Michael Cardell Widerkrantz, Malmö, Sweden.
mc [at] hack.org
See my work page if you want to hire me.
Some highlights as bullets under each employer.
Tillitis (Nov 2022--)
Member of the technical staff. Applied researcher and programmer working with creating new security hardware and its related software: emulator, firmware, device programs, and host programs. Supports hardware development.
Continuation of parts of the research team at Mullvad VPN.
Mullvad VPN (Nov 2021--Nov 2022)
Member of the Trustworthy Computing Research team which was then spun off as Tillitis.
Netnod (Dec 2015–Nov 2021)
Mostly a software developer at an Internet infrastructure company owned by a non-profit foundation. Team leader of developers (at the time four employees + 3-5 consultants) until R&D department formed, then senior software developer mostly working on the DNS product.
Netnod provides operator neutral Internet exchange services, runs anycast DNS services, including one of the DNS root servers and some ccTLDs. Netnod also runs time sources on behalf of the Swedish Post and Telecom Authority (PTS).
I was mostly part of helping build several different anycast DNS solutions, doing some security work, and helped bring the Network Time Security protocol forward.
Work was mostly in Go (golang), some Python, occassionally C. Ansible, Docker and Kubernetes for the more devops stuff.
Helping design and writing a new DNS service, including customer-facing API and a whole new automatic, scalable and self-healing provisioning chain. Python and Go (golang). February--December 2015, then hired by my customer (Netnod).
Wrote market data parsers, orderbook handling, fast order logging and resending. Created an extremely low-latency IPC system from scratch. All for an high-frequency trading system in C on Linux.
Wrote a proof-of-concept of
(BTNS), IPsec with anonymous keys (RFC 5386, RFC 5387) in C for
Added dynamic loading of IPsec keys and IPsec authentication with DNS keys to ipsec-tools (racoon and racoonctl) in C and Perl on FreeBSD.
Wrote, then updated the radns RDNSS client to RFC 6106 in C on FreeBSD and Linux.
System administration and network tuning for several video heavy websites running FreeBSD/Apache/nginx.
Devops work @ SLU University Library (January 2014–February 2015)
Migrating from ad hoc servers to servers under automatic control of Ansible devops tools, setting up monitoring/alarm systems, and a lot of other things mostly to do with the three open access archives.
Release engineering of in-house software, mostly in Perl on top of EPrints.
Stickybit (March 2008–November 2008)
Wrote an IPv6 Router Advertisment client for the RDNSS option. See the radns project.
In a team effort, helped fix a Firefox bug (C++) where TCP connections for Motion JPEG streams didn't close after use.
Designed the beginning of a DNS administration system.
Internal Linux system administration.
Axis Communications (September 2005–March 2008)
In a small team I helped design and develop a very large scale home security camera deployment system (possibly hundreds of thousands of simultaneous cameras) later named Axis Video Hosting System (AVHS).
Wrote a combined multiplexor and proxy for RTSP and RTP from scratch in C for use in AVHS.
Helped with chip verification of new video chip.
Helped move functionality from device driver to userland for new video chip. C on Linux on ARM.
Helped maintain JTAG debugging tools for CRIS and ARM.
Wrote a web-based realtime sniffer in C for MJPEG streams. The sniffer acted as a web server and listed all current MJPEG streams it could see on the network as links. Click on one and you're viewing the stream.
Work was mostly in C, Perl, Bourne Shell, awk, et cetera, all on Linux, on workstations, servers and embedded systems using CRIS and ARM architectures.
Business Security (February 2004–September 2005). Now Advenica.
In a small team I helped design and develop a military grade VPN concentrator with hardware encryption and red/black separation. The product, the first generation known in the Swedish military as KryApp 920, was evaluated to Common Criteria EAL4+ level.
I worked mostly on network protocols, network behaviour, the logging system, and an emulation and test platform, so we could start doing software development long before any hardware prototype was available. I also assisted hardware designers with hand-crafted network packets, among other things.
Please note: I'm not a cryptographer.
