William Ahern - Résumé Contact Information: William Ahern 14525 SW Millikan Way #30823 Beaverton, OR 97005 Phone: 415-608-5833 Email: william@25thandClement.com URL: http://www.25thandClement.com/~william/projects/ Unix: Administration: Sendmail, PostgreSQL, Apache, MySQL, UW-IMAP, Samba, BIND (v4, v8, v9), GNU/Linux, OpenBSD. Programming: C, Perl, Lua, Java, M4, Sed, Awk, ANSI SQL, Unix Shell (Korn, Z-Shell, Bash). Interfaces/Tools: BSD Sockets, POSIX Threading, IPC, SysV IPC, OpenSSL, GNU Autotools, CVS, SVN, Git, C Standards/Libraries (C89/90, C99, POSIX/SUSv3, SysV, BSD, GNU). WWW: Programming: XSL, PHP, ColdFusion, JavaScript. Presentation: XML, RDF 1.0, RSS 1.0/2.0, XHTML 1.0/2.0, CSS 1.0/2.0. Internet Architecture: Protocols: IPv6, IPSec, HTTP, RTSP, SSL/TLS, XMPP, SMTP, LDAP. Methodologies: X.509 Certificate Management, P2P (Distributed vs. Federated; Distributed hash tables), Principles of Cryptography (RSA vs. DH; Secrecy vs. Authentication vs. Authorization). A/V Streaming Codecs & Formats: Flash FLV, ICY Shoutcast, ISO 14496 (MPEG-4 Base File, ADTS, LATM, etc), Mobile Networks (iPhone HTTP, OEM RTSP, AMR v. MP3 v. AAC, H.263 v. H.264, etc). Publications: dns.c. William Ahern. http://www.25thandClement.com/~william/projects/dns.c.html. A recursive, reentrant, non-blocking DNS resolver library in a single .c file. mod_auth_bsd. William Ahern. http://www.25thandClement.com/~william/projects/bsdauth.html. Apache 1.x authentication module using BSD Authentication framework. Air Control (airctl). William Ahern. http://www.25thandClement.com/~william/projects/airctl.html. Unix command-line utility to control Apple's Airport base station. The Airport base station uses an SNMP-like control format over UDP. AnonNet. William Ahern. http://www.authnet.org/anonnet/. A fully distributed, P2P anonymizing network. Awarded grant from the Linux Fund. PostgreSQL. PostgreSQL Project. http://www.postgresql.org/. Contributed OpenBSD getpeereid(2) support for passwordless authentication over Unix domain sockets. GNU ADNS. Ian Jackson. http://www.chiark.greenend.org.uk/~ian/adns/. Contributed DNS SRV (RFC 2782) record query support to the GNU ADNS asynchronous DNS resolver library. c-ares. MIT, Daniel Stenberg, et al. http://daniel.haxx.se/projects/c-ares/. Contributed bug patches, feature enhancements to this asynchronous DNS resolver. OpenSSH. Damien Miller, et al. http://25thandClement.com/~william/projects/streamlocal.html. Implemented Unix domain socket forwarding for OpenSSH. Required extensive changes at all levels of the code, including SECSH protocol handling. Employment History: Co-Founder / VP Engineer xor CTO / Senior Engineer RemoTV, Inc. September2007-July2009 Designed and engineered back-end transport and transcoding systems. RemoTV allowed users to stream multimedia directly from their personal computer to any internet connected device--cellphones (including OEM handsets, not just smart phones, but including Blackberry and iPhone), gaming consoles, etc--without requiring separate software installation. Protocols, formats, and codecs were altered on-the-fly to suit the requesting device. $1.3 million in funding prior to closure due to 2008 Recession. Projects: * Portway: Secure multimedia VPN between central servers and desktop-server. Works through NAT firewalls, allowing desktops to serve locally stored or generated audio/video. Automatic routing updates through DNS-based topology registry, and utilizing X.509 ECC certificate authentication. Fully distributed design; no single point of failure, nor intervention required when servers go offline. * RTSP Relay: Reverse RTSP proxy. Normalize RTSP communications, and transcode HTTP streaming formats and codecs (iPhone AAC, Flash FLV MP3) from RTSP source content. Senior Engineer Barracuda Networks March2004-July2007 Senior software engineer and architect. Responsible for design, construction and maintenance of various systems level components. Projects: * Microsoft Exchange Accelerator: Links Barracuda Spam Firewall with Active Directory/LDAP organization database by lightweight, event based, caching interconnect daemon. Seamlessly supports both LDAP and SMTP (fallback) recipient verification. * Barracuda::Bayes: Constructed Bayesian statistical analysis component including a custom, fault-tolerant and self-healing embedded database for token storage, international script/character set (I18N) word boundary parsing, and Markov chaining. * Barracuda SMTP Daemon: Independently constructed lightweight, high performance, filtering, event based SMTP (E-mail) server. Supports single-pass streaming filtering, encompassing all of RFC821/2821 communication, RFC822/2822 parsing, MIME decomposition, Unicodification and attachment decoding. Filtering modules can be written in C, Perl or Lua as loadable modules. Filtering policy implemented through execution of a declarative policy script. Automated code generation produces over 80% of the intermediate C source code, reducing bugs, development time, and increasing the the ratio of source which can be statically analyzed. * Support Infrastructure: Built and maintained a highly secure environment through which technical support personnel remotely access tens of thousands of Barracuda appliances around the world. This involved constructing a robust, multi-layered authentication and authorization infrastructure within Barracuda's network and accompanying support included within each appliance. * Spearheaded refactoring