Mark Russinovich Explained

Mark Russinovich
Birth Date:22 December 1966
Birth Place:Salamanca, Spain
Occupation:CTO of Microsoft Azure
Employer:Microsoft
Known For:Co-founder of Winternals Software and Sysinternals.com; LiveKd[1]

Mark Eugene Russinovich (born December 22, 1966) is a Spanish-born American software engineer and author who serves as CTO of Microsoft Azure. He was a cofounder of software producers Winternals before Microsoft acquired it in 2006.

Early life and education

Russinovich was born in Salamanca, Spain and was raised in Birmingham, Alabama, United States, until he was 15, when he moved with his family to Pittsburgh, Pennsylvania. His father was a radiologist and his mother was a business administrator of his father's radiology practice in Pittsburgh. Russinovich is of Croatian descent.[2]

He was introduced to computers when his friend's father got an Apple II in the 1970s. He reverse-engineered its ROM program and wrote programs for it. At age 15, he bought himself his first computer, a TI-99/4A. About six months later, his parents bought him an Apple II+ from his local high school when it upgraded the computer labs to Apple IIes. He also wrote magazine articles about Apple II.[3]

In 1989, Russinovich earned his Bachelor of Science degree in computer engineering from Carnegie Mellon University, where he was a member of the Pi Kappa Alpha Beta Sigma chapter. The following year he received a Master of Science degree in computer engineering from Rensselaer Polytechnic Institute. He later returned to Carnegie Mellon, where he received a Ph.D. in computer engineering in 1994[4] with the thesis Application-Transparent Fault Management[5] under the supervision of Zary Segall.

Career

From September 1994 through February 1996, Russinovich was a research associate with the University of Oregon's computer science department. From February through September 1996 he was a developer with NuMega Technologies, where he worked on performance-monitoring software for Windows NT.[6]

In 1996, he and Bryce Cogswell cofounded Winternals Software, where Russinovich served as Chief Software Architect, and the web site sysinternals.com, where Russinovich wrote and published dozens of popular Windows administration and diagnostic utilities including Autoruns, Filemon, Regmon, Process Explorer, TCPView, and RootkitRevealer.

From September 1996 through September 1997, he was a consulting associate at OSR Open Systems Resources, Inc., based in Amherst, New Hampshire. From September 1997 through March 2000, he was a research staff member at IBM's Thomas J. Watson Research Center, researching operating system support for Web server acceleration and serving as an operating systems expert.[6]

Russinovich joined Microsoft in 2006 when it acquired Winternals.

As an author, Russinovich is a regular contributor to TechNet Magazine and Windows IT Pro magazine (previously Windows NT Magazine) on the Architecture of Windows 2000, and was co-author of Inside Windows 2000 (Third Edition). He wrote many tools used by Windows NT and Windows 2000 kernel-mode programmers, and the NTFS file system driver for DOS.

Works

In 1996, Russinovich discovered that altering two values in the Windows Registry of the Workstation edition of Windows NT 4.0 changed the installation so it was recognized as a Windows NT Server and allowed the installation of Microsoft BackOffice products which were licensed only for the Server edition.[7] The registry key values were guarded by a worker thread to detect tampering; later, a program called NT Tune was released to kill the monitor thread and change the values.

Russinovich wrote LiveKD, a utility included with the book Inside Windows 2000. As of 2022, the utility is readily available to download.[8]

In 2005, Russinovich discovered the Sony rootkit in Sony DRM products, whose function was to prevent users from copying their media.[6]

In January 2006, Russinovich discovered a rootkit in Norton SystemWorks by Symantec. Symantec immediately removed the rootkit.[9] [10] [11] He also analyzed the Windows Metafile vulnerability and concluded that it was not a deliberate backdoor.[12] This possibility had been raised—although tentatively—by Steve Gibson after a cursory investigation of the nature of the exploit and its mechanism.[13]

Russinovich's novels Zero Day (foreword by Howard Schmidt)[14] and Trojan Horse (foreword by Kevin Mitnick) were published by Thomas Dunne Books on March 15, 2011 and September 4, 2012, parts of a series of popular techno-thrillers that have attracted praise from industry insiders such as Mikko Hyppönen and Daniel Suarez.[14] [15] A short story, "Operation Desolation",[16] was published just before Trojan Horse and takes place one year after the events of Zero Day. Book 3, Rogue Code: A Novel (Jeff Aiken Series, May 2014) deals with vulnerabilities of the NYSE. It has a foreword by Haim Bodek, author of The Problem of HFT: Collected Writings on High Frequency Trading & Stock Market Structure Reform.[14] [17]

