Jump to content

Charlie Miller (security researcher)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Afvalbak (talk | contribs) at 19:56, 13 May 2020 (add publication). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Charlie Miller
Charlie Miler speaking at Truman State University
NationalityUnited States
Alma materNortheast Missouri State, University of Notre Dame
Known forPwn2Own contest winner
Scientific career
FieldsComputer Science
Thesis New Types of Soliton Solutions in Nonlinear Evolution Equations  (2000)
Doctoral advisorMark S. Alber

Charles Alfred Miller is an American computer security researcher with Cruise Automation.[1][2][3] Prior to his current employment, he spent five years working for the National Security Agency and has worked for Uber.[4][5]

Education

Miller holds a bachelors in mathematics with a minor in philosophy from the then called Northeast Missouri State, and a Ph.D. in Mathematics from the University of Notre Dame in 2000. He lives in Wildwood, Missouri.[1]

Security research

Miller has publicly demonstrated many security exploits of Apple products. In 2008, he won a $10,000 cash prize at the hacker conference Pwn2Own in Vancouver, British Columbia, Canada for being the first to find a critical bug in the MacBook Air.[citation needed] The following year, he won $5,000 for cracking Safari. In 2009, he and Collin Mulliner demonstrated an SMS processing vulnerability that allowed for complete compromise of the Apple iPhone and denial-of-service attacks on other phones. In 2011, he found a security hole in the iPhone and iPad, whereby an application can contact a remote computer to download new unapproved software that can execute any command that could steal personal data or otherwise using iOS applications functions for malicious purposes. As a proof of concept, Miller created an application called Instastock that was approved by Apple's App Store. He then informed Apple about the security hole, who then promptly expelled him from the App Store.[6]

Miller participated in research on discovering security vulnerabilities in NFC (Near Field Communication).[7]

Miller, along with Chris Valasek, is known for remotely hacking a 2014 Jeep Cherokee and controlling the braking, steering, and acceleration of the vehicle.[8]

Publications

  • iOS Hacker Handbook[9]
  • The Mac Hacker's Handbook[10]
  • Fuzzing for Software Security Testing and Quality Assurance[11]
  • Battery firmware hacking: inside the innards of a smart battery[12]

References

  1. ^ a b "Wildwood man is renowned for hacking, cybersecurity skills". St. Louis Post-Dispatch. STLtoday.com. June 18, 2012. Retrieved June 18, 2012.
  2. ^ Menn, Joseph. "Security researcher who hacked moving Jeep leaves Twitter". Reuters. Retrieved 24 August 2015.
  3. ^ "Charlie Miller on Twitter". Twitter. Retrieved 2017-03-20.
  4. ^ "Charlie Miller joins Uber Advanced Technology Center". Twitter. August 28, 2015.
  5. ^ O'Harrow Jr, Robert (June 2, 2012). "Understanding cyberspace is key to defending against digital attacks". The Washington Post. The Washington Post Company. Retrieved June 18, 2012.
  6. ^ "Charlie Miller Circumvents Code Signing For iOS Apps". slashdot.org. 2011-11-07. Retrieved 2018-05-08.
  7. ^ Greenberg, Andy (2012-07-25). "DARPA-Funded Researcher Can Take Over Android And Nokia Phones By Merely Waving Another Device Near Them". Forbes. Retrieved 2018-05-08.
  8. ^ Greenberg, Andy (2015-07-21). "Hackers Remotely Kill a Jeep on the Highway—With Me in It". Wired. Retrieved 2018-05-08.
  9. ^ Miller, Charlie. (2012). IOS Hacker's Handbook. Blazakis, Dion., DaiZovi, Dino., Esser, Stefan., Iozzo, Vincenzo., Weinmann, Ralf-Philip. New York: Wiley. ISBN 978-1-118-24075-5. OCLC 815648715.
  10. ^ Miller, Charles, 1951- (2009). The Mac hacker's handbook. Dai Zovi, Dino. Indianapolis, IN: Wiley. ISBN 978-0-470-48147-9. OCLC 320957610.{{cite book}}: CS1 maint: multiple names: authors list (link) CS1 maint: numeric names: authors list (link)
  11. ^ Takanen, Ari. (2008). Fuzzing for software security testing and quality assurance. Demott, Jared D., Miller, Charles, 1951-. Boston: Artech House. ISBN 978-1-59693-215-9. OCLC 568023386.
  12. ^ Miller, Charlie (2011-07-12). "Battery Firmware Hacking: Inside the innards of a Smart Battery" (PDF). BlackHat.{{cite web}}: CS1 maint: url-status (link)