Christien Rioux

"DilDog" redirects here. For Dilbert's dog, see Dogbert.

Christien Rioux
Residence	U.S.
Citizenship	American
Fields	Computer science
Institutions	L0pht @stake Symantec Veracode
Alma mater	Massachusetts Institute of Technology
Known for	Security

Christien Rioux, also known by his handle DilDog^[1], is the co-founder and chief scientist for the Burlington, Massachusetts based company Veracode, for which he is the main patent holder.^[2]

Educated at MIT, Rioux was a computer security research at L0pht Heavy Industries and then at the company @Stake (later bought by Symantec).^[1] While at @stake he looked for security weaknesses in software and led the development of Smart Risk Analyzer (SRA).^[3] He co-authored the best-selling Windows password auditing tool @stake LC (L0phtCrack) and the AntiSniff network intrusion detection system.^[4]

He is also a member^[5] of Cult of the Dead Cow^[6] and its Ninja Strike Force. Formerly, he was a member of L0pht^[7][8] and subsequent employee of @stake and Symantec, where he was responsible for many security advisories.

DilDog is best known as the author of the original code for Back Orifice 2000,^[6][9][10] an open source remote administration tool. He is also well known as the author of "The Tao of Windows Buffer Overflow."^[11][12]

Security advisories

Significant security advisories that Rioux authored or coauthored include:

• "Advisory: Microsoft Internet Explorer 4.0(1) Suite". 1998-01-14. http://www.securityfocus.com/advisories/598. Retrieved 2011-04-05. 
• "L0pht Security Advisory: Microsoft Windows NT 4.0". February 18, 1999. http://www.textfiles.com/hacking/MICROSOFT/lopht.txt. Retrieved April 19, 2007. 
• "Advisory: PamSlam". January 4, 2000. http://www.securityfocus.com/advisories/2023. Retrieved 2011-04-05. 
• "Advisory: Microsoft Office 2000 UA Control Scripting". 2000-05-12. http://www.securityfocus.com/advisories/2214. Retrieved 2011-04-05. 
• "Advisory: Windows Still Image Privilege Elevation". 2000-09-07. http://www.securityfocus.com/advisories/2606. Retrieved 2011-04-05. 
• "Advisory: NTLM Replaying via Windows 2000 Telnet Client". 2000-09-14. http://www.securityfocus.com/advisories/2636. Retrieved 2011-04-05. 
• "Microsoft Windows 2000 Network DDE Escalated Privileges Vulnerability". 2001-02-05. http://www.securityfocus.com/bid/2341. Retrieved 2011-04-05. 

Patents

Rioux is the inventor of the following patents:

• US 7051322  Software Analysis Framework
• US 7752609  Software Analysis Framework

References

1. ^ ^{a b} "L0pht in Transition". April 2007. http://www.csoonline.com/read/040107/fea_lopht.html. Retrieved May 3, 2007. 
2. ^ Fitzgerald, Michael (2007-04-22). "PROTOTYPE; To Find the Danger, This Software Poses as the Bad Guys". The New York Times. http://query.nytimes.com/gst/fullpage.html?res=9402E3DC163EF931A15757C0A9619C8B63. Retrieved 2008-10-28. 
3. ^ "Veracode: Christien Rioux". http://www.veracode.com/about/christien-rioux.html. Retrieved 2009-10-22. 
4. ^ "Christien Rioux, Co-Founder and Chief Scientist". 2006-12-21. http://www.veracode.com/blog/christien-rioux-co-founder-and-chief-scientist/. Retrieved 2008-10-28. 
5. ^ "Cult of the Dead Cow: Team Bios". http://www.cultdeadcow.com/cms/team_bios.php3. Retrieved 2011-04-05. 
6. ^ ^{a b} Messmer, Ellen (July 21, 1999). "Bad Rap for Back Orifice 2000?". CNN Online. http://www.cnn.com/TECH/computing/9907/21/badrap.idg/. 
7. ^ Bauer, Mick (September 1, 2002). "Q&A with Chris Wysopal (Weld Pond)". Linux Journal. http://www.linuxjournal.com/article/6126. 
8. ^ Security Scene Errata
9. ^ Messmer, Ellen, "Hacker group Cult of the Dead Cow tries to convince world its Back Orifice tool is legit," Network World, July 14, 1999. Retrieved April 17, 2007.
10. ^ cDc communications. "Back Orifice 2000 Press Release." CULT OF THE DEAD COW Press Release, July 10, 1999. Retrieved April 17, 2007.
11. ^ Dildog, "The Tao of Windows Buffer Overflow," CULT OF THE DEAD COW issue #351, May 1, 1998. Retrieved April 17, 2007.
12. ^ Park, Yong-Joon and Gyungho Lee, "Repairing return address stack for buffer overflow protection," Proceedings of the 1st conference on Computing frontiers, ACM, 2004. Retrieved April 17, 2007.

Persondata
Name	Rioux, Christien
Alternative names
Short description
Date of birth
Place of birth
Date of death
Place of death