Call him what you may, a security researcher, a hacker, a superhero or just another guy, I think he is one of the cheekiest charismatic guys around and I love it! In our continued series observing hackers who have changed the way we look at cyber security, Charlie Alfred Miller is a definite celebrity.
He has been featured on the Today show, ABC World News Tonight, CNN, NPR, CNBC, New York Times, USA Today, Forbes and much more. He has also won the annual Pwn2Own competition four times and currently even judges it from time to time.
Dr. Miller, I should call him, has a Ph.D. in mathematics and a minor in Philosophy. Combining both these genres of study in his passion to bypass code, his journey towards stardom was rather quick and contagious. He hit the big stage when he began his early years working for the National Security Agency and during this time, Miller had constantly been demonstrating exploits for multiple products which was adding to his hacking profile each day.
His budding credibility saw him receive invites to multiple events around the globe in which he spoke and trained security enthusiasts alike. During this time he also acted as a security consultant to some big names in the business.
One of his early notable achievements was being amongst the first hackers to publicly demonstrate a security exploit on the Apple Macbook Air in the year 2008, back when almost everyone thought that Apple was impenetrable. In the following year, he cracked the safari browser in under 10 secs and also demonstrated an SMS processing vulnerability that allowed for complete compromise of the Apple iPhone and denial-of-service attacks on other phones.
In the year 2011, he found a security loophole in the iPhone and iPad, where an application could contact a remote computer to download new unapproved software that can execute any command to steal personal data or otherwise use iOS applications functions for malicious purposes. This was probably one of the most notorious of issues he detected on any Apple product.
His love for demonstrating Apple exploits didn’t stop there, as a proof of concept, Dr. Miller created an application called ‘Instastock’ that was approved by Apple’s App Store. He then informed Apple about the security loophole which immediately saw him and his App, expelled from the App Store.
Miller has also been seen participating in research on discovering security vulnerabilities with NFC (Near Field Communication) in cellular phones, for which he focused primarily on embedded security. It has also been noticed lately that Miller has been spending a majority of his time in the field of automotive security along with his research partner Chris Valasek.
His research with automobiles led him to demonstrate that with direct access to a vehicle, the physical systems of a Ford and Toyota could be controlled by an attacker. He recently expanded this research to show that these attacks could even be made remotely.
Dr. Miller also demonstrated that a variety of Fiat Chrysler vehicles could be remotely hacked from anywhere in the country, and he could control the radio, brakes, wipers, transmission and even the steering of the target vehicle. The demonstration of these vulnerabilities led to the recall of 1.4 million vehicles which is by far one of his most significant contributions to the cyber security world.
His deep research and expertise with Automobile security led the estimated $62.5 Billion taxi aggregator giant Uber to throw him an offer he just couldn’t refuse. In August 2015, Miller made his move to Uber official and currently works at the Company’s Advanced Technologies Center in Pittsburgh.
Uber envisions automatic self-driven cars that could someday replace its hundreds of thousands of contract drivers. As Uber looks to dive deeper into developing self-driving cars, Miller, and other security researchers are primarily brought here to make the company’s car technology more secure.
In conclusion, Dr. Miller may not be the typical hacker we talk about in our regular blog posts but he is definitely our role model at Appknox and we certainly have some very interesting conversations over lunch about him and his achievements. We learn and continue to learn from his books and lectures and salute Captain America for his influence in our work at Appknox.
Appknox gives you access to a dedicated world-class security team equipped
with the right know-hows and best practices to ensure complete mobile security.