HOME
ABOUT
- RESULTS
- differences
- BENEFITS
- HISTORY
- TEAM
- LOCATION
- FACILITIES
- BANKING
- MEMBERSHIPS
- APPROVALS
- LICENCES
- SUPPLIERS
- SPONSORSHIPS
- MEDIA
- PRIVACY
AUCTIONS
SHIPPING
FEES
- TS REWARDS
TOOLS
guides
FAQ
CONTACT
- CONNECT

VEHICLES
BRAND
- JAPANESE CARS
  - DAIHATSU
  - EUNOS
  - FORD
  - HONDA
  - ISUZU
  - LEXUS
  - MAZDA
  - MITSUBISHI
  - MITSUOKA
  - NISSAN
  - SUBARU
  - SUZUKI
  - TOYOTA
- GERMAN CARS
- AMERICAN CARS
- BRITISH CARS
- ITALIAN CARS
- FRENCH CARS
- SWEDISH CARS
- KOREAN CARS
TYPE
- mobility
- VENDING
- instruction
- TAXIS
- AMBULANCES
- FIRE ENGINES
- HEARSES
- LIMOUSINES
- COMMERCIAL
CLASS
FUEL
TRUCKS
minitrucks
- DAIHATSU
- HONDA
- MAZDA
- MITSUBISHI
- NISSAN
- SUBARU
- SUZUKI
- DUMP
- CRANE
- CAMPER
- REFRIGERATED
- 4WD
- NEW
BUSES
MOTORHOMES
- YAHOO!
- RAKUTEN
- DEALER

PARTS
- FREE REPORT
- PARTS CONTAINERS
- PARTS SYSTEMS
- PARTS PROTECTION
- BODY SHELLS
- DISMANTLING
- ONLINE PARTS
- NEW PARTS
- INTERIOR PARTS
- EXTERIOR PARTS
  - BONNETS
  - BUMPERS
  - GRILLES
  - FENDERS
  - DOORS
  - TRUNKS
  - SPOILERS
  - LIGHTS
  - EMBLEMS
  - CAMERAS
- ENGINES
- TRANSMISSIONS
- WHEELS & TYRES
  - WHEELS
  - TYRES
CUTS
PERFORMANCE PARTS
TRUCK PARTS
MOTORBIKE PARTS
- MOTORBIKE ENGINES
- MOTORBIKE ACCESSORIES

MOTORBIKES
MARINE
FORKLIFTS
MACHINERY
AGRICULTURAL
OTHER
COUNTRY
- AUSTRALIA
- CANADA
- KENYA
- MYANMAR
- NEW ZEALAND
- PAKISTAN
- TANZANIA
- UNITED STATES

CARVIEW

MOTORHOMES

Select Language

HTTP/2 200 server: GitHub.com content-type: text/html; charset=utf-8 last-modified: Thu, 20 Jan 2022 18:33:56 GMT access-control-allow-origin: * etag: W/"61e9ab14-3c4f" expires: Wed, 31 Dec 2025 04:12:38 GMT cache-control: max-age=600 content-encoding: gzip x-proxy-cache: MISS x-github-request-id: 0DE5:2F7ECD:ABA0C8:C11087:6954A05D accept-ranges: bytes age: 0 date: Wed, 31 Dec 2025 04:02:38 GMT via: 1.1 varnish x-served-by: cache-bom-vanm7210041-BOM x-cache: MISS x-cache-hits: 0 x-timer: S1767153758.182063,VS0,VE211 vary: Accept-Encoding x-fastly-request-id: 8e058a54e107e723ed07143d53ab061faf57f76a content-length: 4257 Matthew Finifter

Matthew S. Finifter

{my first initial then last name}@figma.com

Background

I received my PhD in Spring 2013 from the Computer Science Division at UC Berkeley, where I was advised by David Wagner. My dissertation is available for your perusal. I used to work at Twitter, and then at Uber. Now I work at Figma.

My research is in computer security, and tends to focus primarily on software security. My research has taken steps toward:

Designing, implementing, and evaluating developer-facing tools intended to aid secure software development.
Preventing and mitigating web application vulnerabilities.
Understanding the unique requirements of mobile application security, and developing security systems accordingly.
Gathering and analyzing datasets in order to better understand existing security systems, tools, and processes.

Please see this visual representation of the topics my research has covered.

Publications

An Empirical Study of Vulnerability Rewards Programs.
Matthew Finifter, Devdatta Akhawe, and David Wagner.
In Proceedings of the 22nd USENIX Security Symposium, August 14-16, 2013.

Slides from Devdatta's talk at USENIX Security 2013
BibTeX entry

An Empirical Study on the Effectiveness of Security Code Review.
Anne Edmundson, Brian Holtkamp, Emanuel Rivera, Matthew Finifter, Adrian Mettler, and David Wagner.
In Proceedings of the International Symposium on Engineering Secure Software and Systems (ESSoS 2013), February 27 - March 1, 2013.

