Hi there! My name is Matt Suiche, currently serving as the Director of Incident Response R&D at Magnet Forensics (MAGT:TO). Our organization is passionately dedicated to justice and protecting the innocent, a mission we embarked on more intensely after the 2022 acquisition of my cybersecurity start-up, Comae Technologies.
My life-long fascination with learning and understanding complex systems first led me to cybersecurity. My teenage years were spent immersed in reverse engineering, which ignited a profound curiosity about technology that continues to this day. I’ve since explored various fields including operating systems architecture, programming languages, virtualization, modern web application development, and generative art. Furthermore, I’ve delved into numerous domains such as privacy, surveillance, forensics, blockchain, and community development among others.
Earlier this month, I reached out to my friend Valentina and told her I wanted to learn about macOS/iOS exploitation, so she recommended taking a look at the CVE-2021-30860 vulnerability, also known as FORCEDENTRY, and the prior work her friend Jeffrey Hofmann posted on Twitter.
One year ago, Google Project Zero published an analysis of the NSO iMessage-based zero-click exploit caught in-the-wild by Citizen Lab and was dubbed as “one of the most technically sophisticated exploits we’ve ever seen” by the Google Project Zero team.
POC is one of the top conference in Asia and has been running since 2006, and today I’ve had the opportunity to give the opening keynote (Slides) for POC 2022 conference in Seoul, Korea where I discussed our favorite memory safe language: Rust - thanks again to the organizers for the invitation.
I chose to discuss Rust from a software engineering and application security point of view. The main points were:
This year marks 5 year since I gave my first blockchain/web3 related presentation at DEFCON 25 when I presented Porosity which was an experimental decompiler and static analysis tool for Ethereum Virtual Machine bytecode, but also mentioned on why we should keep an eye on WebAssembly Virtual Machines back when eWASM was being drafted and an option for Ethereum as a replacement for EVM itself.
Since then, new layer 1 blockchains have emerged such as Solana (eBPF-variant), and NEAR & Polkadot (WebAssembly) as part of a new wave of architectures relying on the LLVM compiler and ELF file formats, instead of reinventing the wheel like the Ethereum Virtual Machine and Solidity programming language.
