Junade Ali is a British

computer scientist A computer scientist is a person who is trained in the academic study of computer science. Computer scientists typically work on the theoretical side of computation, as opposed to the hardware side on which computer engineers mainly focus (al ...

known for research in

cybersecurity Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...

.CEng registration number ''673221''. https://www.engc.org.uk/regcheck Ali studied for a

Master of Science A Master of Science ( la, Magisterii Scientiae; abbreviated MS, M.S., MSc, M.Sc., SM, S.M., ScM or Sc.M.) is a master's degree in the field of science awarded by universities in many countries or a person holding such a degree. In contrast to ...

degree aged 17 and was awarded

Chartered Engineer Regulation and licensure in engineering is established by various jurisdictions of the world to encourage life, public welfare, safety, well-being, then environment and other interests of the general public and to define the licensure process thro ...

status by 24. He started his research career working on the UK's

Motorway Incident Detection and Automatic Signalling Motorway Incident Detection and Automatic Signalling, usually abbreviated to MIDAS, is a UK distributed network of traffic sensors, mainly inductive loops, (trialling at the moment radar technology by Wavetronix and magneto-resistive wireless s ...

network and working on the maximum coverage problem in road traffic sensor placement. Ali later worked for cybersecurity firm

Cloudflare Cloudflare, Inc. is an American content delivery network and DDoS mitigation company, founded in 2009. It primarily acts as a reverse proxy between a website's visitor and the Cloudflare customer's hosting provider. Its headquarters are in San ...

as an

engineering manager Engineering management is the application of the practice of management to the practice of engineering. Engineering management is a career that brings together the technological problem-solving ability of engineering and the organizational, admini ...

where he worked on developing network diagnostic tooling, a

security operations center A security operations center (SOC) is responsible for protecting an organization against cyber threats. SOC analysts perform round-the-clock monitoring of an organization’s network and investigate any potential security incidents. If a cybe ...

and safety-engineered

natural language processing Natural language processing (NLP) is an interdisciplinary subfield of linguistics, computer science, and artificial intelligence concerned with the interactions between computers and human language, in particular how to program computers to pro ...

. In February 2018, Ali created the first Compromised Credential Checking protocol (using ''k''-anonymity and

cryptographic hashing A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output re ...

) to anonymously verify whether a password was in a

data breach A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Other terms are unintentional information disclosure, data leak, info ...

without fully disclosing the searched password. This protocol was implemented as a public API and is now consumed by multiple websites and services, including

password manager A password manager is a computer program that allows users to store and manage their passwords for local applications and online services. In many cases software used to manage passwords allow also generate strong passwords and fill forms. Pas ...

s and

browser extension A browser extension is a small software module for customizing a web browser. Browsers typically allow a variety of extensions, including user interface modifications, cookie management, ad blocking, and the custom scripting and styling of web p ...

s. This approach was later replicated by

Google Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronics. ...

's Password Checkup feature and by

Apple An apple is an edible fruit produced by an apple tree (''Malus domestica''). Apple fruit tree, trees are agriculture, cultivated worldwide and are the most widely grown species in the genus ''Malus''. The tree originated in Central Asia, wh ...

iOS iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also includes ...

. Ali worked with academics at

Cornell University Cornell University is a private statutory land-grant research university based in Ithaca, New York. It is a member of the Ivy League. Founded in 1865 by Ezra Cornell and Andrew Dickson White, Cornell was founded with the intention to teach an ...

to develop new versions of the protocol known as ''Frequency Smoothing Bucketization'' (FSB) and ''Identifier-Based Bucketization'' (IDB). In March 2020,

cryptographic padding In cryptography, padding is any of a number of distinct practices which all include adding data to the beginning, middle, or end of a message prior to encryption. In classical cryptography, padding may include adding nonsense phrases to a message ...

was added to the protocol. Ali's research was praised in

Canadian Canadians (french: Canadiens) are people identified with the country of Canada. This connection may be residential, legal, historical or cultural. For most Canadians, many (or all) of these connections exist and are collectively the source of ...

cryptographer

Carlisle Adams Carlisle M. Adams is a Canadian cryptographer and computer security researcher. Formerly senior cryptographer at Entrust, he is currently a professor at the University of Ottawa. His notable work includes the design (with Stafford Tavares) of the ...

book, ''Introduction to Privacy Enhancing Technologies''. Ali conducts

research on

North Korea North Korea, officially the Democratic People's Republic of Korea (DPRK), is a country in East Asia. It constitutes the northern half of the Korea, Korean Peninsula and shares borders with China and Russia to the north, at the Yalu River, Y ...

and provides expert commentary to journalists at

NK News NK News is an American subscription-based news website that provides stories and analysis about North Korea. Established in 2011, it is headquartered in Seoul, South Korea with reporters in Washington, D.C. and London. Reporting is based on infor ...

