About
I am a senior research engineer on the Labs team at Duo Security. I like security, code that has tangible effects in the real world, and code that is silly on purpose.
Before Duo, I attended the University of Washington where I got a B.S. in Computer Science.
Some other writing
- What’s an EdDSA?
- Santa Leaves The Kernel: A macOS Endpoint Security Introduction and Case Study
- Protecting Accounts from Credential Stuffing, co-authored with Jordan Wright
- Introduction to the Noise Protocol Framework
- An Exploration of 2P-ECDSA, a threshold ECDSA scheme
- U2F Key Support in OpenSSH
- How Security Keys Store Credentials
- Message Passing and Security Considerations in Chrome Extensions
Talks / Research Projects
- Chain of Fools: An Exploration of Certificate Chain Validation Mishaps (and the Black Hat EU talk)
- Jailbreak Detector Detector: An Analysis of Jailbreak Detection Methods and the Tools Used to Evade Them