Expert technical skills in:

• Operating Systems: Windows 2000/XP/2003, Windows Vista, Linux
• Languages: C, C++, C# 1.0/2.0/3.0, PHP 4/5, XSL
• Data manipulation: XML, DOM, SQL, Excel programming
• Web technologies: XHTML, CSS, JavaScript, AJAX, XML web services
• Databases: MySQL 3/4/5, Microsoft SQL Server 2000/2005, Access
• Administration: Windows and Linux servers, Apache, MySQL, PHP, Plesk servers, SHOUTcast, Drupal
• APIs and protocol implementations: Win32, .NET 1.1/2.0/3.0/3.5/Mono, Office COM, HTTP, FTP, SOAP, WSDL, Vista Gadgets, IRC, SCP, FAT32, NTFS + others
• Audio: Windows Audio, ACM, Winamp API
• Assembly / embedded programming: 6502, 8051, 80x86, ARM, StrongARM
• Underlying theory/design: OS architecture, system/hardware architecture, network protocols, network security, online privacy, distributed computing, artificial intelligence (AI), game design, data recovery, cryptography, audio processing, 3D graphics

Some skills in:

• Languages: Java, Visual Basic, VB.NET, Perl, K
• Application APIs: Windows Forms (primarily in C#), DirectX

Formal qualifications:

• Computer Science MComp (MSc) (1st with Honours)
  - Loughborough University (1998-2003)
• DPS (Diploma in Professional Studies); 1-year work placement
  - Boca Raton, Florida, USA (2000-2001)
• NCFE Series 3 (National Commodity Futures Examination) (90%)
  - NASD/NFA, London, UK (2000)
• A-levels: Mathematics, Further Mathematics, Physics
  - Norwich, UK (1996-1998)
• RAE (Radio Amateurs' Examination) - radio licensing conditions, transmitter interference, operating procedures, practices and theory (electrical engineering, solid-state devices, transmitters, receivers, RF propagation) - City & Guilds 765 parts 1 and 2
  - C&G, Norwich, UK (1994)

Showcase

Deviant Audio

Deviant Audio was Norway's largest electronic music radio network prior to its closure in April 2008.

Although the end-user service of Deviant Audio is to serve music, my work on the station encompassed a wide range of application types and platforms.

My contribution to the final codebase of Deviant Audio was approximately 60,000 lines of C, C++, C#, PHP, JavaScript and XSL.

Subsystems include:

• Network services:
  • bandwidth monitoring
  • XML-based web content templating and delivery
• Finance:
  • secure payment and download of digital products (automated order fulfilment)
  • automated invoicing
  • integration with accounting backend
• Audio:
  • audio server load balancing
  • audio encoding/transcoding and archiving
  • automated broadcast scheduling and delivery
  • integration with 3rd party audio products
• ...and so on

In several cases custom libraries, frameworks or wrappers have been created to facilitate easier development and re-use in future projects.

My work on Deviant Audio has included bug fixes and functionality enhancements to the following open source products:

• PEAR SOAP library (PHP)
• David Giffin's wsdl-writer (PHP)
• GStreamer framework shout2send plugin (C)
• vBulletin forum (PHP)

Pay TV smart card security

I have assisted NDS, the suppliers of pay TV smart cards to BSkyB (UK), DirecTV (US) and Viasat (Europe) in exposing the flaws and increasing the security of their products. My work with NDS contributed to a $35 million redesign of their (now replaced) VideoCrypt pay TV conditional access system. This work involved extensive reverse engineering of Intel 6805, Intel 8051 and Hitachi ST20TP2 assembly code, as well as the creation of a significant C and Intel 80x86 assembler code base. Before being hired by NDS I was the first individual to reverse engineer NDS's first dual core smartcard without the aid of an electron microscope. I was also the first known individual to successfully extract the protected source code from the first SkyDigital (digital TV) set top boxes. I am the only known individual responsible for causing over-the-air countermeasures to be sent to eliminate security holes in NDS's second dual core smartcard.

I have written a book detailing the inner workings of pay TV smart card security and VideoCrypt in particular, and have published several technical papers on subjects such as VideoCrypt, VideoGuard (the system which replaced VideoCrypt and currently used today), EuroCrypt and MPEG2 Transport Streams as used in digital satellite transmissions.

Prior to my work at NDS I lead a 2.5 year project to break 56-bit DES keys used by the EuroCrypt pay TV conditional access system used by most European pay TV channels of the time. The project was a distributed parallel computing system designed to expose the DES algorithm (created by IBM in conjunction with NIST [National Institute of Standards and Technology] and the NSA [National Security Agnecy]), similar in concept to modern parallel computing initiatives such as SETI@home. The work involved managing a team of 9 programmers and 2000 volunteer computers in the creation of an automated client-server system to allocate keyspace to participating machines and report back the results on searched keyspace. The codebase included a C-based server running on RiscOS, several hand-coded 80x86 optimised keysearch implementations tailored to Intel P1, P2 and AMD architectures as well as clients for Windows and UNIX. The project was highly successful and lead to the demise of EuroCrypt as a security protocol.