Feross Aboukhadijeh Resume

Education

Stanford University

MS, Computer Science (Computer and Network Security) 2018 - 2020
BS, Computer Science (Systems) 2008 - 2012

Companies

Speakeasy — Founder & CEO 2020 - present

A place for communities and friends.

PeerCDN — Founder & CEO Mar 2013 - Dec 2013

Acquired by Yahoo in December 2013.
Next-generation CDN powered by WebRTC for efficient peer-to-peer content delivery.
Funded by Mozilla Ignite, Lightspeed Ventures, and StartX.

Study Notes — Founder 2007 - present code

Offers study tools and college prep to high school students.
Reaches 800,000+ U.S. students each month.
Students spend 3,300+ hours studying on Study Notes each day.

Current Projects

BitMidi — Author & Maintainer 2018 - present code

Listen to MIDI files, curated by volunteers around the world.
Supports in-browser playback using a WebAssembly MIDI player.
Reaches 150,000 users per month.

WebTorrent Desktop — Author & Maintainer 2016 - present code

Lightweight, fast torrent app for Mac, Windows, and Linux.
Supports instant streaming – no need to wait for download.
Installed 30,000 times per month.

WebTorrent — Author & Maintainer 2013 - present code

The first torrent client that works in the browser.
Connects website users together to form a distributed, decentralized browser-to-browser network for efficient file transfer.
BitTorrent over WebRTC for in-browser peer-to-peer transport.
See the WebTorrent FAQ to learn more.
JavaScript library is loaded 60 million times per month.

Standard JS — Author & Maintainer 2015 - present code

JavaScript style guide, with linter, & automatic code fixer.
The easiest way to enforce consistent style in JavaScript projects.
Installed 4.3 million times per month.

Many Open Source Projects — Author & Maintainer 2013 - present code

I maintain 100+ open source packages which are downloaded 500+ million times per month, according to npm statistics
Code is freely accessible on GitHub and funded by supporters
I offer support contracts for companies and teams

Consulting

Enya — Independent Consultant Dec 2019 - present

Consult on security, privacy, and peer-to-peer networking issues.

Brave Software — Independent Consultant Dec 2016 - present

Integrated my WebTorrent open source library into Brave Browser.
Provide ongoing support for WebTorrent issues.

Jobs

Stanford University — Lecturer Fall 2019

Created a brand-new course CS 253: Web Security.
Principles of web security, attacks and countermeasures, the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-origin policy, cross site scripting, authentication, JavaScript security, emerging threats, defense-in-depth, and techniques for writing secure code. Course projects include writing security exploits, defending insecure web apps, and implementing emerging web standards.

JS Party Podcast — Panelist Mar 2018 - present

A community celebration of JavaScript and the web.

Stanford University — Teaching Assistant Fall 2018 - Winter 2020

Taught for 4 quarter to students in CS 110: Principles of Computer Systems.
Held office hours, graded assignments, and ran interactive labs.

Node.js Foundation — Board of Directors Jan 2016 - Jan 2017

Why I ran for the Node.js Board of Directors
I represented community members' interests on the board.

Yahoo — Software Engineer Dec 2013 - Feb 2015

Sold my company PeerCDN to Yahoo in December 2013
Built fast, mobile-first HTML5 video player

Stanford University — Teaching Assistant Winter 2012

Taught for 1 quarter in CS107: Computer Organization and Systems.
Held office hours, graded assignments, and ran interactive labs.

Quora — Software Engineer Intern Summer 2011

Developed and launched the embedded video feature.
Ported lots of Python code to Scala code.

Facebook — Software Engineer Intern Summer 2010

Developed and launched Facebook Groups to 500 million Facebook users, on a team of only 5 engineers in 4 months.
Facebook Groups offers users a shared space to share stuff, chat, and keep in touch with small groups of friends.
Implemented new HTML email design, incoming email handler, and member management UI.

Stanford University — Section Leader Winter 2009 - Fall 2011

Taught for 6 quarters in the CS 106A: Programming Methodology and CS 106B: Programming Abstractions courses.
Led weekly discussion section on class material to complement professor's lecture, graded assignments, and tutored students.
Part of the CS 198: Teaching Computer Science program.

Intel — Web Developer & Videographer Summer 2007 & Summer 2008

Worked at Intel in high school, for two summers
Built an internal video portal to improve manager-employee communication (major Intel IT initiative)
Built web app to help engineers quickly create customer support tickets from large error report database
Redesigned internal IT website to improve usability

Discontinued Projects

Play 2017 code

Music videos with insider song facts.

