About

Who am I?

I’m Adam Caudill, a 35 year-old security consultant, a security researcher, a software developer, father, and atheist. I’m a lover of fine Japanese Katanas, a collector of bayonets and something of a technical elitist.

I started my career in software development, though I’ve always had a passion for security. From the earliest days of my career, it’s been a focus, one that receives far more of my today than it once did. As a result, I eventually shifted away from spending my time writing code, and spent more time on securing code written by others.

Much of my time is spent on breaking software, though I do continue to write code as time allows. I live for challenges, so I tend to stay away from the mundane and focus on things that are a bit more interesting, newer areas that are in need of more help, and more research.

In my youth I spent much of my time on photography, even working for a while as a photojournalist — though my schedule leaves little time for this today. While I still love the art and science of photography, it’s a passion that I’ve had to leave behind. While I’ve had to step away from photography, the time working as a photojournalist had a huge impact on me, and journalism has been a topic I care deeply about since then.

If you want more, take a look at my resume; though it’s a bit dated.

Where to find me…

I’m active on Twitter; it’s one of the best ways to reach me. All the code that I can release is on GitHub, and I try to contribute to other projects as I can. I do have a LinkedIn account, though rarely use it (and deleted it once before).

There’s also 500px, and even a Facebook account – but I never use it.

There are a few ways to contact me, the best are here.

Security Research

While my interest is mainly in communication systems and applied cryptography (I implement, high level designs, I don’t design primitives), I will work on anything that draws my interest.

My work has been cited by many media outlets and publications around the world, from CNN to Wired and countless others.

If you’d like to know more about the research I do, look through my posts; while not everything I’ve published is there, most things are.

I founded the BSides Knoxville conference, and the Underhanded Crypto Contest.

CVEs: CVE-2012-3477, CVE-2012-4673, CVE-2013-4467, CVE-2013-4468, CVE-2013-7382, CVE-2014-2890, CVE-2015-8267, CVE-2016-2346.

OSVDB IDs: 85140, 85141, 92089, 98902, 98903, 98948, 98949, 98904, 102518, 105999, 107394.

Software & Open Source

While I had toyed with writing code (Apple Basic & the like) for years, I hadn’t worked on anything significant until one day when I was 15 I happened on a copy of Visual Basic 5 Deluxe Learning Edition on sale in a book store; being bored and needing something to occupy my time during the summer, I bought it. That single chance event set the course of the rest of my life.

In the years that followed I focused (almost obsessively) on software development, studying C/C++, COBOL, PHP, Ruby, Java, C#, Python, and assembly for various processors. While I believe that it’s best to know many languages, to be truly effective you need to know your main languages very well. Today, most of my time is spent with C#, Ruby, and a little Go.

I’ve always had a passion for the open source world and have contributed to numerous projects. I’ve served as the project maintainer for SWEBS (a simple, lightweight HTTP server), which had team members spread across the globe, making strong communication skills critical. I’ve contributed to bbPress, and various others, plus I maintain a few projects of my own.

Among the applications I’ve released publicly, GSuite (no longer available) was one of my favorites. It was the first major system-tray based alert for Gmail users that they had new mail (plus a few other useful utilities); released long before it was eventually obsoleted by an official application from Google.