Alexander Peslyak (Александр Песляк) (born 1977), better known as Solar Designer, is a security specialist from Russia. He is best known for his publications on exploitation techniques, including the
return-to-libc attack and the first
generic heap-based buffer overflow exploitation technique, as well as
computer security protection techniques such as
privilege separation for
daemon processes.
Peslyak is the author of the widely popular
password cracking
In cryptanalysis and computer security, password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system in scrambled form. A common approach (brute-force attack) is to repeatedly try ...
tool
John the Ripper. His code has also been used in various third-party operating systems, such as
OpenBSD
OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. According to the website, the OpenBSD project em ...
and
Debian
Debian (), also known as Debian GNU/Linux, is a Linux distribution composed of free and open-source software, developed by the community-supported Debian Project, which was established by Ian Murdock on August 16, 1993. The first version of D ...
.
Work
Peslyak has been the founder and leader of the
Openwall Project since 1999. He is the founder of Openwall, Inc. and has been the CTO since 2003. He served as an advisory board member at the Open Source Computer Emergency Response Team (oCERT) from 2008 until oCERT's conclusion in August 2017. He also co-founded oss-security.
He has spoken at many international conferences, including
FOSDEM and CanSecWest. He wrote the foreword to
Michał Zalewski's 2005 book ''Silence on the Wire''.
Alexander received the 2009 "Lifetime Achievement Award" during the annual
Pwnie Award
The Pwnie Awards recognize both excellence and incompetence in the field of information security. Winners are selected by a committee of security industry professionals from nominations collected from the information security community. Nomine ...
at the
Black Hat Security Conference. In 2015
Qualys acknowledged his help with the disclosure of a
GNU C Library gethostbyname
function buffer overflow ().
See also
*
Security-focused operating system
References
External links
Openwall Project home pageSolar Designer's pseudo homepage* http://phrack.org/issues/69/2.html#article
{{Linux people
People associated with computer security
1977 births
Living people