Jump to content

Tavis Ormandy

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by SoWhy (talk | contribs) at 14:48, 4 February 2016 (copyedit last addition, used secondary source instead of primary). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Tavis Ormandy is an English computer security white hat hacker. He is currently employed by Google as part of their Project Zero team.[1]

Notable discoveries

Ormandy is credited with discovering severe vulnerabilities in Libtiff,[2] Sophos' antivirus software[3] and Microsoft Windows.[4] With Natalie Silvanovich he discovered a severe vulnerability in FireEye products in 2015.[5]

His findings with Sophos' products led him to write a 30-page paper entitled "Sophail: Applied attacks against Sophos Antivirus" in 2012, which concludes that the company was "working with good intentions" but is "ill-equipped to handle the output of one co-operative security researcher working in his spare time." and that its products shouldn't be used on high-value systems.[6]

He also created an exploit in 2014 to demonstrate how a vulnerability in Glibc known since 2005 could be used to gain root access on an affected machine running a 32-bit version of Fedora.[7]

In 2016, he demonstrated multiple vulnerabilities in Trend Micro Antivirus on Windows related to the Password Manager.[8]

References

  1. ^ Greenberg, Andy (15 July 2014). "Meet 'Project Zero,' Google's Secret Team of Bug-Hunting Hackers". Wired.com. Retrieved 4 January 2015.
  2. ^ Constantin, Lucian (30 December 2014). "Hey, devs! Those software libraries aren't always safe to use". Computerworld. Retrieved 5 January 2015.
  3. ^ Greenberg, Andy (4 August 2014). "Google Researcher Exposes Flaws In Sophos Software, Slams Antivirus Industry". Forbes. Retrieved 5 January 2015.
  4. ^ Keizer, Gregg (23 May 2013). "Google engineer bashes Microsoft's handling of security researchers, discloses Windows zero-day". Computerworld. Retrieved 5 January 2015.
  5. ^ RCE vulnerability in jar analysis, FireEye.
  6. ^ Tung, Liam (6 November 2012). "Google security researcher: Keep Sophos away from high value systems". CSO Online. Retrieved 5 January 2015.
  7. ^ Böck, Hanno (26 August 2014). "Fehlerhaftes Null-Byte führt zu Root-Zugriff" (in German). Golem.de. Retrieved 5 January 2015.
  8. ^ Goodin, Dan (11 January 2016). "Google security researcher excoriates TrendMicro for critical AV defects". Ars Technica. Retrieved 4 February 2016.


Template:Persondata