Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


+ - An Interview with David Litchfield->

Submitted by
CowboyRobot writes "David Litchfield is best known for his work on Oracle database security. He found what was then a new class of bug in Oracle software that could be used for lateral SQL injection attacks, as well as another previously unknown class of vulnerability that could be exploited for so-called "cursor-snarfing" attacks. The turning point for his career was 2002, when he and some colleagues at NGSSoftware started digging around Microsoft's SQL Server software for flaws. After demonstrating at Black Hat that year a vulnerability he discovered in the product, someone weaponized the research, resulting in the infamous Slammer worm that hit big-time in January of 2003. Slammer was a game-changing moment for Microsoft software security, as well as for the industry overall. "Someone had taken my exploit code ... It was one of those nightmare moments: am I doing the right thing there?" In an interview at Dark Reading, Litchfield describes his career as bug-hunter, his hobby diving with sharks, and how the movie, "The Net" pulled him away from zoology and toward his career as security expert."
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

An Interview with David Litchfield

Comments Filter:

Civilization, as we know it, will end sometime this evening. See SYSNOTE tomorrow for more information.