Junade Ali

rdf:langString Junade Ali

rdf:langString Junade Ali

rdf:langString Junade Ali

rdf:langString Junade Ali with Troy Hunt

rdf:langString Cybersecurity research

rdf:langString British

rdf:langString Junade Ali CEng is a British computer scientist known for research in cybersecurity. Ali studied for a Master of Science degree aged 17 and was awarded Chartered Engineer status by 24. He started his research career working on the UK's Motorway Incident Detection and Automatic Signalling network and working on the maximum coverage problem in road traffic sensor placement. Ali later worked for cybersecurity firm Cloudflare as an engineering manager where he worked on developing network diagnostic tooling, a security operations center and safety-engineered natural language processing. In February 2018, Ali created the first Compromised Credential Checking protocol (using k-anonymity and cryptographic hashing) to anonymously verify whether a password was in a data breach without fully disclosing the searched password. This protocol was implemented as a public API and is now consumed by multiple websites and services, including password managers and browser extensions. This approach was later replicated by Google's Password Checkup feature and by Apple iOS. Ali worked with academics at Cornell University to develop new versions of the protocol known as Frequency Smoothing Bucketization (FSB) and Identifier-Based Bucketization (IDB). In March 2020, cryptographic padding was added to the protocol. Ali's research was praised in Canadian cryptographer Carlisle Adams book, Introduction to Privacy Enhancing Technologies. Ali conducts cybersecurity research on North Korea and provides expert commentary to journalists at NK News. In January 2022, Ali told journalists at NK News and Reuters that he had observed North Korea's internet being taken offline in a second major outage that month following a missile test, Ali told journalists that data he collected was consistent with a DDoS attack. South Korean Government officials responded by saying "we are monitoring the situation under coordination with relevant government agencies," without elaborating further. Wired journalist, Andy Greenberg, later confirmed the downtime resulted from an attack and reported that a single American hacker by the pseudonym P4x had shared evidence of his responsibility. Ali currently owns the technology consultancy, Tansume Limited where he consults for cybersecurity firm Risk Ledger and engineering productivity company Haystack Analytics. In July 2021, Ali commissioned a study by Survation for Haystack Analytics which found that 83% of software developers were suffering from burnout. The poll also found 57% of software engineers agreed "to a great extent" or "to a moderate extent" with the phrase "Software reliability at my workplace concerns me". Ali claimed this was "the first time representative opinion polling was used to understand software engineers." During the COVID-19 pandemic, Ali worked on security improvements to the (Google/Apple) Exposure Notification system used to create public health contact tracing apps.