS, and is a two-time winner of the ACM CSCW "Lasting Impact" award, in 2016 and 2021.

Sandstorm Enterprises was an American computer security software vendor founded in 1998 by Simson Garfinkel, James van Bokkelen, Gene Spafford, Dan Geer. In January 2010, it was purchased by NIKSUN, Inc.

File carving is the process of reassembling computer files from fragments in the absence of filesystem metadata.

<i>Database Nation</i>

Database Nation is a non-fiction book written by Simson Garfinkel and published in January 2000. In his book, Garfinkel calls on regular people to be aware of what information they are forced to give away, and he calls on the government to protect privacy by passing relevant laws.

The Student Information Processing Board (SIPB) is a student group at the Massachusetts Institute of Technology (MIT) that helps students access computing resources and use them effectively.

The National Cyber Security Hall of Fame, founded by Larry Letow and Rick Geritz, was established in 2012 to recognize the contributions of key individuals in the field of cyber security; its mission statement is, Respect the Past - Protect the Future. According to its website, it is designed to honor the innovative individuals and organizations which had the vision and leadership to create the fundamental building blocks for the cybersecurity Industry. The organization also highlights major milestones in the industry's 40-year history through a timeline representation, which includes inductees and their corresponding accomplishments.

Nasir Memon is a computer scientist based in Brooklyn, New York. Memon is a professor and chair of the New York University Tandon School of Engineering computer science and engineering department and affiliate faculty at the computer science department in the Courant Institute of Mathematical Sciences at New York University. He is also the Department Head of NYU Tandon Online, the online learning unit of the school. He introduced cyber security studies to New York University Tandon School of Engineering, making it one of the first schools to implement the program at the undergraduate level. Memon holds twelve patents in image compression and security. He is the founding director of the Center for Interdisciplinary Studies in Security and Privacy (CRISSP) and CRISSP Abu Dhabi. In 2002, Memon founded Cyber Security Awareness Week (CSAW), an annual conference where tens of thousands of students compete in events and learn skills in cyber security Memon is also co-founder of Digital Assembly, a software company that develops digital forensics and data recovery and Vivic, a company that produces malware detection software. Memon has published over 250 articles in journals and conferences and has contributed to articles regarding cyber security in magazines such as Crain’s New York Business, Fortune, and USA Today. His research has been featured in NBC Nightly News, The New York Times, MIT Review, Wired.Com, and New Science Magazine.

References

  1. "Our People". Schmidt Futures. Retrieved 2023-01-23.
  2. "DHS Data".
  3. "US Census Bureau Staff Roster" (PDF).
  4. S. Garfinkel, "A file system for write once media, MIT Media Lab., Oct. 1986.
  5. Designing a write-once file system (a general-purpose optical storage software technology), Dr. Dobb's Journal, 1991, Jan, pp. 78, 80, 82--26.
  6. Garfinkel, Simson. "SBook is Simson Garfinkel's Address Book" . Retrieved 2018-12-21.
  7. "BB2W". archived at simson.net
  8. "Broadband2Wireless files for bankruptcy". 2001-09-01.[ dead link ]
  9. "Niksun". niksun.com.
  10. U.S. patent 7,779,032 U.S. patent 7,023,854 U.S. patent 6,993,661 U.S. patent 6,744,864 U.S. patent 6,678,270 U.S. patent 6,490,349
  11. "Remembrance of Data Passed: A Study of Disk Sanitization Practices" (PDF). IEEE Security & Privacy. January 2003. pp. 17–27. ISSN   1540-7993.
  12. Garfinkel, S. (September 2006). "Forensic Feature Extraction and Cross-Drive Analysis" (PDF). Digital Investigation. 3, Supplement 1: 71–81. doi:10.1016/j.diin.2006.06.007.
  13. "NPS at U. S. Navy". Archived from the original on 2007-11-11.
  14. Garfinkel, Simson, Paul Farrell, Vassil Roussev, and George Dinolt. "Bringing science to digital forensics with standardized forensic corpora." Digital Investigation 6 (2009): S2-S11.
  15. Garfinkel, Simson L. "Digital forensics research: The next 10 years." Digital Investigation 7 (2010): S64-S73.
  16. Harvard CRCS
  17. Gold, Virginia. "2012 Fellows Hail from World's Leading Universities and Corporations". The Association for Computing Machinery. Archived from the original on 2012-12-12. Retrieved Dec 11, 2012. Simson Garfinkel, For contributions to digital forensics and to computer security education
  18. "IEEE Computer Society Announces 2019 Fellows". The Institute of Electrical and Electronics Engineers . Retrieved Dec 21, 2018. Simson Garfinkel, For contributions to digital forensics and computer security
  19. "Elected Fellows AAAS".
  20. Simson Garfinkel Bio, http://simson.net/page/Bio
  21. "Staff List," Technology Review.com, July 7, 2008 http://www.technologyreview.com/corp/staff.aspx
  22. Archived September 17, 2008, at the Wayback Machine
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.