Kees Cook
4207 SE Woodstock Blvd #420
Portland, OR 97206 USA
 
resume@outflux.net
 
EMPLOYMENT:
 
Staff Security Engineer, Chrome OS
Google, Inc.
September 2011 - present
(Full Telecommute) Portland, Oregon
Research and solve security flaws in Chrome OS. Port and develop new vulnerability mitigation techniques for the Linux kernel, GNU libc, and other software.
 
Technical Lead of Ubuntu Security Team
Canonical, Inc.
September 2006 - September 2011
(Full Telecommute) Portland, Oregon
Publish security updates for millions of Linux systems running the Ubuntu distribution world-wide. Develop regression tests for updated packages. Research security flaws in commonly used Ubuntu software, resulting in many assigned CVEs, including local root escalations in the Linux kernel. Develop and drive integration of proactive compiler and kernel security hardending features in the Ubuntu distribution, including stack-protector, fortify-source, address space layout randomization, read-only relocations, position independent executables, and immediate relocations, among others. Wrote Yama LSM for symlink, hardlink, and ptrace restrictions. Assisted with Linux kernel address leak restrictions and kernel module read-only/non-executable memory markings. Maintain AppArmor as the default LSM in Ubuntu. Integrate new upstream software written in a wide range of languages into the Ubuntu package archive. Use bazaar, git, and subversion for version control.
 
Senior Network Administrator
Open Source Development Labs
March 2003 - September 2006
Beaverton, Oregon
Supported office network and system infrastructure, including 200+ lab machines, with individually customized hardware/software configurations and Linux distributions for external and internal project use. Performed network and server security audits and penetration testing. Redesigned, implemented, and support fully redundant network consisting of Foundry BigIron core, with Dell Powerconnect and HP Procurve edge. Designed and implemented strong anti-spam and anti-virus systems. Created centralized file and email repository and wrote software to unpack, index, and search for subpoena terms. Administer kernel.org's mirror registration/publication system and handle account requests. Trained 2 junior system administrators. Recommended and reviewed quotes for network, server, and storage upgrades. Participated in several Open Source projects: rackview, STP, PLM, systemimager, mimedefang, and others. Used CVS for change management, cfengine for distributed system configurations. Relocated entire lab over a weekend.
 
Embedded Software Engineer
Reach Technology, Inc.
November 2002 - February 2003
Lake Oswego, Oregon
Designed and developed 8051 firmware in C for several boards working together as a medical pill/syringe dispenser, including servo control, current measurement, IR detection, LED control, button-push notification, and RS485 communication. Created production test suite for validating dispenser hardware and software. Wrote firmware in C for a Mitsubishi microprocessor running a multi-panel LCD controller, including touch-screen support, external bitmap storage, and a serial downloaded protocol for writing to the on-board EEPROM. Updated Xilinx logic used for panel control. Designed and developed LCD controller firmware support tools. Reconfigured office network and set up a VPN for mobile access to office resources.
 
Embedded Software Engineer
Snap-On Diagnostics
March 2001 - December 2002
(Partial Telecommute) Lincolnshire, Illinois
Worked on new-product development team to create next-generation hand-held vehicle diagnostics device. Designed and developed driver under WinCE 3.0 for real-time waveform capture card on ZFMicro x86. Created prototype capture driver under QNX RTP and QNX 4.0 for MPC8xxx. Rewrote WinCE kernel cache flush routines for ZFMicro. Assisted in creating Platform Builder environment for ZFMicro target. Wrote WinCE i2c driver for motherboard controller, back-lighting, contrast, power management, and slot power ICs. Rewrote system management PIC firmware to handle parallel events. Wrote utilities for testing and debugging i2c bus, ISA bus, PCI bus, and waveform card under WinCE. Used Visual Source Safe for source and documentation revision control. Used TrackRecord for bug tracking and feature additions. Designed automated build process.
 
Pre-Sales Systems Engineer
Lucent Technologies
August 2000 - March 2001
(Full Telecommute) Lisle, Illinois
Managed customer accounts interested in buying telecommunications gear. Assisted in designing a fully meshed optical telephony/data network for Ohio-based customer. Trained on Lucent Stinger, MAX, TNT, Chromatis, Access Point, 5ESS, and Softswitch products.
 
Unix Systems Architect Consultant
AT&T Global Network Services
March 1999 - August 2000
(Partial Telecommute) Schaumburg, Illinois
Worked as technical lead for team of Systems Administrators managing the 1.2 million user e-mail and news service. Designed and implemented migration of all e-mail accounts from sendmail and in-house IBM SMTP/POP software to in-house AT&T "Maillennium" SMTP/POP/IMAP software. Designed and built network-available RAID5 system for service's e-mail storage. Organized and assisted team to relocate 30+ AIX servers (running sendmail, DB2, and other services) without interrupting production service. Migrated entire production FDDI network to FastEthernet without interrupting production service. Wrote patches for in-house POP3 tools to improve efficiency, protect against buffer overflows, and correctly detect errors. Debugged and tracked AIX system calls under heavy system load. Wrote task automation and monitoring systems in Perl. Analyzed network storage solutions and advised on purchasing. Used in-house change management software.
 
