BACK TO LIST

Carl Livitt

Principal Researcher

Carl Livitt is a Principal Researcher at Bishop Fox. He has decades of experience in mobile and application security, hardware and embedded devices, reverse engineering, and global-scale penetration testing.

Carl is credited with the discovery of many vulnerabilities within both commercial and open-source software. He was brought in as a third-party expert to lead the team that confirmed several security issues with St. Jude Medical implantable devices. His work eventually led to an official communication from the FDA.

Carl has served as a contributing author to Hacking Exposed Web Applications 3rd Edition as well as a technical advisor for Network Security Assessment 1st Edition. He has been interviewed on NPR and quoted in publications including USA Today and eWeek. Carl co-authored the iOS reverse engineering framework iSpy, which was featured at Black Hat USA’s Tools Arsenal. In 2016, he appeared as a guest speaker on the topic of “Responding to Cybersecurity Risks” at The Association of Corporate Counsel’s Annual Compliance and Risk Management Forum.

The Latest From Carl

Industry Blog
On Apple, Encryption, and Privacy: A Word About Decryption
Mar 31, 2016 10:00:12 AM | By Carl Livitt
In February 2016, Apple announced that it would fight the FBI’s court order to break the encryption of the iPhone of one of the San Bernardino... continue reading
Industry Blog
On Apple, Encryption, and Privacy
Mar 1, 2016 7:50:15 PM | By Joe Demesy Carl Livitt,
In the wake of news that Apple plans to oppose a federal court order to assist the Justice Department in decrypting data stored on an iPhone... continue reading
Tech Blog
Rethinking & Repackaging iOS Apps: Part 2
May 4, 2015 12:38:30 PM | By Carl Livitt
In the first part of our series, we looked at how to modify an iOS application binary by inserting load commands to inject custom dynamic... continue reading
Tech Blog
Rethinking & Repackaging iOS Apps: Part 1
Feb 23, 2015 4:11:47 PM | By Carl Livitt
In October 2014, Jonathan Zdziarksi (“JZ”) wrote a blog post about a little-known feature of the iOS app ecosystem: it’s possible to patch App... continue reading
Industry Blog
Guide to Hardening Your Firefox Browser in OS X
May 22, 2013 2:41:14 PM | By Carl Livitt
Your Mac systems and software might be safe – until they connect to the Internet. Here are some tips for Firefox hardening in OS X. While many... continue reading
Tech Blog
SSL Key Generation Weaknesses
Mar 8, 2012 1:23:27 AM | By Carl Livitt
Whether the problem is influenced more by Moore's Law or by Murphy's Law, history tells us that every so often there is a publicly disclosed key... continue reading
Advisories
Oracle WebLogic Node Manager allows arbitrary configuration via UNC path
Oct 12, 2010 1:24:10 AM | By Carl Livitt
Patch Date January 18, 2011Oracle - Critical Patch Update for January 2011 continue reading