dwindsor

Welcome to the personal Ubuntu wiki page of David Windsor. I'm typically not one for self-promotion, so what follows is an effort at an objective summary of my interests, professional and otherwise.

I'm a Linux hacker, interested in most aspects of operating system design. While many kernel subsystems hold my attention, I have a particular interest in OS security. Among other things, I enjoy covert back-channel analysis, compiler hardening and static analysis/vulnerability assessment. I've done research on Mandatory Access Control (MAC) systems and policies, making contributions to SELinux both professionally and personally.

Recently, I joined the Ubuntu-Hardened team. I'm currently working on patching upstream kernels in accordance with the Ubuntu Security Team's Kernel Hardening Roadmap.

Launchpad ID:

dwindsor

GPG Key

6B196CC9

Ubuntu Forums:

dwindsor

IRC:

nullcore on irc.freenode.net and irc.oftc.net

Email:

dwindsor at gmail dot com

About Me

Programming Languages

  • C: expert
  • C++: expert
  • Java: advanced
  • Python: advanced
  • Perl: competent
  • PHP: advanced
  • SQL: advanced
  • Bash: advanced
  • Javascript: beginner
  • CSS/DHTML: beginner
  • UML: advanced

Other Technologies

  • gdb

  • Linux Security Modules

  • SELinux
    • Kernel and userspace object managers
    • Policy development and analysis

  • SWIG

  • SDKs:
    • Android, Java bindings
    • Gtk+, Python bindings (PyGTK/Glade)
    • Qt 4.x

Significant Contributions

  • Secure IPC: libsipc

    • I helped design the architecture of a userspace IPC mechanism which minimized back-channel information flow between processes of different security levels to a mathematical minimum (1 bit per unit time). I also implemented the solution, a userspace library named libsipc.

  • Linux Virtual Machine Hardening

    • I proposed the initial solution to adding SELinux support for MAC enforcement of virtual machines. My patch added SELinux support to QEMU. This allowed administrators to assign different security labels to VMs, isolating them into separate security domains.

Team Memberships

Future Plans & Projects

What are you planning on doing in imediate and longer future? Doesn't have to all have to do with linux, looking at a degree or certification? Looking for membership to a team?

Current Project & Goals

I'm working on various items found on the Ubuntu Security Team's Kernel Hardening Roadmap.

In particular, I'm working to get a select number of grsecurity's kernel hardening patches upstreamed into the mainline Linux kernel. Currently, I'm patching the kernel to control access to set_kernel_text_rw via sysctl, or perhaps eliminating the function altogether.

Contributions to the Ubuntu Community

Support

I try to answer questions on the Ubuntu forums.

dwindsor (last edited 2011-09-19 15:30:29 by c-98-211-95-18)