Simson Garfinkel

Not to be confused with Simon & Garfunkel.

Simson L. Garfinkel
Born	1965 (age 59–60)
Nationality	American
Education	Massachusetts Institute of Technology (BS, BS, BS, PhD) Columbia University (MS)
Known for	Database Nation (2000)
Parents	Marvin Garfinkel (father) Marian Garfinkel (mother)
Awards	Department of Defense Value Engineering Achievement Award Jesse H. Neal National Business Journalism Award
Scientific career
Fields	Computer science
Institutions	US Census Bureau Naval Postgraduate School
Thesis	Design Principles and Patterns for Computer Systems That Are Simultaneously Secure and Usable  (2005)
Doctoral advisor	David D. Clark

Simson L. Garfinkel (born 1965) is an American computer scientist. He is the Chief Scientist and Chief Operating Officer of BasisTech in Somerville, Massachusetts.

He was previously a program scientist at AI2050, part of Schmidt Futures. ^[1] He has held several roles across government, including a Senior Data Scientist at the Department of Homeland Security, ^[2] the US Census Bureau's Senior Computer Scientist for Confidentiality and Data Access ^[3] and a computer scientist at the National Institute of Standards and Technology. From 2006 to 2015, he was an associate professor at the Naval Postgraduate School in Monterey, California. In addition to his research, Garfinkel is a journalist, an entrepreneur and an inventor; his work is generally concerned with computer security, privacy and information technology.

Notability and influence

Simson Garfinkel is widely recognized for his foundational contributions to digital forensics, privacy, and cybersecurity, evidenced by a diverse body of influential publications and tools.

His non-fiction book Database Nation: The Death of Privacy in the 21st Century (2000) was among the early works to raise public awareness of pervasive surveillance and privacy erosion in the digital age. ^[4] Another major work, Practical UNIX and Internet Security, co-authored with Gene Spafford and Alan Schwartz, has sold more than 250,000 copies and has been translated into over a dozen languages since its first edition in 1991. ^[5]

Garfinkel has authored or co-authored more than 17 books on computing, including recent works on quantum computing law and policy, and has written extensively as a science journalist across technology and policy domains. ^[6]

In the digital forensics community, he is the creator of key forensic tools such as AFFLIB, bulk_extractor, fiwalk, and frag_find — widely used for disk image processing and forensic feature extraction. ^[7]

His research has been influential in shaping forensic methodology. His 2009 DFRWS paper, Bringing Science to Digital Forensics with Standardized Forensic Corpora, advanced calls for standardized data sets to support reproducibility and benchmarking in forensic research. ^[8]

He has published numerous impactful academic articles, including work on bulk data forensic analysis (bulk_extractor), hash-based carving, and cross-drive feature extraction, frequently cited in digital forensics literature and included in standards efforts such as Digital Forensics XML (DFXML). ^[9]

Garfinkel has held senior positions at NIST, DHS, and the U.S. Census Bureau, and has also served as Chief Scientist and COO at BasisTech. He is a Fellow of the American Association for the Advancement of Science (AAAS), the Association for Computing Machinery (ACM), and the Institute of Electrical and Electronics Engineers (IEEE). He also holds seven U.S. patents. ^[10]

Education

Garfinkel obtained three BS degrees from MIT in 1987. One in Chemistry, another one in Political Science and the third one in Humanities. ^[11] Furthermore he has a MS in journalism from Columbia University in 1988 and a PhD in computer science from MIT in 2005. He was a postdoctoral fellow at the Center for Research on Computation and Society at Harvard University from September 2005 through August 2008. ^[12]

Research

Garfinkel's early research was in the field of optical storage. While he was an undergraduate at the MIT Media Laboratory, Garfinkel developed CDFS, the first file system for write-once optical disk systems. ^[13] During the summer of 1987, he worked at Brown University's IRIS Project, where he developed a server allowing CDROMs to be shared over a network simultaneously by multiple workstations. ^[14]

In 1991, while a senior editor at NeXTWORLD magazine, Garfinkel created an address book program for the NeXT Computer called SBook. ^[15] One of SBook's most popular features was a search field that performed a full-text search of all of the records in the address book with each keypress. This kind of search is now standard on many computer programs, including Apple's Mail application and Mozilla Thunderbird. SBook was one of the first programs to incorporate this kind of search technology.

In 1995, Garfinkel moved to Martha's Vineyard and started Vineyard.NET, the island's first Internet Service Provider. Vineyard.NET was bought by Broadband2Wireless, ^[16] a wireless ISP, in 2000. The company went bankrupt in September 2001, ^[17] and Garfinkel bought Vineyard.NET back from the debtor's estate.^{[ citation needed ]}

In 1998, Garfinkel founded Sandstorm Enterprises, a computer security firm that developed advanced computer forensic tools used by businesses and governments to audit their systems. Sandstorm was acquired by Niksun ^[18] in 2010. Garfinkel is the inventor of six patents, ^[19] mostly in the field of computer security.

