Resume for Ben Cottrell 1. Contact information Email: tamino@wolfhut.org Phone: 408-616-8832 USPS: Ben Cottrell 547 W Washington Ave. Sunnyvale, CA 94086 2. Experience Nominum Inc. -- November 2006 - current Senior Software Engineer o With another senior engineer, designed a language that all of Nominum's products now use to express in abstract form all of their configurable parameters, documentation associ- ated with each parameter, and the data type of the parame- ter. Data types may be arbitrarily nested, e.g. a stub entry might contain a list of nameserver declarations, and a name- server declaration might be defined as a tuple consisting of a DNS name and a list of nameserver addresses, each of which is an IPv4 or IPv6 address literal. Implemented a library (in C) that allows easy tree-like traversal and manipulation of descriptions written in this language. o Was one of the principal developers of Nominum's Engine Administration Console product, which uses this language to present an HTML-based interface for configuring and adminis- tering Nominum products. One advantage of this design is that the version of the administration console need not be synchronized with the version of the products being adminis- tered; if a product is upgraded, or if a plugin is installed into it which adds configuration options, the next time the administration console connects to it, it will download the description of all available commands and configuration, and will present the new options with no upgrade required to the administration console. This project was written in Python. o Worked intensively over a period of weeks to solve stubborn stability and deadlocking issues in EAC. This required a large amount of C-level debugging, even though EAC itself is written in Python. This resulted in submitting http://bugs.python.org/issue3710 and http://tinyurl.com/6db687 (the latter being a PySQLite mail- ing list post), as well as finding and fixing several other issues traceable to Nominum code. o Worked on Nominum's Centris product, which is an extension to the Nominum Authoritative Name Server (ANS) which sched- ules periodic downloads (by rsync or HTTP) of zone data instead of using standard IXFR and AXFR mechanisms. This project was written in a mix of C and Python. IronPort Systems Inc -- June 2003 - November 2006 (IronPort was acquired by Cisco Systems in June 2007) Software Engineer o Implemented features and fixed bugs in IronPort's Mail Gate- way Appliance line of products. The work was done in Python using cooperative multithreading (similar to that of Stack- less Python). This involved less overhead than pre-emptive multithreading, but required engineers to maintain a high level of awareness of exactly how their code would be run, and what assumptions about scheduling they could and could not make. o Worked on the IronPort Anti-Spam product. Designed and implemented tools for increasing the spam catch rate. This included a tool which could run a set of spam rules against hundreds of thousands of sample messages four times faster (in some cases up to ten times faster) than the tool previ- ously in use. It also included tools for heuristically grouping spams into categories (with no programmed-in knowl- edge of what the categories were) and for reading in large numbers of sample spams and sample legitimate email and automatically searching for patterns with high predictive power for whether messages are spam. For the latter two especially, the code was designed to be easily extensible even by junior engineers. o Implemented large amounts of the LDAP client code, including load balancing and failover between different LDAP servers. Designed and implemented a system for generating, emailing, archiving, and viewing system reports on a periodic basis in a variety of formats. For example, a report could be gener- ated and immediately emailed in text format; but that same report would be later retrievable in machine-readable XML, or any other supported format. o Worked as part of a small team which brought the centralized management feature (clusters of appliances sharing configu- ration data, automatically resynchronizing after network failures, and making administration commands network trans- parent) to maturity. For the majority of this time I was the primary person fixing bugs, analyzing failures on customer networks, and increasing stability. Performed root cause analysis on distributed lock contention issues and unpre- dictable failures that occurred as the cluster sizes grew larger. o Starting with requirements documents from marketing, wrote detailed engineering specifications, some of which I imple- mented, and some of which were implemented by other engi- neers. Mail Abuse Prevention System (MAPS) LLC -- January 2003 - June 2003 Software Developer o Took care of the engineering part of adding a new DNSBL (named Open Proxy Stopper) to the MAPS product line. o Designed and implemented (in perl) a scalable, extensible tool for running dozens of security tests on hundreds of IP addresses simultaneously using nonblocking I/O. At first the tool was used by MAPS staff members; then it was incorpo- rated into the back end of the Open Proxy Stopper code. o Sped up incoming nomination processing by a factor of 4 on the production Relay Spam Stopper systems and by a factor of 12 on the new Open Proxy Stopper systems. I achieved this both by making incremental changes where I saw opportuni- ties, and by writing drop-in replacements in perl for some of the existing Bourne shell scripts (bug-for-bug compatible with the Bourne shell code). Nominum Inc. -- December 2000 - January 2003 Software Engineer o Added features and fixed bugs in Nominum's DHCP server prod- uct, DCS. I designed and implemented the processing of options in DHCP packets. The options code allowed the administrator to create their own data types by combining together primitives. This project was written in C and was single-threaded, making extensive use of callbacks to store information about what should be done next after I/O com- pleted or the next packet from a given client was received. o Worked on Nominum's Global Name Service DNS hosting (GNS). I added features to the web-based GUI (written in PHP), and the back end (written in perl). o Worked on the Nominum Identity Director project, which pro- duced a prototype of a DNS and DHCP appliance providing a centralized management interface to control DNS and DHCP at thousands of remote sites. I designed and implemented its system configuration subsystem. o Assisted with QA, including writing automated test cases to verify RFC conformance. Stockmaster.com / Red Herring Magazine -- June 1999 - December 2000 Software Engineer o Starting from a prototype, designed and implemented a system for receiving real-time stock trading data, aggregating price information on a minute-by-minute basis, and saving it to disk files to be used by the company's web site. This project was written in C and C++, with a nightly processing program written in perl that aggregated older data into pro- gressively coarser-grained time buckets. o Tracked down a memory corruption bug in Apache/mod_perl, and submitted a patch to the project. o Maintained legacy systems while new ones were designed and implemented. Realize Communications -- December 1997 - June 1999 (Realize was acquired by Stockmaster in June 1999 -- see above) Software Engineer o Worked as the lead programmer on the Realize web site, which provided web-based message boards to users on the Internet. This included writing custom code to monitor the health of individual web servers and load-balance requests among the ones that were healthy. The code was in C and C++ and ran on both Windows and Solaris. o Added the ability to do incremental writes, with journaling, to the in-house-developed database code. After my changes, doing a write to the database caused the on-disk hash table and free block list to be updated. Also added replication. o Set up FreeBSD to be the mail server and DNS server for the company. 3. Skills o Good at writing solid, fast Python and C. o Experience with UNIX system calls and the standard library, including TCP/IP, sockets, Berkeley db, forking and execing process, signal handling, mmap, etc. o Experience using profiling tools such as gprof, and acting on the results. o Experience with both single-threaded and multi-threaded program- ming. For example, I am equally comfortable writing a select loop, or using blocking I/O in multiple threads. o Experience at the implementation level with various protocols, including DNS, DHCP, HTTP, SMTP, and SSH. o Some experience with perl and Bourne shell. o Familiar with UNIX-as-a-philosophy; writing small sharp tools that work well together. 4. References Marshall Kirk McKusick, coauthor, The Design And Implementation of The 4.4BSD Operating System Ted Lemon, author, Internet Software Consortium DHCP server; coauthor, The DHCP Handbook 5. Education Ending in spring 1997 Computer science major at the University of California at Berke- ley. Although I did not complete the BS program, I completed all required courses in the major.