Interview: Charlie Miller

Charlie Miller has a PhD in mathematics, a CV that includes working at the NSA and is recognized as one of the best hackers in the world. Despite that, his dream to be an astronaut remains just that after NASA ignored his many job applications after grad school. Their loss. The former state champion cyclist now focuses on making autonomous vehicles resistant to cyber-attack.

What’s the best thing about your job?

Securing things that affect people’s physical safety. I’ve been writing computer exploits for over a decade and for the most part, these exploits could typically steal emails or photos or something. Once I wrote an exploit that could control a driving automobile, I realized that things were getting serious. This led me to switch to securing things rather than breaking them. Now I get to put all of my energy into trying to keep people physically safe from hackers, which is pretty cool.

What are you most proud of?

The after-effect of the Jeep hack we presented. It led to a recall of 1.4 million Fiat Chrysler vehicles and due to the changes they made to the way the cars communicate, they are much safer for everyone now.

Who do you really admire in the industry?

I really admired Barnaby Jack. He was the researcher who did the ATM hack and some of the first medical device hacking. He inspired me to work on high-profile targets and really led the way into thinking that lots of interesting things have computers (and vulnerabilities) besides just laptops or phones. If I could create an ‘all-star’ project team to work on a really tough but exciting project, I’d pick my buddy Chris Valasek, Mark Dowd – who is probably the best bug hunter in the world – and Joe Grand, an expert in all things hardware.

If you could change one thing about the information security sector, what would it be?

I’d love to see more women and minorities in the field. I’m not sure how to get there, but it is a goal our sector should push towards.

Tell me about a time when a hack went wrong

There are plenty of projects I’ve started and not been successful with. One that comes to mind is when I tried to hack laptop batteries (which I did) in order to make them catch fire (which I couldn’t do). When I tried hacking a Palm Pre, I wasn’t able to do it, despite later finding out there were some very serious and easy to find vulnerabilities in the product. I regret not learning more. I tend to be project-focused and learn [only] what I need to accomplish my goals. I wish I’d have spent more time learning about topics that I didn’t necessarily need to know right away.


Dr Charlie Miller is a world-class white hat hacker. He was the first to hack both the iPhone and the first Android phone. Charlie won the Pwn2Own computer hacking contest four times. He found a vulnerability that would allow hacking into

1.4 million vehicles. He has worked for many high-tech companies including Twitter and Uber and is currently distinguished engineer, lead of Autonomous Transportation Security at Didi Chuxing.

What’s Hot on Infosecurity Magazine?