. In January 2022, Ali told journalists at

and

Reuters Reuters ( ) is a news agency owned by Thomson Reuters Corporation. It employs around 2,500 journalists and 600 photojournalists in about 200 locations worldwide. Reuters is one of the largest news agencies in the world. The agency was estab ...

that he had observed

's internet being taken offline in a second major outage that month following a missile test, Ali told journalists that data he collected was consistent with a

DDoS In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host A ...

attack.

South Korea South Korea, officially the Republic of Korea (ROK), is a country in East Asia, constituting the southern part of the Korea, Korean Peninsula and sharing a Korean Demilitarized Zone, land border with North Korea. Its western border is formed ...

n Government officials responded by saying "we are monitoring the situation under coordination with relevant government agencies," without elaborating further.

Wired ''Wired'' (stylized as ''WIRED'') is a monthly American magazine, published in print and online editions, that focuses on how emerging technologies affect culture, the economy, and politics. Owned by Condé Nast, it is headquartered in San Fra ...

journalist,

Andy Greenberg Andy Greenberg is a technology journalist serving as a senior writer at ''Wired'' magazine. He previously worked as a staff writer at ''Forbes'' magazine and as a contributor for Forbes.com. He has published the books '' This Machine Kills Secrets ...

, later confirmed the downtime resulted from an attack and reported that a single American hacker by the pseudonym ''P4x'' had shared evidence of his responsibility. Ali currently owns the technology consultancy, ''Tansume Limited'' where he consults for cybersecurity firm ''Risk Ledger'' and engineering productivity company ''Haystack Analytics''. In July 2021, Ali commissioned a study by Survation for ''Haystack Analytics'' which found that 83% of software developers were suffering from burnout. The poll also found 57% of software engineers agreed "to a great extent" or "to a moderate extent" with the phrase "Software reliability at my workplace concerns me". Ali claimed this was "the first time representative opinion polling was used to understand software engineers." During the

COVID-19 Coronavirus disease 2019 (COVID-19) is a contagious disease caused by a virus, the severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). The first known case was COVID-19 pandemic in Hubei, identified in Wuhan, China, in December ...

pandemic, Ali worked on security improvements to the (Google/Apple) Exposure Notification system used to create public health

contact tracing In public health, contact tracing is the process of identifying persons who may have been exposed to an infected person ("contacts") and subsequent collection of further data to assess transmission. By tracing the contacts of infected individua ...

apps.

Selected publications

* Li, L., Pal, B., Ali, J., Sullivan, N., Chatterjee, R. and Ristenpart, T., 2019, November. Protocols for checking compromised credentials. In ''Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security'' (pp. 1387–1403). * Ali, J. and Dyo, V. (2020). Practical Hash-based Anonymity for MAC Addresses. In ''Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT'', ISBN 978-989-758-446-6; ISSN 2184-7711, pages 572–579. DOI: 10.5220/0009825105720579. * Ali, J. and Dyo, V., 2021, January. Cross hashing: Anonymizing encounters in decentralised contact tracing protocols. In ''2021 International Conference on Information Networking (ICOIN)'' (pp. 181–185). IEEE. * Pikies, M. and Ali, J., 2019, April. String similarity algorithms for a ticket classification system. In ''2019 6th International Conference on Control, Decision and Information Technologies (CoDIT)'' (pp. 36–41). IEEE. * Ali, J. and Dyo, V. (2017). Coverage and Mobile Sensor Placement for Vehicles on Predetermined Routes: A Greedy Heuristic Approach. In ''Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 5: WINSYS, (ICETE 2017)'' ISBN 978-989-758-261-5, pages 83–88. * Ali, J. (2016). Mastering PHP Design Patterns (book). ''Packt Publishing Ltd.'' * Ali, J. and Pikies, M. (2019). Password Authentication Attacks at Scale. ''The 6th International Conference on Advanced Engineering – Theory and Applications 2019.''

References

{{DEFAULTSORT:Ali, Junade Living people Computer security specialists British software engineers 1996 births