this page is a list of my more formal apperances, in LIFO order.
personal blog postings can be found here.
yellow indicates an expected upcoming appearance;
red indicates a canceled appearance or event.
by year: 2023 • 2022 • 2021 • 2020 • 2019 • 2018 • 2017 • 2016 • 2015
"What does it look like to code-sign for an entire packaging ecosystem?"
ACM SCORED o/b/o Trail of Bits, November 2023.
"Securing your Package Ecosystem with Trusted Publishing"
PackagingCon o/b/o Trail of Bits, October 2023.
"Trusted Publishing: Lessons from PyPI"
OpenSSF Day Europe o/b/o Trail of Bits, September 2023.
Slides & video pending.
"It's 6PM: Do you know what your builds are doing?"
OSIRIS Lab colloquium o/b/o Trail of Bits, May 2023.
Slides
"Ergonomic codesigning for the Python ecosystem with Sigstore"
PyCon o/b/o Trail of Bits, April 2023.
Slides &
Video
"Windows codesigning without Windows: taming the root of trust"
Empire Hacking o/b/o Trail of Bits, February 2023.
Slides
"Python Packaging Mystery Meat"
HushCon West o/b/o Trail of Bits, December 2022.
Slides
"Sigstore for Python Packaging: Next Steps for Adoption"
Sigstorecon o/b/o Trail of Bits,
October 2022.
Slides &
Video
"It Depends"
Trail of Bits Podcast, June 2022.
Podcast
"A mostly gentle introduction to LLVM"
UMD-CSEC colloquium o/b/o Trail of Bits, April 2022.
Slides
"Differential analysis of x86-64 instruction decoders"
The Seventh Workshop on Language-Theoretic Security (LangSec) at IEEE S&P, May 2021.
Co-researchers: Niki Carroll (GMU) and Sebastiaan Peters (TU/e).
Preprint &
Video (backup, not live) &
Slides.
"compilers HATE him: use this ONE WEIRD TRICK to hide a message in your x86 program!!"
!!Con 2021, May 2021.
Slides &
Video
"Making build instrumentation boring with blight"
Lightning talk @ Empire Hacking o/b/o Trail of Bits, December 2020.
Slides &
Video
"Destroying x86_64 Decoders with Differential Fuzzing"
INFILTRATE Miami o/b/o Trail of Bits, November 2020.
Slides and video pending.
"Bringing Two Factor Authentication to PyPI"
Canceled due to COVID-19.
PyCon o/b/o Trail of Bits, April 2020.
Slides and video pending.
"TUFening PyPI: Securing the Package Supply Chain"
Canceled due to COVID-19.
PyCon o/b/o Trail of Bits w/ Paul Kehrer, April
2020.
Slides and video pending.
"steg86: hiding messages in x86 binaries"
Rust Munich, August 2020.
Slides &
Video
"Differential fuzzing, or: how to find bugs when (ground) truth isn't real"
UMD-CSEC colloquium o/b/o Trail of Bits, April 2020.
Slides
"Differential fuzzing, or: how to find bugs when (ground) truth isn't real"
OSIRIS Lab colloquium o/b/o Trail of Bits, March 2020.
Slides
"It's coming from inside the house: kernel space fault injection with KRF"
CSAW C2 o/b/o Trail of Bits, November 2019.
Slides
"Improving PyPI's security with Two Factor Authentication"
PyGotham o/b/o Trail of Bits, October 2019.
Slides
&
Video
"FLOSS Weekly 545: PyPI Security"
FLOSS Weekly o/b/o Trail of Bits, September 2019.
Podcast
"It's coming from inside the house: kernel space fault injection with KRF"
Linux Security Summit NA o/b/o Trail of Bits, August 2019.
Slides
&
Video
"Security, UX, and Sustainability For The Python Package Index"
Podcast.__init__ o/b/o Trail of Bits, August 2019.
Podcast
"Going sicko mode on the Linux Kernel"
Empire Hacking o/b/o Trail of Bits, February 2019.
Slides
"Fuzzing 101"
UMD-CSEC colloquium o/b/o Trail of Bits, Fall 2018.
Slides
"CMSC389R: Introduction to Ethical Hacking"
1-credit STICs course at UMD, Spring 2018. 14 weeks of lectures.
Course materials (Syllabus, slides, assignments)
–
Video available upon request
"Git 101: A Crash Course for Productive git Usage"
UMD-CSEC colloquium, Fall 2017.
Slides –
Source
"EMFS: Repurposing SMTP and IMAP for Data Storage and Synchronization"
Self Published, Spring 2016.
Paper –
LaTeX –
arXiv
"Cryptocurrencies, Reliable Storage, and Andrew Miller"
Shell Magazine, Spring 2015, Pages 16-18.
Department of Computer Science, University of Maryland, College Park.
Article