Unix Systems Architect Consultant
Walgreens
July 1998 - February 1999
Deerfield, Illinois
Joined team of System Administrators to advice on efficiency, process, and system management. Implemented enterprise-wide backup solution using a StorageTek 9710 with DLT7000 drives and ReelBackup for Sun E10k, E6k, E4k, and HP & Sequent servers. Organized and automated a 3.2 terabyte Oracle DB solution for an E10k using 6 EMC Symmetrix disk cabinets and Veritas VM. Performed general Solaris and firmware upgrades and troubleshooting. Analyzed SCSI driver differences between versions 2.5 and 2.6 of Solaris. Debugged SCSI commands and communication between servers, SCSI MUXs, and DLT tape drives. Debugged and analyzed thread library operation in Oracle under Solaris. Analyzed runtime and provided efficiency solutions for a parallel tasking FTP tool used to collect data from 3500 store SCO servers distributed nationwide over a satellite network. Wrote Perl scripts for general administration automation and verification. Started department-wide process documentation initiative. Used RCS for change management.
 
Senior Systems Administrator
Counterpoint Networking
July 1996 - August 2000
Chicago, Illinois.
Administered all corporate production Linux servers, providing individuals and small businesses with DNS, email, and web services. Configured and maintained Cisco/Netopia/Linux firewalls and routers. Wrote system automation and management tools in Perl and shell. Designed and implemented secure network topologies, VPNs, and firewalls for clients. Provided consulting services for Fortune 500 clients with Solaris, AIX, and HP-UX machines. Managed marketing and office staff. Made budget and purchasing decisions. Used RCS for change management.
 
Systems Administrator
Motorola Cellular Subscriber Sector
November 1997 - July 1998
Urbana, Illinois
Joined team providing primary systems support for Solaris (40+ Ultra, 7 E450), AIX (8 PPC), NT (20+), Mac (10+) and SysV R4 machines used for cell phone development projects (ClearCase, Oracle, DDTS). Configured and maintained a Netscape 2.51 server with LDAP authentication. Designed and maintained system and network administration tools for use on multiple platforms (Perl & shell). Used ClearCase and RCS for source and documentation revision control.
 
Server/Workstation Support Consultant
Hewlett Packard
January 1997 - November 1997
Urbana, Illinois
Provided campus-wide support for Hewlett Packard and Sun servers and workstations. Performed system installations and upgrades, maintained up-to-date patch and install server. Taught systems administration classes for staff in need of HP-UX and general Unix training.
 
Research Programmer
Beckman Artificial Intelligence Lab
January 1997 - August 1997
Urbana, Illinois
Worked on a team building a battleship emergency training simulator. Designed and implemented intelligent agents playing roles in the trainer, written in ART Enterprise, Lisp, and Visual C++. Created external database interface for simulation components. Maintained medical expert systems written in Prolog.
 
Associate Systems Administrator
Motorola Computer Group
January 1996 - January 1997
Urbana, Illinois
Joined team providing primary systems support for AIX (8 PPC, 1 RS6000), System 5 (30+ 68K), NT (2), and Mac (5) machines used for operating system development and testing projects. Designed and maintained system and network administration tools for remote management, revision control, and monitoring on multiple platforms (Perl & shell). Wrote departmental process documentation.
 
On-Site Consultant
UIUC Computing and Communications Labs
August 1994 - June 1995
Champaign/Urbana, Illinois
Assisted students with system and software problems. Maintained 30+ PC & Macintosh computers per lab, running on a campus-wide Novell network, offering a variety of software and services.
 
 
PRESENTATIONS:
 
Chrome OS Hardening November 2012
BsidesPDX
Review of the security hardening techniques in the Chrome OS platform, ranging from compiler hardening and user-space confinement to verified boot and ring-0 isolation.
 
Finding kernel vulnerabilities using Coccinelle
August 2012
Linux Security Summit
Demonstrated use of Coccinelle static source code analyzer for finding Linux kernel vulnerabilities, both large and small.
 
Kernel Exploitation Via Uninitialized Stack
August 2011
DefCon
Walk-through of leveraging uninitialized stack memory into a full-blown root escalation in the Linux kernel. Covers finding vulnerabilities, avoiding the pitfalls of priming the stack, and turning memory corruption into a stable exploit.
 