Instant.fm 2011 code tech stack

Create and share music playlists with your friends.
Built in 3 months, with friend Jake Becker, as Stanford senior project.

YouTube Instant 2010 code

1,000,000 visitors within 10 days of launch, and personal job offer from YouTube CEO Chad Hurley. [Read more]
Featured in New York Magazine, Washington Post, NY Times, San Francisco Chronicle, Mashable, Engadget, TechCrunch, Fast Company, All Things D, VentureBeat, LifeHacker, PC Magazine, etc. [Read more]
Built in 3 hours using YouTube API and JavaScript.

iBoard 2010 unreleased

iBoard was a multi-user drawing app that let people from anywhere in the world draw together in real-time.

FreeTheFlash Entertainment 2004 - 2006

Built when I was 14.
3,000,000 page views and 600,000 unique visitors in 2006.
Featured 100s of user-submitted Flash animations, games, soundboards, audio, and videos.

Research

FillDisk.js — Proof of Concept Dec 2013 code

Demonstrated an attack that allows any website to have unlimited storage space on a visitor's computer.
Works in Chrome, Firefox 3.5+, Safari 4+, IE 8+.

Using the HTML5 Fullscreen API for Phishing Attacks — Proof of Concept Oct 2012 code

Demonstrated a phishing attack that can be performed with the W3C JavaScript fullscreen API.
Emulates user's current browser, OS, and screen size to convince them they are on trusted HTTPS site.

WireSheep — Original Tool Nov 2011 code

News Feed of activity on your local network
WireSheep lets you sniff packets on an open WiFi network. Instead of just stealing login cookies, like FireSheep, it lets you see traffic in realtime, like Wireshark. WireSheep shows you each user on the network and all the HTTP requests they're making.
Built with teammates John Heisey, Nikil Viswanathan, and Daniel Posch.

CMSploit — Original Research Nov 2011 code

Nearly 1% of websites built with a CMS (like WordPress or Joomla) are unknowingly exposing their DB password.
Temp files created by text editors may still linger after editing is finished, exposing the configuration file and database credentials to attackers.
I wrote a program to test for the prevalence of this issue across the whole web. I tested the top 200,000 websites and found that 0.77% of websites running a CMS have publicly-visible config files and DB passwords.

Adobe Flash Remote Webcam Exploit — Original Research Oct 2011 code

I discovered a vulnerability in Adobe Flash that allows any website to turn on your webcam and microphone without your knowledge or consent to spy on you.
It uses user interface redressing (clickjacking) to trick the user into doing a series of four clicks which remotely enables their webcam.
The exploit was covered on CNET, Wired.com, The Register, Ars Technica, Gizmodo, PC World, Yahoo! News, ZDNet, The Inquirer, and Computer World.

Automatic Retargeting of Webpage Content — Stanford Computer Science — Human-Computer Interaction Lab Summer 2009

We built an application for casual web designers to explore possible designs for their website.
The designer selects a site they like and they can apply it's page layout and styles to their own site.

Organizations

StartX — Innovator in Residence Sep 2012 - 2014

Stanford's startup accelerator program.

Stanford Association for Computing Machinery — President 2008 - 2012

President for 3 years, grew club to 700+ members. Built club website.
Planned 100+ campus-wide events, including faculty events, LAN parties, and tech talks.

High School Website Team — Lead Programmer 2006 – 2008

Built and maintained school website.
Fixed teachers' hardware and software problems for 5 hours / week.

High School Key Club — Webmaster & "Techie" 2005 – 2008

Helped coordinate volunteer service events for 200+ club members and produced movies/slideshows of the events.
Built club website (offline but mirrored; I'm keeping the site alive because of all the good memories I had in the club)

Sites I Built

I started designing websites at age 13, when I first learned HTML. Since then, I've built lots of sites, mostly for myself, but a few for organizations that I like:

AMENDS 2012

Stanford student initiative to help promising youth in the Middle East and United States to learn from each other, through TED style talks, and share their ideas and experiences with the world.

Hunger and Homelessness Auction 2010 - 2011 site offline

In 2010, we used this site to run the Stanford Charity Auction.
In 2011, we re-purposed it to run the Stanford Hunger and Homelessness Auction.
Items were donated by Stanford students, faculty, and local businesses, and auctioned off with all proceeds donated to the Stanford Opportunity Center.