Crispin Cowan, the Linux security expert behind StackGard, the Immunix Linux distro and AppArmor, has joined the Windows security team.
In a blog post last week, Microsoft's Michael Howard, author of Writing Secure Code, wrote:
For those of you who don’t know Crispin, Crispin is responsible for a number of very well respected Linux-based security technologies such as StackGuard, the Immunix Linux distro, SubDomain and AppArmor. I’ve known Crispin for many years, and have nothing but the utmost respect for the guy. He’s well published, wicked smart, a non-zealot and brutally pragmatic. In my opinion, AppArmor is shining example of his pragmatism, it’s simple and it works. What excites me the most is he’ll bring a different perspective to the Windows team, and I’m a big believer in stirring the pot!
Cowan, CTO and co-founder of Immunix, will certainly be able to stir the pot--his home page still sports the Linux penguin in the URL.
Howard adds that Crispin will join the team that worked on User Account Control. Given the criticism that UAC (most popular UAC posts on ZDNet) has received hopefully Crispin can inject a little more pragmatism into the effort.
On his home page, Cowan outlines his stellar resume. He describes his research interest as the following:
My research interests are in pragmatic systems research: giving systems new capabilities and performance, and doing it well enough that you can read mail on it. My personal workstation runs my research systems.
For the last four years, my primary interest has been survivability : how to make existing systems better able to survive security attacks. With the invaluable help of my team, we have produced the Immunix OS version of Linux, featuring the StackGuard C compiler which emits programs resistant to buffer overflow attacks.
Prior to that, I did work in system specialization for performance, distributed programming languages, and computer architecture. I am interested in enhancing performance in all of these areas by using concurrency and parallelism.
Simply put, Microsoft notched a big security win by landing Cowan. Let's see where things go from here.