Professional Bio

I am a Computer Scientist, security & privacy researcher, and most recently a software engineer. I work at FUTO building ethical tech that puts regular people back in control of their own data.

Prior to joining FUTO, I was an Associate Professor of Computer Science at Portland State University from 2012 until 2021. I taught courses in computer and network security, and my research included encrypted databases and security and privacy for multimedia. I started the Circles project while on sabbatical from PSU during the 2020-21 academic year.

From 2008 - 2012, I was Technical Staff at MIT Lincoln Laboratory. I ran technical test and evaluation of various government-sponsored R&D projects, and I helped to advise various offices in the DoD on how cybersecurity could impact their missions.

From 2002 - 2008, I was a PhD student at Johns Hopkins University, working for Prof. Gerry Masson and Prof. Fabian Monrose. My thesis was on using statistical analysis and crude machine learning on encrypted network traffic to infer hidden information, like the language being spoken inside an encrypted voice-over-IP call.

Over the years, I have presented at many of the top conferences in security and privacy, including: USENIX Security (2007), IEEE Security & Privacy (2008), NDSS (2009), RAID (2010), Real World Crypto (2016), Enigma (2018), IEEE EuroS&P (2018), and FOCI (2018).

Interests

I sometimes work on systems security projects where encryption and cryptography play an important role, but I am not a formally trained cryptographer. Mostly I’m good at thinking like an adversary and figuring out how systems could be broken. But I also enjoy building things whenever I get the chance.

I spent a lot of time in the 2010’s thinking about trade-offs between security and performance or functionality, etc.

• It’s easy to build something functional and performant but totally insecure.
• It’s a little harder to build something that we know is secure, if you’re willing to make big sacrifices in performance or functionality or both.
• What intrigued me, and what we still don’t understand very well is, what does the middle ground look like? Are there intermediate points in the design space that could be useful? This is usually a very hard question to answer.

I have worked largely in Python since about 2005, and it has been amazing for quickly iterating on crazy new ideas. After all, a lot of CS security research is a lot like rapid prototyping. Plus, with matplotlib, Python is also great for making high quality graphs of experimental data.

Since about 2019 or 2020, I have also been working with Swift, and I have to say it’s quickly become one of my favorite languages. It seems to have just the right mix of power, expressiveness, and readability for an old fogey C programmer like me.

I am also using Matrix on my current projects, and I love it too. Matrix is the future of secure, distributed communcation systems. Most people just don’t know it yet.

“The future is already here – it’s just not evenly distributed.” William Gibson

Personal

I grew up in rural west Texas, first in a tiny little town outside of Wichita Falls, then in Amarillo.¹

I lived for 10 years on the East Coast, first 6 years in Baltimore, then 4 years in the Cambridge/Somerville/Boston area. I spent 8 years living on the West Coast in beautiful Portland, Oregon.

Now, due to the coronavirus pandemic, we moved back to Texas to be closer to family during my sabbatical. It’s good to be home.

I am married, with one child and a large goofy dog.

I am a Christian, currently attending a church in the Anglican tradition.