I break/fix computer security, uh, stuff! Currently working for Riscure, a security testing lab. You can trust me (to break stuff).

I also break (and fix!) things in my free time; occasionally I write about that. I collect CVEs and t-shirts.


I am on Twitter and Telegram.

You can e-mail me at (my first name) at zall.org. ((expired) key)

things about me

I'm narcoleptic, so I'm sleepy a lot. Please let me stand when possible.

My native tongue is English; I also speak Dutch. (In fact, I am Dutch.)

(selected) publications/talks

Efficient Reverse Engineering of Automotive Firmware
Alyssa Milburn and Niek Timmers
To be presented at the escar USA conference 2018, Ypsilanti, MI, USA, June 2018
(This work will be presented at Black Hat USA 2018 by Niek Timmers, as part of
There will be Glitches: Extracting and Analyzing Automotive Firmware Efficiently.)

SafeInit: Comprehensive and Practical Mitigation of Uninitialized Read Vulnerabilities
Alyssa Milburn, Cristiano Giuffrida and Herbert Bos
Presented at the 2017 Network and Distributed System Security Symposium (NDSS '17),
San Diego, CA, USA, February 2017

other stuff I like

I enjoy low-level computing, particularly compilers (including working with LLVM/gcc), kernel-level work and embedded platforms.

ScummVM logoI'm fascinated by old computer games. I used to be involved in various open source projects in this vein, in particular ScummVM, GemRB and openc2e, back when I had free time.

I love explaining stuff. I like giving talks! I've also helped teach a bunch of CS bachelor program courses, and been a TA for others.

Reverse engineering is great fun too; as well as taking apart old computer games, I've also applied my skills for analyzing embedded firmware, and for security work.

You, if you read all of that without closing your browser tab. Have a stroopwafel!