George V. Neville-Neil

Experience

Neville-Neil Consulting San Francisco, California     August 2001 - Present

Own and operate a consulting company specializing in security as well as building networking and systems software. Services include contract software development, security evaluations, code spelunking and teaching. Please contact me for a list of current projects.

Yahoo Inc. Sunnyvale, California    August 2004 - Present

Member of the Paranoids group which oversees all aspects of application security at Yahoo. Developed and delivered the Paranoid University, a set of more than 10 hours of classes covering security and fail safe programming. The Paranoid University has now been delivered by myself and others at all Yahoo development centers, worldwide. Responsible for system and code review of internal products to make sure that they meet appropriate security standards. Built code spelunking and code scanning tools that find security holes in various types of source code. Working on an open source network protocol conformance test suite, Packet Construction Set as well as the Packet Debugger

Nominum Inc. Redwood City, California     May 2002 - August 2004

Developing a high performance DHCP server for use in large commercial installations. Working on all aspects of the system from low level packet interfaces to integration of scripting languages for use by customers. Integrated first language, Python, for the latest release.

Wind River Systems      Alameda, California     July 1999 - November 2001

Brought on as a Senior Member of Technical Staff for Networking. Member of the Network Architecture Council which studied infra-structural issues in current networking products, prototyped solutions, and communicated these to project teams. Led a team implementing a BSD derived TCP/IP stack that can support Virtual Private Routed Networks so that multiple TCP/IP stacks can run on the same system simultaneously. Delivered to select customers in 2000. Full release in 2002. Designed new additions to routing sockets improving the set of messages for routing applications. Worked with the VxWorks AE team on issues related to networking components.Performed technical due diligence on all networking related corporate acquisitions.

Siara Systems Inc.     Mountain View, California     March 1999 - June 1999

Worked on designing and implementing a mechanism for hot failover of a TCP/IP stack. Researched creating a TCP/IP stack that could handle VPNs in a Virtual Routed environment. Worked with other engineers on identifying features that would have to be added to support a SONET capable router.

Wind River Systems     Alameda, California     

     January 1998 - February 1999

Promoted to manager of the Core Network Technologies group. In this capacity I was responsible for the maintenance update to the TCP/IP Network stack and associated software. Delivered the SENS 1.1 release of the networking software. Managed a group of 7 engineers who worked on various networking projects (TCP/IP, SNMP, performance analysis, and general maintenance). Recruited, and hired four of the seven members of the team. Wrote performance appraisals and performed other general management functions. Evaluated outside companies for possible acquisition.

     December 1995 - January 1998

Designed and implemented the Enhanced Network Device specification. END divorces protocols from drivers and gives a uniform interface for all protocols to networking device drivers. Wrote interface between VxWorks TCP/IP and END subsystem. Wrote a complete test protocol for END drivers. Ported routed(1) (RFC 1058) to VxWorks and added RIPv2 (RFC 1723) functionality.

Publications

• ``Kode Vicious'', Monthly Column in ACM Queue October 2004 to Present.
• ``Security, Safety, and the Deployment of IPv6'', ACM SIGCOMM IPv6 Workshop, Kyoto, Japan, August 2007
• ``Securing IPv6 on FreeBSD'', BSDCan 2007, Ottawa Canada, May 2007
• ``The Design and Implementation of the FreeBSD Operating System'', co-author, Addison-Wesley, 2004
• ``Code Spelunking: Exploring Cavernous Code Bases'', published in ACM Queue, September 2003
• ``Programming Without a Net'', published in ACM Queue, April 2003
• ``SoC: Software, Hardware, Nightmare, Bliss'', (co-author), published in ACM Queue, April 2003
• ``Evolving the BSD 4.4 Network Interface Framework,'' published in Communication Design Engineering Conference 1997, March 1997
• ``No-Copy TCP/IP for Embedded Communication Applications,'' published in Communication Design Engineering Conference 1997, March 1997.
• ``User Controllable Network Configuration In VxWorks,'' published in Proceedings of the VxWorks Users Group Meeting, November 1995.
• ``Issues in the Design of Continuous Media Systems,'' Pegasus Project Technical Report~94--1.
• ``Current Efforts in Client/Server Audio,'' published in The X Resource,Fall 1993.
• ``BUENA: A protocol for Digital Audio,'' published in Summary Report, Communications Work Package, Pegasus Project, September 1993.

Presentations and Teaching History

• Becoming Paranoid for the Cambridge Security Seminar. 24 October 2006. Cambridge University, Cambridge, UK.
• Paranoid University Asia 2006 Tour. 8 Locations in Asia (Mumbai and Bangalore, India; Sydney, Australia; Singapore; Taipei Taiwan, Seoul, Korea; Beijing, China; Hong Kong)
• Paranoid University Europe 2005 Tour. 5 Locations (London, England; Paris and Grenoble, France; Munich and Hamburg, Germany)
• Paranoid University Asia 2005 Tour. 7 Locations (Bangalore, India; Sydney, Australia; Singapore; Taipei Taiwan, Seoul, Korea; Beijing, China; Hong Kong)
• Paranoid University. Yahoo Asia Developers Conference. Fall 2004.
• Deploying and Debugging DHCP. One day tutorial at LISA 2003.
• Deploying and Debugging DHCP. One day tutorial at APRICOT 2003.
• Socket Programming. One day tutorial at Usenix 2002

Professional Activities

• Member of the ACM Queue Magazine Advisory Board. Technical editor for Embedded Systems issue, April 2003
• Core Member of the FreeBSD Project elected 2006.
• Security Team Member of the FreeBSD Project
• Committer to the FreeBSD Project working on IPv6 and IPSec.
• Member of Usenix Association 1990 to present.
• Member of ACM 1993 to present.
• Member of IEEE 2001 to present.

Education

San Francisco State University     San Francisco, California

Partial progress to MSc in Computer Science.

Northeastern University     Boston, Massachusetts

Bachelor of Sciences in Computer Science, 1990.

Languages

C, Python, PHP, C++, and many others

Systems

Unix (all flavors); Various Embedded Systems, TCP/IP Internals.