Roundtable Discussions: Kernel Hardening, LSM Architecture
September 2011
Linux Security Summit
Led round-table discussions on the state and future of Kernel Hardening (threats, mitigations, and enhanced seccomp), and the LSM Architecture (need for modularity and stacking).
 
"Widely Used But Out-Of-Tree"
August 2010
Linux Security Summit
Review and examination of many security systems, features, and patches that are not in the mainline Linux kernel, but are widely utilized by distributions and end-users.
 
"Security for Human Beings: Protecting Ubuntu"
July 2007
O'Reilly Open Source Convention
Overview of the daily life of an Ubuntu Security Engineer, covering reactive responses, vulnerability research, and proactive development.
 
"DVR Happiness: Gluing MythTV and TiVo Together with Galleon"
July 2006
O'Reilly Open Source Convention
Integrating multiple Digital Video Recorder technologies including examples of hardware, conversion, streaming, and management.
 
"Embedded Interface Testing with Python: PyUnit and PySerial"
August 2005
O'Reilly Open Source Convention
Walk-through of PyUnit module and its use for unit and regression testing, especially in the case of evaluating embedded device interfaces.
 
"Email Security Techniques: Filtering the Future"
August 2005
O'Reilly Open Source Convention
Presented case study of using advanced email filtering techniques for mitigating the constant flood of incoming spam.
 
 
AFFILIATIONS:
 
Linux Foundation January 2014 - July 2014
Member of the Job Task Analysis Committee. Recruited by The Linux Foundation to serve as part of a global committee of Linux experts developing a list of knowledge, skills, and abilities (KSAs) essential for different levels of Linux system administration professionals. Activities included developing surveys to gather critical task information, analyzing and providing expert guidance on KSAs, providing key feedback regarding required domains for the exam content blueprint, and collaborating with other Committee members to then create the exam content blueprint for use by the Item Writing Committee.
 
Linux Security Summit May 2010 - present
Member of the Program Committee.
 
Debian December 2007 - present
Debian Developer.
 
Ubuntu September 2006 - present
Core Developer. Member of the Technical Board since September 2009.
 
Kernel.org February 2004 - February 2012
Member of the Kernel.org Board of Directors. Contribute to the sysadmin team that provides the primary Linux kernel software mirror. Handle mirror registration and validation along with user administration.
 
Electronic Frontier Foundation May 2002 - present
Member.
 
USENIX/SAGE March 2003 - March 2007
Member.
 
 
PROJECTS:
 
Inkscape Scalable Vector Graphics Editor November 2003 - present
GNU C/C++, Bazaar, Subversion, CVS
Contribute to build processes and packaging. Wrote metadata handling code including selectable Creative Commons Licenses. Join in pre-release bug-hunting events.
 
DefCon Capture the Flag participation Jul 2003 - Aug 2008
Python, C, x86 assembly, Perl, 6502 machine code, C#
Participate in the annual DefCon security penetration contest. Compete against 7 other teams of security professionals and government agencies. Analyze live networks, audit previously unseen code for security weaknesses, and exploit flaws in other teams' services. Won in 2006 and 2007.
 
Network-Level Anti-Spam Procedures Feb 2002 - present
Perl, m4, CVS
Developed extensive successful anti-Spam rulesets for sendmail with MIMEDefang, including full implementations of Sender Policy Framework, Sender Rewriting Scheme, Sender Address Verification, Spam URI Realtime Blocklists, and use of several DNS Realtime Blocklists, ClamAV, and custom SpamAssassin rules.
 
Chicago Art Exhibitor Database January 2001 - present
PHP, Perl, MySQL, RCS
Designed and developed back-end and web-site interface for Chicago-area art exhibitor database. Site provides event announcement services for subscribed patrons. Currently supporting 120+ exhibitors and 2000+ patrons.
 
Sendpage TAP Paging Server November 1997 - present
Perl, GNU C, CVS
Wrote server to take alphanumeric pages via SNPP, queue requests, control a bank of modems, and dial out in parallel to gateways speaking the Telocator Alphanumeric Protocol. Developed operating-system-independent serial-port control tool. Maintain worldwide paging provider TAP telephone number list.
 
GOPchop MPEG2 Editor November 2001 - present
GNU C/C++, CVS
Created a Group-of-Pictures-accurate MPEG2-PS file editor. Written for the GTK widget set. Wrote text-based MPEG file parser. Designed against the output from the BMK MPEG2 video capture board.
 
"Hypothal" Natural Language Chat System October 1997 - Jul 2003
GNU C, Perl
Designed, implemented, and modified several different systems for natural language parsing and response. Implementations included pattern matching, neural nets, and phrase analysis.
 