of build infrastructure towards a non-recursive Make paradigm. Allows for defining a complete directed acyclic graph of project dependencies across the entire source tree (comprising millions of lines of code). This provides invaluable insight for both engineering and product management. Contracted Consultant JINSA August2002-December2003 Changes and additions to the JINSA Online content management system. Technical consultation as issues arose. Projects: * Created new JINSA store. All data kept in central XML repository, using XSLT templates for presentation. Real-time USPS shipping rate quotes using their XML web services interface. * Related article document-vectoring engine. Worked closely with the original author of the Text::Document Perl module to increase the document parsing and scoring speed. Batch processing of JINSA's document set went from hours to minutes. * Integrated site administrator authentication with the underlying system authentication framework. The project mostly consisted of writing mod_auth_bsd, which links Apache's HTTP Basic Authentication functionality with the BSD Authentication framework (similar to PAM) employed in OpenBSD and BSDi Unix. * Refactored various backend elements to generate XML for metadata storage and content presentation. Rewrote custom PHP XML processors to utilize XSLT templates. Home page, Recent news and side bars generated from XML using XSLT. These features tied into the custom CMS, and so re-transformed with change or addition of new content, not simply on each page view. * Automatic RSS feed generation from XML site content using XSLT. * Automatic weekly e-mail digests advertising new site content to members. Associate Consultant AG Consulting October2000-June2002 Worked for the e-Solutions group within AG. We developed self-service web-based solutions primarily atop clients' ADP Enterprise/Horizon and PeopleSoft HRMS/ERP systems. Projects: * Stewart Enterprises: Web based self service timesheet application integrated with their ADP Enterprise HRMS. Utilized Coldfusion and JavaScript with an MS SQL database. The front-end to this application heavily relied on DHTML to reduce client-server round trips, as the end-users were on 14.4- and 28.8- baud modems (and IIS did not support on-the-fly HTTP compression). Bandwidth could be maximally used for sending data and not presentation code. This methodology is now commonly called AJAX, following the advent of Google Maps. * Kinetics Group: Constructed web self-service interface into ADP EV2 installation using ADP's Java WYSIWYG EBuilder for the EV2 Java servlet web component. * Financial Portal: Created a portal for AG Consulting project managers and executives to track project revenues and account receivables. Data fed from ADP Corporate headquarters' Oracle Projects system. Portal centered around Crystal Reports presentations, with several batch processes run on MS SQL and Oracle. Achievements: * Published in an industry magazine with an article describing issues around Internet security and single-signon (SSO). Described the relationships between privacy, authentication and authorization and how those properties are effected across different web service schemes. Software Engineer Mailshell.com May2000-October2000 Online e-mail service which provides a web based client mail interface to filter out SPAM. The service linked to existing POP3 or IMAP accounts, or used pseudo-anonymous proxy e-mail addresses managed by Mailshell. Projects: * Developed web-proxy interface which allowed users to easily utilize Mailshell's anti-spam services when browsing. PHP, Perl. * Developed an indexing search engine for the mailing-list directory. PHP, Perl. * IMAP client-interface tied into the Mailshell anti-spam facilities. Manager of Information Systems JINSA March1998-May2000 Projects: * Developed JINSA Online (www.jinsa.org), including custom session support (pre-PHP Sessions), integration of seamless real-time credit card transactions, and web based document/article administration. Home page and Recent News content kept in XML, transformed using custom PHP processors (pre-XSL). Utilized PHP and Perl on top of Linux, Apache and MySQL solutions. Heavy integration of JavaScript GUI tool-kit (DynAPI2) into site navigation menus. * Mailing list management, web site traffic analysis, and on-line multimedia content distribution. Multimedia management included porting of Apple's Quicktime Streaming Server to Linux servers. * Developed service solutions and custom applications for staff members (i.e. Web Calendar, Database conversions). * WWW, File and Database server (MS Access, Sybase ASE) maintenance. Firewall and router configuration. Office PC (Win9x/NT/Mac) and LAN maintenance. Helpdesk Support The George Washington University September1997-August1998 Assisted students with computer laboratory issues. Handled university student computing services accounts; i.e. Unix account registration, e-mail issues, etc. Achievements: * Discovered intruder on main student unix server (GWIS2), alerting administrators and leading to a complete overhaul of security management within GW's Information Services group. Education: Bachelor of Arts in International Affairs, August 1997-May 2000. Conference of degree pending completion of foreign language proficiency examination. The George Washington University The first year of college was attended full-time at the University of West Florida, concurrent with highschool (1996-1997).