Follow Slashdot stories on Twitter


Forgot your password?

Submission + - An Interview with David Litchfield (

CowboyRobot writes: "David Litchfield is best known for his work on Oracle database security. He found what was then a new class of bug in Oracle software that could be used for lateral SQL injection attacks, as well as another previously unknown class of vulnerability that could be exploited for so-called "cursor-snarfing" attacks. The turning point for his career was 2002, when he and some colleagues at NGSSoftware started digging around Microsoft's SQL Server software for flaws. After demonstrating at Black Hat that year a vulnerability he discovered in the product, someone weaponized the research, resulting in the infamous Slammer worm that hit big-time in January of 2003. Slammer was a game-changing moment for Microsoft software security, as well as for the industry overall. "Someone had taken my exploit code ... It was one of those nightmare moments: am I doing the right thing there?" In an interview at Dark Reading, Litchfield describes his career as bug-hunter, his hobby diving with sharks, and how the movie, "The Net" pulled him away from zoology and toward his career as security expert."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

An Interview with David Litchfield

Comments Filter:

Were there fewer fools, knaves would starve. - Anonymous