Charlie Miller, one of the more respected and accomplished security researchers in the industry, is leaving Twitter’s security team after three years.
Miller said on Monday that he is leaving the company at the end of this week and that he plans to announce his new job next week. Miller joined Twitter in 2012, shortly after Moxie Marlinspike, another prolific researcher, had moved to the company after his startup, Whisper Systems, was acquired by Twitter. Marlinspike left Twitter in 2013.
These days Miller is best known for his work on vehicle security research with Chris Valasek of IOActive. The pair has done several different research projects on car security, most recently a year-long look at security vulnerabilities in the UConnect system in some Fiat Chrysler vehicles. That project produced some interesting results, namely a demo that showed Miller and Valasek’s ability to exploit a bug in the system to eventually disable the transmission and take other actions on a moving vehicle remotely.
That eventually led to Chrysler issuing a patch and later recalling millions of vehicles affected by the vulnerability.
Twitter is quiet about its internal operations, especially when it comes to security, and Miller never spoke much publicly about what he worked on at the company. But in the time he was there, Twitter enabled two-step verification and made a number of other upgrades to the security of its services. Now, Miller is leaving the company for parts unknown.
“After 3 years I’m stepping down from protecting the tweets, effective Friday. Good times, great coworkers, time to move on. Be free, tweets!” Miller said in a tweet Monday evening.
Before joining Twitter, Miller spent several years as a security researcher and consultant with Accuvant and Independent Security Evaluators. He was the first researcher to discover a serious code execution vulnerability in the iPhone and has found a number of serious flaws in OS X over the years.