In 2003, Garfinkel and Abhi Shelat published an article ^[20] in IEEE Security & Privacy magazine reporting on an experiment in which they purchased 158 used hard drives from a variety of sources and checked to see whether they still contained readable data. Roughly one third of the drives appeared to have information that was highly confidential and should have been erased prior to the drive's resale.

In 2006, Garfinkel introduced cross-drive analysis, an unsupervised machine learning algorithm for automatically reconstructing social networks from hard drives and other kinds of data-carrying devices that are likely to contain pseudo-unique information. ^[21]

In September 2006, Garfinkel joined the faculty of the Naval Postgraduate School (NPS) in Monterey, California, as an associate professor of Computer Science. ^[22] He moved to Arlington, Virginia, in June 2010 to help NPS with its research aims in the National Capital Region. He transitioned to the National Institute of Standards and Technology in January 2015, and to the US Census Bureau in 2017.

A common theme throughout Garfinkel's research is introduction of the scientific method to digital forensics. ^{[23] [24]}

Honors

Garfinkel was named a Fellow of the ACM in 2012, ^[25] a fellow of the IEEE in 2019 ^[26] and a fellow of the AAAS in 2021 ^[27]

Publications

Garfinkel is the author or co-author of 16 books, and the author of more than a thousand articles. ^[28] He is a contributing writer for Technology Review ^[29] and has written as a freelancer for many publications including Wired magazine , The Boston Globe , Privacy Journal, and CSO Magazine. His work for CSO Magazine earned him five regional and national journalism awards, including the Jesse H. Neal Business Journalism Awards in 2003 and 2004. ^[30]

Garfinkel is also the editor of The Forensics Wiki.

Books

• Garfinkel, Simson L.; Grunspan, Rachel H. (2018). The Computer Book: From the Abacus to Artificial Intelligence, 250 Milestones in the History of Computer Science. Sterling Milestones. Sterling. ISBN   9781454926214.
• Garfinkel, Simson; Lipford, Heather Richter (2014). Usable Security: History, Themes, and Challenges. Synthesis Lectures on Information Security, Privacy and Trust. Morgan & Claypool. ISBN   9781627055291.
• Garfinkel, Simson; Rosenberg, Beth (2005). RFID: Applications, Security and Privacy. Addison-Wesley. ISBN   0321290968.
• Garfinkel, Simson; Spafford, Gene; Schwartz, Alan (2003). Practical UNIX and Internet Security (3rd ed.). O’Reilly Media. ISBN   9780596003234.
• Garfinkel, Simson; Mahoney, Michael K. (2002). Building Cocoa Applications: A Step-by-Step Guide. O’Reilly Media. ISBN   9780596002350.
• Garfinkel, Simson; Spafford, Gene (2001). Web Security, Privacy & Commerce (2nd ed.). O’Reilly Media. ISBN   9780596000455.
• Garfinkel, Simson (2000). Database Nation: The Death of Privacy in the 21st Century. O’Reilly Media. ISBN   9780596001056.
• Garfinkel, Simson L. (1999). Abelson, Harold (ed.). Architects of the Information Society: Thirty-Five Years of the Laboratory for Computer Science at MIT. MIT Press. ISBN   9780262071963.
• Schwartz, Alan; Garfinkel, Simson (1998). Stopping Spam: Stamping Out Unwanted Email and News Postings. O’Reilly Media. ISBN   9781565923881.
• Garfinkel, Simson; Spafford, Gene (1997). Web Security and Commerce. O’Reilly Media. ISBN   9781565922693.
• Garfinkel, Simson; Spafford, Gene (1996). Practical UNIX and Internet Security (2nd ed.). O’Reilly Media. ISBN   9781565921481.
• Garfinkel, Simson (1995). PGP: Pretty Good Privacy. O’Reilly Media. ISBN   9781565920989.
• Garfinkel, Simson L.; Mahoney, Michael K. (1993). NeXTSTEP Programming: Step One, Object-Oriented Applications. Springer-Verlag New York (Telos). ISBN   9780387978840.
• Garfinkel, Simson; Spafford, Gene (1991). Practical UNIX Security. O’Reilly & Associates. ISBN   0937175722.

Edited volumes

• Cranor, Lorrie Faith; Garfinkel, Simson, eds. (2005). Security and Usability: Designing Secure Systems that People Can Use. O’Reilly Media. ISBN   9780596008277.
• Garfinkel, Simson; Weise, Daniel; Strassmann, Steven, eds. (1994). The UNIX-HATERS Handbook. IDG Books. ISBN   9781568842035.

