Tavis Ormandy
   HOME

TheInfoList



Click Here for Items Related To - Tavis Ormandy
OR:
Tavis Ormandy on:   [Wikipedia]   [Google]   [Amazon]

Tavis Ormandy is an
English English usually refers to: * English language * English people English may also refer to: Peoples, culture, and language * ''English'', an adjective for something of, from, or related to England ** English national ide ...
computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
white hat White hat, white hats, or white-hat may refer to: Art, entertainment, and media * White hat, a way of thinking in Edward de Bono's book ''Six Thinking Hats'' * White hat, part of black and white hat symbolism in film Other uses * White hat (compu ...
hacker. He is currently employed by
Google Google LLC () is an American Multinational corporation, multinational technology company focusing on Search Engine, search engine technology, online advertising, cloud computing, software, computer software, quantum computing, e-commerce, ar ...
as part of their
Project Zero Project Zero is a team of security analysts employed by Google tasked with finding zero-day vulnerabilities. It was announced on 15 July 2014. History After finding a number of flaws in software used by many end-users while researching other p ...
team.


Notable discoveries

Ormandy is credited with discovering severe vulnerabilities in
LibTIFF LibTIFF is a library for reading and writing Tagged Image File Format (abbreviated TIFF) files. The set also contains command line tools for processing TIFFs. It is distributed in source code and can be found as binary builds for all kinds of pla ...
, Sophos'
antivirus Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the nam ...
software and Microsoft Windows. With Natalie Silvanovich he discovered a severe vulnerability in
FireEye Trellix (formerly FireEye and McAfee Enterprise) is a privately held cybersecurity company founded in 2022. It has been involved in the detection and prevention of major cyber attacks. It provides hardware, software, and services to investigat ...
products in 2015. His findings with Sophos' products led him to write a 30-page paper entitled "Sophail: Applied attacks against Sophos Antivirus" in 2012, which concludes that the company was "working with good intentions" but is "ill-equipped to handle the output of one co-operative security researcher working in his spare time" and that its products shouldn't be used on high-value systems. He also created an
exploit Exploit means to take advantage of something (a person, situation, etc.) for one's own end, especially unethically or unjustifiably. Exploit can mean: *Exploitation of natural resources *Exploit (computer security) * Video game exploit *Exploitat ...
in 2014 to demonstrate how a vulnerability in
glibc The GNU C Library, commonly known as glibc, is the GNU Project's implementation of the C standard library. Despite its name, it now also directly supports C++ (and, indirectly, other programming languages). It was started in the 1980s by ...
known since 2005 could be used to gain
root access In computing, the superuser is a special user account used for system administration. Depending on the operating system (OS), the actual name of this account might be root, administrator, admin or supervisor. In some cases, the actual name of t ...
on an affected machine running a 32-bit version of Fedora. In 2016, he demonstrated multiple vulnerabilities in
Trend Micro is an American-Japanese multinational cyber security software company with global headquarters in Tokyo, Japan and Irving, Texas, United State.Other regional headquarters and R&D centers are located around East Asia, Southeast Asia, Europe, and ...
Antivirus on Windows related to the Password Manager, and vulnerabilities in Symantec security products. In February 2017, he found and reported a critical bug in
Cloudflare Cloudflare, Inc. is an American content delivery network and DDoS mitigation company, founded in 2009. It primarily acts as a reverse proxy between a website's visitor and the Cloudflare customer's hosting provider. Its headquarters are in Sa ...
's infrastructure leaking user-sensitive data along with requests affecting millions of websites around the world which has been referred to as
Cloudbleed Cloudbleed was a Cloudflare buffer overflow disclosed by Project Zero on February 17, 2017. Cloudflare's code disclosed the contents of memory that contained the private information of other customers, such as HTTP cookies, authentication tokens, ...
(in reference to the
Heartbleed Heartbleed was a security bug in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbl ...
bug that Google co-discovered).


References


External links

* *
"Sophail: Applied attacks against Sophos Antivirus"
- Ormandy's paper on insecurities in Sophos products Google employees Hackers English computer programmers Living people Year of birth missing (living people) {{UK-compu-bio-stub