Alec Muffett

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Alec Muffett
Alec muffett.jpg
Alec David Edward Muffett

(1968-04-22) April 22, 1968 (age 51)
OccupationInternet-security evangelist, architect, and software engineer

Alec David Edward Muffett (born April 22, 1968) is an Anglo-American internet-security evangelist, architect, and software engineer. He is principally known for his work on Crack, the original Unix password cracker, and for the CrackLib password-integrity testing library; he is also active in the open-source software community.

Tech career[edit]

Muffett joined Sun Microsystems in 1992, working initially as a systems administrator. He rose “through the ranks” to become the Principal Engineer for Security, a position which he held until he was retrenched, with many others, in 2009[1] (shortly before Oracle acquired Sun). While at Sun he was one of the researchers who worked on the factorization of the 512 bit RSA Challenge Number; RSA-155 was successfully factorized in August 1999.[2] Muffett also worked on the Sun MD5 hash algorithm, which was introduced in Solaris 9 update 2. The new algorithm drew on Muffett's work in pluggable crypt, and it is now implemented in many different languages, for example Python.[3]

The algorithm uses the complete text of the famous soliloquy from Shakespeare's Hamlet: "To be or not to be, that is the question..." as the constant data. Muffett justified the choice of this text because "it exposes more programmers to Shakespeare, which has got to be a good thing".[4] After a sabbatical year, Muffett began to work on The Mine! Project, as lead developer. He subsequently became a director and consultant at Green Lane Security; he also consults for Surevine. He became a director of the Open Rights Group in October 2011.[5] Muffett blogs professionally, for Computer World at Unscrewing Security and personally at Dropsafe, and has numerous publications to his credit, besides being a frequent presenter at technical conferences.[6]

Muffett is a co-inventor (with Darren Moffat and Casper Dik) of the patent "Method and apparatus for implementing a pluggable password obscuring mechanism", United States Patent 7,249,260, Issued June 12, 2003.[7]

In 2015 Muffett was named as one the Top 6 influential security thinkers by SC Magazine.[8] In October of that year he coauthored [9] RFC 7686 "The ".onion" Special-Use Domain Name", with Jacob Applebaum.

More recently, Muffett assisted the New York Times with the creation of their own Tor onion site.[10] Following that he created an Onion Wikipedia site, accessible only over Tor [11]

Previously, Muffett worked as a software engineer for Facebook, leading the team which added end-to-end encryption to Facebook Messenger.[12] Currently, he works as Principal Engineer, Infrastructure Security at Deliveroo.[13]


External links[edit]