Chapters in edited books

• Garfinkel, Simson (1997). "The Computer as a Surveillance Device". In Agre, Philip E.; Rotenberg, Marc (eds.). Technology and Privacy: The New Landscape. MIT Press. pp. 175–193. ISBN   9780262510905.
• Garfinkel, Simson (2000). "Digital Watermarking and Steganography". In Petitcolas, Fabien A. P. (ed.). Information Hiding: Techniques for Steganography and Digital Watermarking. Artech House. pp. 283–302. ISBN   9781580530354.
• Garfinkel, Simson (2012). "Digital Forensics and the Future of Privacy". In Ruan, Keyun (ed.). Cybercrime and Cloud Forensics: Applications for Investigation Processes. IGI Global. pp. 49–69. ISBN   9781466626621.

References

1. "Our People". Schmidt Futures. Retrieved 2023-01-23.
2. "DHS Data".
3. "US Census Bureau Staff Roster" (PDF).
4. Garfinkel, Simson (2000). Database Nation: The Death of Privacy in the 21st Century. O'Reilly Media. ISBN   978-0596001056.
5. Garfinkel, Simson; Spafford, Gene; Schwartz, Alan (2003). Practical UNIX and Internet Security (3rd ed.). O'Reilly Media. ISBN   978-0596003234.
6. "Biography – Simson Garfinkel". Simson.net. Retrieved 5 September 2025.
7. "Simson L. Garfinkel – Forensics Wiki". Forensics Wiki. Retrieved 5 September 2025.
8. Garfinkel, Simson L. (2009). Bringing Science to Digital Forensics with Standardized Forensic Corpora. Proceedings of the 9th Annual Digital Forensics Research Workshop. Elsevier. pp. S2 –S9. doi: 10.1016/j.diin.2009.06.016 .
9. Garfinkel, Simson L. (2012). "Digital forensics XML and the DFXML toolset". Digital Investigation. 8 (3–4): 161–174. doi:10.1016/j.diin.2011.10.002.
10. "Biography – Simson Garfinkel". Simson.net. Retrieved 5 September 2025.
11. Simson Garfinkel CV, https://simson.net/page/Curriculum_Vitae
12. Harvard CRCS
13. S. Garfinkel, "A file system for write once media, MIT Media Lab., Oct. 1986.
14. Designing a write-once file system (a general-purpose optical storage software technology), Dr. Dobb's Journal, 1991, Jan, pp. 78, 80, 82--26.
15. Garfinkel, Simson. "SBook is Simson Garfinkel's Address Book" . Retrieved 2018-12-21.
16. "BB2W". archived at simson.net
17. "Broadband2Wireless files for bankruptcy". 2001-09-01.^{[ dead link ]}
18. "Niksun". niksun.com.
19. U.S. patent 7,779,032 U.S. patent 7,023,854 U.S. patent 6,993,661 U.S. patent 6,744,864 U.S. patent 6,678,270 U.S. patent 6,490,349
20. "Remembrance of Data Passed: A Study of Disk Sanitization Practices" (PDF). IEEE Security & Privacy. January 2003. pp. 17–27. ISSN   1540-7993.
21. Garfinkel, S. (September 2006). "Forensic Feature Extraction and Cross-Drive Analysis" (PDF). Digital Investigation. 3, Supplement 1: 71–81. doi:10.1016/j.diin.2006.06.007.
22. "NPS at U. S. Navy". Archived from the original on 2007-11-11.
23. Garfinkel, Simson, Paul Farrell, Vassil Roussev, and George Dinolt. "Bringing science to digital forensics with standardized forensic corpora." Digital Investigation 6 (2009): S2-S11.
24. Garfinkel, Simson L. "Digital forensics research: The next 10 years." Digital Investigation 7 (2010): S64-S73.
25. Gold, Virginia. "2012 Fellows Hail from World's Leading Universities and Corporations". The Association for Computing Machinery. Archived from the original on 2012-12-12. Retrieved Dec 11, 2012. Simson Garfinkel, For contributions to digital forensics and to computer security education
26. "IEEE Computer Society Announces 2019 Fellows". The Institute of Electrical and Electronics Engineers . Retrieved Dec 21, 2018. Simson Garfinkel, For contributions to digital forensics and computer security
27. "Elected Fellows AAAS".
28. Simson Garfinkel Bio, http://simson.net/page/Bio
29. "Staff List," Technology Review.com, July 7, 2008 http://www.technologyreview.com/corp/staff.aspx
30. Archived September 17, 2008, at the Wayback Machine

External links

• Simson Garfinkel's home page
• Simson Garfinkel's official website at the Naval Postgraduate School