Curriculum Vitae

General information

Salvatore Sanfilippo, 7 March 1977, Agrigento, Sicily, Italy


email: antirez (at) gmail (dot) com


  • High school: Liceo Scientifico "A.Sciacia", Canicatti' (AG)
  • University: Three years of courses in Palermo University of Architecture (of building and cities, not computers). I never completed it and started writing programs instead.

Current activity

I'm the founder of Merzia s.r.l. together with Fabio Pitrola. In winter 2005/2006 Merzia developed two web 2.0 applications (Segnalo and OKNOtizie) resulting in a deal with Matrix s.p.a. (a company fully controlled by Telecom Italia s.p.a).

We are now developing a new web service for the international market focused on giving users a new way to explore web site statistics in real time, for more information please visit LLOOGG.

Employment History

  • 2001-2005 Freelance software developer
  • 2001 Embedded software developer for Innominate AG, working from home
  • 2000 Developer and security expert for LinuxCare Italia, working from home
  • 1998/1999 Security expert and security tools developer for SECLAB (Intesis security division), Milan
  • Pre-1999 System administrator and programmer for Alicom s.r.l.
  • 1999-2006 Articles writer for Italian IT magazines

Free Software


Security research

I invented the Idle Scan, a novel technique for indirect port scanning, now implemented in the Nmap port scanner. The vulnerability was fixed in many TCP/IP stacks of modern operating systems including Linux and *BSD.

Programming languages research

Tcl TIPs: Details about the Jim Interpreter extensions to the Tcl language can be found at
  • Sugar, a macro system for Tcl
  • Apathy is an implementation of the Joy programming language written in Tcl with the addition of FORTH-like locals preserving Joy's theoretical features.

Main computer science skills

Programming: I'm good at writing code in C and some very high level programming language such as Tcl and Scheme. I also used the following languages for fun and/or work: Ruby, PHP, Python, SmallTalk, FORTH, C++, Joy. I've some experience with i386 and PPC assembly.

Kernel hacking:I wrote some device drivers in the past, for work or just to support my own hardware. I also have some experience with changes to the Linux TCP/IP stack (I needed it in order to experiment with TCP/IP security). I wrote a Linux VFS module in order to mount my USB digicam as a Linux file system.

Update 12 October 2006: As a quick and dirty hack I added the monitor mode to the Linux driver of my wifi card, source code and a README at

Languages development: I have worked with the Tcl internals and studied the implementations of programming languages like Ruby and Python. I have experiences implementing very high level programming languages, stack-based virtual machines, automatic memory management using reference counting and garbage collection.

Networking: Working in the security field and implementing hping I developed experience with the TCP/IP protocol. I also implemented at server and/or client level the following protocols: DNS, POP3, IMAP, DHCP, LMTP, SMTP, and a number of other protocols.

Security and Cryptography: Secure programming, security auditing of source code, networking protocols auditing and design for security. Block ciphers and stream ciphers, pseudo random number generators, cryptography uses in networking protocols, web security.

PIC programming: I have developed software for the microchip PIC family in assembler and using C and structured BASIC compilers. I've some very basic electronic understanding.

Evolutionary computation: I studied genetic algorithms and genetic programming and experimented with this ideas using a stack-based approach.

Artificial intelligence: I've some experience with back propagating neural networks, including NN-based image compression and implementation of a neural network engine based on resilient back propagation using the C language.

Web development: I use a lot Ajax and Javascript in my company, Merzia. Also I have designed web interfaces and database systems for high performance web applications.

Databases: SQL, MySQL C API, SQLit, Barkley DB.

Human Languages

I write and read English fluently. I speak in an intermediate way but I'm not very good at understanding fast spoken English.
Pagina creata il Monday, 06 November 06 | stampa
Do you like this article?
Subscribe to the RSS feed of this blog or use the newsletter service in order to receive a notification every time there is something of new to read here.

Note: you'll not see this box again if you are a usual reader.


comments closed