|Other names||Alex Sotirov|
|Alma mater||University of Alabama|
|Known for||Pwnie award organizer, Black Hat Briefings Review Board Member|
Alexander Sotirov is a computer security researcher. He has been employed by Determina and VMware. In 2012, Sotirov co-founded New York based Trail of Bits with Dino Dai Zovi and Dan Guido, where he currently serves as Chief Scientist.
He is well known for his discovery of the ANI browser vulnerability as well as the so-called Heap Feng Shui technique for exploiting heap buffer overflows in browsers. In 2008, he presented research at Black Hat showing how to bypass memory protection safeguards in Windows Vista. Together with a team of industry security researchers and academic cryptographers, he published research on creating a rogue certificate authority by using collisions of the MD5 cryptographic hash function in December 2008.
Sotirov is a founder and organizer of the Pwnie awards, was on the program committee of the 2008 Workshop On Offensive Technologies (WOOT '08), and has served on the Black Hat Review Board since 2011.
- John Markoff (2006-12-25). "Flaws Are Detected in Microsoft’s Vista". The New York Times. Retrieved 2009-01-05.
- Dennis Fisher. "VMWare loses top security researcher Sotirov and exec Mulchandani". Retrieved 2009-01-05.
- Bill Brenner. "Trail of Bits: An alliance of #infosec heavyweights". Retrieved 2012-02-14.
- "Vulnerability Note VU#191609: Microsoft Windows animated cursor stack buffer overflow". United States Computer Emergency Readiness Team. 2007-03-29. Archived from the original on 22 January 2009. Retrieved 2009-01-03.
- Sotirov, Alexander; Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Weger (2008-12-30). "MD5 considered harmful today". Archived from the original on 2 January 2009. Retrieved 2009-01-02.
- "2nd USENIX Workshop on Offensive Technologies (WOOT '08)". Archived from the original on 6 January 2009. Retrieved 2009-01-05.
- "Black Bat Review Board". Retrieved 2012-06-09.
- Violet Blue. "Top10 Sexy Geeks 2009". Retrieved 2008-12-20.
|P ≟ NP||This biographical article relating to a computer scientist is a stub. You can help Wikipedia by expanding it.|