Msgs Database August 1996 - July 2003
GNU C, Perl, CVS
Designed and implemented a centralized user messaging database system, modeled after the simple Sequent "msgs" tool. Created an SSL-protected network communication protocol for off-site access. Wrote several clients (text and GTK based) to interact with the database.
 
DVD Navigation interface March 2002 - March 2003
GNU C, CVS
Developed interface between Linux Movie Player and libdvdnav to support DVD Menu navigation.
 
SCSI Terminal Server Driver for Linux August 2000 - September 2002
GNU C, RCS
Developed Linux driver interface for the Digi/Central Data SCSI Terminal Server. Ported EtherLite drivers to Linux 2.4.x and wrote extensive debugging routines for SCSI generic functions. Created user-space SCSI-testing tools. Rewrote firmware updater for the entire line of STS devices. Wrote SCSI subsystem patch for Linux, which was approved for release in 2.4.x kernel series.
 
SCSI-over-USB Driver for Linux December 1999 - September 2000
GNU C
Debugged and corrected Linux usb-storage driver for operation with the RBC subset of the SCSI command set. Tested using Sony DSC-family digital cameras.
 
Distributed Global Shell January 1996 - June 2000
Perl, RCS
Improved on the Perl example tool "gsh" used for accessing a large number of computers to perform an identical set of commands on each machine. Implemented full parallel tasking, a macro language, and local command execution. Added support for SSH.
 
TIGER/Line Database Interface October 2000 - November 2000
Perl
Wrote a tool-set to convert US Census TIGER/Line geographic text data into an indexed SQL database. Designed to assist GPS mapping development.
 
 
PUBLICATIONS:
 
Cook, "Configuring a Minimal Web Server"
October 1996
SysAdmin Magazine
Authored article on how to install and configure NCSA and Apache Web Servers.
 
Cardenas, "Vectors: Not Just For Graphics Anymore"
April 2000
Stepwise
Created instruction count data visualization graphs to assist the author.
 
 
EDUCATION:
 
BS Computer Science
University of Illinois at Urbana Champaign, Engineering College
August 1994 - June 1998
Champaign/Urbana, Illinois
Concentration in Cognitive Psychology. Final course work pending.
 
 
SKILLS:
 
Programming/Scripting/Interface/Markup Languages
GNU C, GNU C++, Intel Assembly, PIC Assembly, MSVC++, Java, Lisp, Pascal, MIPS Assembly, ART Enterprise, Fortran 77; Python, JavaScript, PHP, Bash/Korn Shell, Perl; CGI, TAP; HTML, XML, CSS
 
Operating/Windowing Systems Internals
GNU/Linux, WinCE 3.0, QNX, Solaris, HP-UX; GTK, X Window System, Photon
 
Hardware/Encoding Internals
x86, x86_64, ARM, 8051, Xilinx, PIC, SCSI, I2C, serial, MPC8xx, USB; MPEG2, DVD-NAV
 
Revision Control/Build Tools/Packaging
Bazaar, Git, Quilt, Subversion, CVS, RCS, BitKeeper, VSS, ClearCase; autoconf, automake, GNU make, WinCE Platform Builder; debhelper, cdbs
 
Operating Systems/Protocols/Services/Disk Management
GNU/Linux, FreeBSD, OpenBSD, embOS, QNX, AIX, Solaris, HP-UX, SysV, DOS, MacOS, MSWindows, IRIX, SunOS; TCP/IP, DNS, SMTP, SSH, SSL, HTTP, NFS, IPsec, SMTP, FTP, UDP, NIS, SNMP, SNPP, BGP, Telnet, RSH; Apache Web Server, Sendmail, Postfix, OpenVPN, OpenLDAP, Netscape Server, Quagga; Linux LVM/RAID, AIX LVM/JFS, Veritas LVM/FS.
 
Hardware/Telecommunication
Dell PowerEdge, RS6000 (43P, R50, H70, S80), PowerPC, EMC, Sparc, Ultra Sparc, Sparc Enterprise, HP9000 (C/J-class), Motorola PPC, IBM-PC and compatibles, Macintosh family; Fibre, Cat5e, and coax cabling, Foundry BigIron, Dell Powerconnect, HP Procurve, Cisco routers/switches, Lucent(Ascend) network gear (DSLAM, ATM switches, Ethernet switches, IP routers, ISDN/DSL/T1 pipelines), FDDI, 3Com switches/hubs
 
Software/Databases
GNU tools, OpenOffice, Inkscape, IDA, Legato, ORCAD, TrackRecord, Visio, ReelBackup, Visual Thought, Borland Products, Netware Clients, MS Products, WordPerfect, PageMaker, PhotoShop, Web Browsers, Norton Products, and a wide variety of telecommunication and Internet packages; MySQL, PostgreSQL, DB2, Oracle, ClearCase
 
 
Last updated on: Sun Aug 24 16:30:55 2014