Slides from Annie's talk at ESSoS 2013
BibTeX entry

How to Ask for Permission.
Adrienne Porter Felt, Serge Egelman, Matthew Finifter, Devdatta Akhawe, and David Wagner.
In Proceedings of the 7th USENIX Workshop on Hot Topics in Security (HotSec 2012), August 7, 2012.

Slides from Adrienne's talk at HotSec 2012
BibTeX entry

Jigsaw: Efficient, Low-effort Mashup Isolation.
James Mickens and Matthew Finifter.
In Proceedings of the 3rd USENIX Conference on Web Application Development (WebApps 2012), June 13, 2012.

Slides (including notes) from my talk at WebApps 2012
BibTeX entry

Product Labels for Mobile Application Markets. Short paper.
Devdatta Akhawe and Matthew Finifter.
In Proceedings of the Mobile Security Technologies Workshop (MoST 2012), May 24, 2012.

Slides (including notes) from Devdatta's talk at MoST 2012
BibTeX entry

A Survey of Mobile Malware in the Wild.
Adrienne Porter Felt, Matthew Finifter, Erika Chin, Steve Hanna, and David Wagner.
In Proceedings of the ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM 2011), October 17, 2011.

Slides from Adrienne's talk at SPSM 2011
BibTeX entry

A Systematic Analysis of XSS Sanitization in Web Application Frameworks.
Joel Weinberger, Prateek Saxena, Devdatta Akhawe, Matthew Finifter, Richard Shin and Dawn Song.
In Proceedings of the European Symposium on Research in Computer Security (ESORICS 2011), September 12-14, 2011.

Slides from Joel's talk at ESORICS 2011
BibTeX entry
Technical report

Exploring the Relationship Between Web Application Development Tools and Security.
Matthew Finifter and David Wagner.
In Proceedings of the 2nd USENIX Conference on Web Application Development (WebApps 2011), June 15-16, 2011.

Slides (including notes) from my talk at WebApps 2011
BibTeX entry

Diesel: Applying Privilege Separation to Database Access. Short paper.
A. Porter Felt, Matthew Finifter, Joel Weinberger, and David Wagner.
In Proceedings of the 6th ACM Symposium on Information, Computer, and Communications Security (AsiaCCS 2011), March 22-24, 2011.

Slides and notes from my talk at AsiaCCS 2011
BibTeX entry
Technical report

Preventing Capability Leaks in Secure JavaScript Subsets.
Matthew Finifter, Joel Weinberger, and Adam Barth.
In Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS 2010), February 28-March 3, 2010.

Slides and notes from my talk at NDSS 2010
BibTeX entry
Project web site

Verifiable Functional Purity in Java.
Matthew Finifter, Adrian Mettler, Naveen Sastry, and David Wagner.
In Proceedings of the 15th ACM Conference on Computer and Communication Security (CCS 2008), October 27-31, 2008.

Slides from Adrian's talk at CCS 2008
BibTeX entry
Project web site

Talks

Jigsaw: Efficient, Low-effort Mashup Isolation.
Presented at WebApps 2012 on June 13, 2012.

Slides (including notes)

Exploring the Relationship Between Web Application Development Tools and Security.
Presented at WebApps 2011 on June 15, 2011.

Slides (including notes)

Diesel: Applying Privilege Separation to Database Access.
Presented at AsiaCCS 2011 on March 23, 2011.

Slides
Notes

The Influence of Programming Language and Framework on
Application Security.
Presented at Mini-Metricon 5.5 on February 14, 2011.

Slides
Notes

Preventing Capability Leaks in Secure JavaScript Subsets.
Presented at NDSS on March 3, 2010.

Slides
Notes

Teaching

CS61BL, Data Structures and Programming Methodology. Spring 2011.
- Student evaluations of my teaching
CS161, Computer Security. Spring 2010.
- Student evaluations of my teaching

Coursework

Fall 2010
- INFO 271B. Quantitative Research Methods.
Spring 2010
- CS 263. Design and Analysis of Programming Languages.
- CS 301. Teaching Techniques for Computer Science.
Fall 2009
- INFO 237. Intellectual Property Law for the Information Industries.
- INFO 290. Surveillance, Sousveillance, Coveillance, and Dataveillance.
Spring 2009
- CS 276. Cryptography.
- CS 294-28. Internet/Network Security.
- CS 294-32. Dynamic Program Analysis, Testing, and Debugging.
Fall 2008
- CS 261. Computer Security.
- CS 262A. Advanced Topics in Computer Systems.

HOME
ABOUT
AUCTIONS
SHIPPING
FEES
TOOLS
HOW
FAQ
CONTACT

Original Source | Taken Source