C, Perl, Bourne Shell, awk, m4. Linux on servers (x86) and embedded (ARM).
Internal Linux system administration of the developer servers and the lab machines.
Self-employed Software Developer (2002–2004)
Added access control lists to the INN News Server (in C) and wrote a Perl module for INN administation for the Swedish Asssociation of the Deafblind. Helped integrate the Perl-based WebNews web-based NNTP client with the system.
Did a series of courses on computer networking and computer security for post-secondary education in the Linköping municipality.
CodeFactory (May 2001–December 2001)
Senior Consultant in software development and free and open source softare. C on Linux and *BSD on x86. Helped customers with development tools and version control.
The company went bankrupt.
Bredbandsbolaget (May 2000–April 2001)
Wrote a TIBCO Rendezvous to LDAP gateway in C on Solaris.
Wrote an IP spoofing syslog server with filtering support in C for Solaris for use with Cisco Info Center.
Together with two other programmers I helped maintain a DHCP/BGP/DNS system developed inhouse from scratch in C on Linux.
Many small software development tasks.
As an effect of the IT crash the company downsized and almost all technical staff, including me, had to quit.
Relogic (November 1999–May 2000)
I helped develop an electronic payment system.
Internal Linux system administration.
Company went bankrupt.
Swedish Institute of Computer Science (May 1999–November 1999)
Developed network simulation and measurement tools in C under Linux (x86 and SPARC), FreeBSD (x86) and Solaris (SPARC).
Long-range commuting (> 400 km one way) made me look for other work.
Signum Support (September 1996–May 1999)
In a team of two built a customised Linux distribution and developed automatic installation tools, and device drivers in C for Micronic Mydata's placement robots.
In a small team I helped design and develop the Fuego Firewall (now sold by Ingate) in Python and C on embedded Linux.
Together with a colleague I wrote a web-based time reporting system using Python and PostgreSQL for use at Ericsson Saab Avionics.
Helped manage internal and external Unix systems, mostly Solaris and Linux.
Ported many C programs to Linux and other Unix systems for customers.
Took turns to be the developer support hotline for free software, mostly on the GNU toolchain.
IIS medicinsk informatik (January 1996–September 1996)
Wrote a screen scraper in Perl to interface with an aging X-ray booking system running on a Diab DS90 under D-NIX.
Did a pre-study on the feasibility of a PC-based MRI watching station, interfacing with General Electric and Siemens MRI systems.
Wrote a proxy in C under HP-UX to a national address database to lookup postal addresses for hospital patients.
Installed and managed the internal mail system using UUCP, POP and IMAP on GNU/Linux.
Bull, Telco Solutions (February 1995–January 1996)
The department is now its own company, Teligent Telecom.
Managed the internal network and the AIX and D-NIX machines used for software development. Windows PCs was not under my jurisdiction but most developers either had X terminals or dual booted their Windows PCs to Linux or Plan 9 and spent almost all their time there.
Wrote a statistical aggregator in C on AIX for operator telephone switches.
Participated in a larger team developing a carrier-scale voice mailbox (supporting thousands of simultaneous users) mostly written in C++ on AIX. My work was mostly on packaging, installation and scripts. I was also third-line support for installation sites.
Single-handedly built, and developed tools to be able to create, a professionally used firewall from a little used Diab DS-90/3x with D-NIX.
Ported many C programs to AIX and D-NIX for use by our developers.
Bromangymasiet Secondary School (1991)
While in school I was asked to write a locked-down terminal emulator with modem autodial for use in the school library. I used Turbo Pascal 4.0 under MS-DOS.
Linköping University (September 1991–February 1995)
Courses in Linguistics, Literature, History. BA thesis Computers, Storytelling and World Creation: The Reader as Writer in Multi-Participant Interactive Fiction, October 1994.
Some of my professional interests: Creative programming, operating systems and systems software, network protocol design and implementation, end-to-end principle, opportunistic encryption, retro-computing, minimalist user interface design.
Last updated: <2022-11-21 21:54:08 MET>