Computer books

Novels

Articles

Videos

External links

Notes and References

  1. Web site: LiveKd - Windows Sysinternals . March 23, 2021 .
  2. Web site: Loš PR u dijaspori – Koje su svjetski poznate osobe podrijetlom Hrvati, a da to niste ni znali . Bad PR in the Diaspora – What are the world famous people of Croatian descent, and that you did not even know . Dnevno.hr . Martinović . Ratko . October 28, 2012 . hr . mdy-all . November 27, 2012 . dead . https://web.archive.org/web/20121030173830/http://www.dnevno.hr/magazin/lifestyle/los_pr_u_dijaspori__koje_su_svjetski_poznate_osobe_podrijetlom_hrvati_a_da_to_niste_ni_znali/1142313.html . October 30, 2012.
  3. Web site: Interview with Mark Russinovich by Microsoft Student Partners . YouTube . April 15, 2012 . live . https://ghostarchive.org/varchive/youtube/20211221/o1DskPD-Ngc . 2021-12-21.
  4. Web site: Mark Russinovich . Making it Big in Software . Making it Big Careers Inc . February 13, 2011 . December 18, 2010 . https://web.archive.org/web/20101218224918/http://makingitbigcareers.com/books/making-it-big-in-software/mark-russinovich/ . dead .
  5. Russinovich . Mark Eugene . Application-transparent fault management . 1994 . .
  6. Web site: Affidavit of Mark Russinovich in Support of Plaintiffs' Motion for Final Approval of Class Action Settlement . United States District Court Southern District of New York . SonySuit.com . April 2, 2005 .
  7. Web site: Differences Between NT Server and Workstation Are Minimal . September 16, 1996 . Andrew Schulman . O'Reilly and Associates . December 4, 2020 . dead . https://web.archive.org/web/20180411082356/http://archive.oreilly.com/pub/a/oreilly/news/differences_nt.html . April 11, 2018.
  8. Web site: LiveKd - Windows Sysinternals . March 23, 2021 .
  9. Web site: Turner . Suzi . Symantec confesses to using rootkit technology . . . January 11, 2006 . November 6, 2012.
  10. Web site: Symantec Norton Protected Recycle Bin Exposure . Security Response . . January 10, 2006 . November 11, 2012 . October 26, 2012 . https://web.archive.org/web/20121026142621/http://securityresponse.symantec.com/avcenter/security/Content/2006.01.10.html . dead .
  11. Web site: Russinovich . Mark . Rootkits in Commercial Software . Mark Russinovich's Blog . . January 16, 2006 . March 13, 2013 . May 13, 2013 . https://web.archive.org/web/20130513071506/http://blogs.technet.com/b/markrussinovich/archive/2006/01/15/rootkits-in-commercial-software.aspx . dead .
  12. Web site: Russinovich . Mark . Inside the WMF Backdoor . Mark Russinovich's Blog . Winternals. January 19, 2006 . March 13, 2013.
  13. Web site: grc.news.feedback newsgroup . Steve Gibson . . January 12, 2006 . mdy-all . Steve Gibson (computer programmer) . November 6, 2007 . dead . https://archive.today/20130221035154/http://12078.net/grcnews/article.php?group=grc.news.feedback&id=60006 . February 21, 2013 . The only conclusion that can reasonably be drawn is that this was a deliberate backdoor put into all of Microsoft's recent editions of Windows..
  14. Book: Zero Day: A Novel . 978-0312612467 . Russinovich . Mark . March 15, 2011 . St. Martin's Press.
  15. Book: Trojan Horse: A Novel . September 4, 2012 . Thomas Dunne Books . November 11, 2012.
  16. Book: Operation Desolation: A Short Story . August 7, 2012 . Thomas Dunne Books . June 1, 2014.
  17. Book: Russinovich, Mark . foreword by Haim Bodek (son of American physicist Arie Bodek) . Rogue Code: A Novel . Jeff Aiken series . 2014 . Thomas Dunne Books . 978-1250035370 . November 29, 2017 . November 24, 2017 . https://web.archive.org/web/20171124095159/http://www.trojanhorsethebook.com/books/rogue-code/ . dead .