I enjoy working on various cyber-security topics. I’ve done offensive and defensive research on web applications, network protocols, embedded systems, radio-frequency control systems, industrial robots, cars, and mobile devices.
I’m as a Senior Security Engineer at Amazon Web Services (AWS), in a team focused on platform security.
After more than 10 years, I concluded that I’m still around in the infosec area because it gives me so many opportunities to solve new exciting problems every day.
PhD in Computer Engineering, 2010
Politecnico di Milano
MSc in Computer Engineering, 2007
Politecnico di Milano
Despite this little beast known as COVID-19 pandemic is about to turn 1 year old, many people still feel strange when wearing masks. While wearing a face mask we can’t speak properly and we can’t see others’ mouth, so our experience of a conversation can change, especially if speaking is central in our lives (think of any public figure). Wearing a face mask impacts how we perceive others’ emotions as well as our emotions (how we feel). Because our own understanding of our emotions can also influence such emotions in a continuous feedback loop, the effect can go beyond how we feel in that particular moment.
Reading long texts has always been a daunting task to me. A rocky mountain I seldom find myself brave enough to start climbing (unless forced to). I’ve never had good reading habits, except for a few, very intriguing novels with a powerful storyline, which I could actually read quite fast. But most of the readings I wish I could get done quickly are damn hard. In the era of book-summarizing services like Blinkist, audiobooks, and “CEO reading guides,” where people invest time and money to compress time and read more, my limited reading abilities are an actual obstacle to my knowledge development. How did I change that? I don’t know if I did, but here is what I found by experimenting on myself.
How do we secure a smart manufacturing system, or a smart factory? Recent incidents such as the ransomware infection that halted production at a major semiconductor foundry in 2018 have already shown the impact of IT-to-OT lateral movement. Moreover, while smart manufacturing systems are isolated from other networks, there is a trend toward less isolation between IT and OT systems.
After having analyzed the several RF protocols for industrial applications, distributed by global vendors, we discovered that none of them had sufficient security features to prevent an attacker from hijacking the communication and manoeuvre the controlled connected machines.
Also check my LinkedIn profile.
The best way to contact me is via e-mail. Guess what the address might be? I usually answer within 1 day. If that doesn’t happen, feel free to ping me via instant messaging, Slack, Discord, and sometimes on IRC, where I go by “phretor”.
If you need to communicate with my privately, use my
Keybase
GPG public key (fingerprint: C42B 0CC7 6191 5B69 2C68 E88F 9693 4CDE C0BB EBCF
1F80 C968 F718 D6A1 BC7B 30EA BA2E DAFB 4F24 86BC
). If you prefer
modern alternatives, yes, I use
Signal (and you should, too), and
Twitter.