About

I am a senior research engineer on the Labs team at Duo Security. I like security, code that has tangible effects in the real world, and code that is silly on purpose.

Before Duo, I attended the University of Washington where I got a B.S. in Computer Science.

Some other writing

• What’s an EdDSA?
• Santa Leaves The Kernel: A macOS Endpoint Security Introduction and Case Study
• Protecting Accounts from Credential Stuffing, co-authored with Jordan Wright
• Introduction to the Noise Protocol Framework
• An Exploration of 2P-ECDSA, a threshold ECDSA scheme
• U2F Key Support in OpenSSH
• How Security Keys Store Credentials
• Message Passing and Security Considerations in Chrome Extensions

Talks / Research Projects

• Chain of Fools: An Exploration of Certificate Chain Validation Mishaps (and the Black Hat EU talk)
• Jailbreak Detector Detector: An Analysis of Jailbreak Detection Methods and the Tools Used to Evade Them

Contact me

• [email protected]
• @wellhydrated on Twitter