whiethat

RedPantz, nudehaberdasher

IRL Name:

Chris Valasek

Biography:

Chris Valasek is a computer security researcher with Cruise Automation, a self-driving car startup owned by GM, and known for his work in automotive security research. Prior to his current employment, he worked for IOActive, Coverity, Accuvant, and IBM . Valasek holds a Bachelors in Computer Science from University of Pittsburgh. He currently lives in Pittsburgh, Pennsylvania.

Valasek has publicly demonstrated many security vulnerabilities, with particular focus on Microsoft Windows heap exploitation. His 2009 presentation "Practical Windows XP/2003 Heap Exploitation" at BlackHat presented a novel approach to gaining elevated access in a Windows environment. Later research, such as his 2010 paper "Understanding the Low Fragmentation Heap: From Allocation to Exploitation" demonstrated ways to circumvent vendor mitigations to the approaches outlined in his prior work.

Facts

In 2013, he gained attention in his research with Charlie Miller in automotive security research, demonstrating a number of attack vectors against ECUs in automotive control networks like remotely hacking a 2014 Jeep Cherokee and controlling the braking, steering, and acceleration of the vehicle.

He released code, data and tools that allowed vehicles to be physically controlled through the vehicle’s CAN bus.

He is the Chairman of SummerCon.

Pictures: