Elias Levy
Encyclopedia
Elias Levy was the moderator of the full disclosure
vulnerability mailing list Bugtraq
from May 14, 1996, until he stepped down on October 15, 2001. He was the CTO and co-founder of the computer security company SecurityFocus, which was acquired by Symantec
on August 6, 2002. He is also known as the author of the article "Smashing The Stack For Fun and Profit", published in 1996 Phrack
magazine issue 49, which was the first high-quality public step-by-step introduction to stack buffer overflow
vulnerabilities and their exploitation.
After the sale of SecurityFocus to Symantec in August 2002, Levy was accused by many of "selling out" and compromising the high principles of the Bugtraq list. The "Full-Disclosure" mailing list was founded in part as a protest to the sale.
Full disclosure
In computer security, full disclosure means to disclose all the details of a security problem which are known. It is a philosophy of security management completely opposed to the idea of security through obscurity...
vulnerability mailing list Bugtraq
Bugtraq
Bugtraq is an electronic mailing list dedicated to issues about computer security. On-topic issues are new discussions about vulnerabilities, vendor security-related announcements, methods of exploitation, and how to fix them...
from May 14, 1996, until he stepped down on October 15, 2001. He was the CTO and co-founder of the computer security company SecurityFocus, which was acquired by Symantec
Symantec
Symantec Corporation is the largest maker of security software for computers. The company is headquartered in Mountain View, California, and is a Fortune 500 company and a member of the S&P 500 stock market index.-History:...
on August 6, 2002. He is also known as the author of the article "Smashing The Stack For Fun and Profit", published in 1996 Phrack
Phrack
Phrack is an ezine written by and for hackers first published November 17, 1985. Described by Fyodor as "the best, and by far the longest running hacker zine," the magazine is open for contributions by anyone who desires to publish remarkable works or express original ideas on the topics of interest...
magazine issue 49, which was the first high-quality public step-by-step introduction to stack buffer overflow
Stack buffer overflow
In software, a stack buffer overflow occurs when a program writes to a memory address on the program's call stack outside of the intended data structure; usually a fixed length buffer....
vulnerabilities and their exploitation.
After the sale of SecurityFocus to Symantec in August 2002, Levy was accused by many of "selling out" and compromising the high principles of the Bugtraq list. The "Full-Disclosure" mailing list was founded in part as a protest to the sale.
External links
- "Smashing The Stack For Fun and Profit" from 'Phrack' magazine
- Hackers, episode of NetCafe including an interview with Aleph One
- Full-Disclosure mailing list
- Network Computing feature about Levy and Bugtraq