Craig W. Shaver   http://www.MyIttyBitty.Com/ Sunnyvale, CA 650-390-0654

Technical Skills:

·         Perl, C, C++, C#, Java, Smalltalk  

·         Apache, mod_perl, XML, SSL

·         Oracle, MySQL, Informix, Sybase, SQL Server 2000, JDBC, DBI

·         White box API test automation, formal code inspection

·         Linux, Solaris, FreeBSD, Windows

·         Systems level UNIX C programming, drivers, sockets, IPC, security admin

·         Scripting, Perl, sh, sed, etc...

Cisco Systems, Inc.
03/05 – present, Test Engineer, Network Anti-Spam Solution.

·         Worked with a small team in Tech Center to develop a messaging security appliance. The device was to have AV, AS, and Compliance (Sarb/Ox, HIPPA, URL) components. Also worked on a parallel project to get IETF RFC approval for DKIM Signatures (RFC 4871).

·         Built up multiple Linux based test boxes in our lab. Added memory and disk to test boxes and built a database of spam and viruses. Worked with dev to build a multi-threaded, rate limiting, mail performance tool. Developed extensive tests to measure performance, false positives, and false negatives. Did a detailed analysis and comparison of ProofPoint, IronPort, Barracuda, and Vontu.

·         The team came up with a project to provide our IT email group with an anti-phishing appliance based on a modified DKIM implementation. Deployed multiple load balanced servers and a management workstation. Developed DKIM tests for performance and adherence to the specification. Used Perl to build a test harness that sent test mail to lab servers, popped the mail from a smart host, and evaluated the test results automatically.

·         Currently working on a Skype to Enterprise gateway. VoIM, VoIP, CCM, CUPS, CUPC.

Microsoft Corporation
07/03 – 10/04,
Software Dev. Engineer/Test on the Microsoft Anti-Spam team. Perl, C/C++, C#, VS.NET, SQL Server 2000.

·         Worked with developers and product manager to provide QA input for Hotmail WIMS2.4 Spam Filter requirements. Created test plan, and test cases. Put in the time necessary to automate and thoroughly exercise each test case. Used Microsoft tools to measure code coverage. Met with Hotmail personnel to exchange information on current test processes and future plans. Set up Hotmail accounts for spam tracking.

·         Took initiative in building an AS Perl automated solution to testing and deployment of new features and updated spam token/score data sets. Data sets were periodically produced using a machine learning (SVM) application and recent data from the hotmail/msn spam feedback database. Included threshold SCL settings and FP/FN curve generation. This tool provides faster data set drops for Hotmail.

·         Proactive investigation of the feedback loop process, feedback data, the training process, and training database. Provided assistance and leadership for problem resolution. Extensive and detailed trace of production Hotmail training and data replication to isolate problems with corrupted training feature data.

·         Researched the use of managed C++ as an API wrapper for the CRSDK API and HIP API test harness. Wrote managed C++ classes to wrap each unmanaged API call. Enabled the rest of the team to write test cases and test utilities in C# quickly and easily.

·         PrID crypto research. Performance testing for challenge response API. SVM vs Maxent training, chaff, URL, and IP feature sets. Developed experiments for IP forwarding, problem IP owners, non-standard MIME encoding, message size, and UNICODE usage.

·         Internal MSTE training for SQL Server 2000 administration, Windows debugging tools and methods, SDLC and QA methodology.

Productivity Group, Inc.,  
12/90 – 07/03, consulting and contract programming

·         Multiple projects at INVESTools. Perl, C, MySQL, Sybase, Linux, FreeBSD, Solaris, Apache, and SMTP.

o    Built a mod_perl based authentication and authorization system using tickets and a MySQL back end.

Security audits for Linux based server farm. Clean room installs, system configuration, and builds for up to date secure applications. Installation of intrusion detection software to monitor access, trojans, and root kits. Recommendations for security oriented policy and procedure.

Implemented a Perl bulk mail solution for customer's newsletter alerts. Added capability to upload pdf and word documents and have them attached to outgoing mass mailings. Used HTTP file upload, low level SMTP, and MIME encoding.

Developed a stock market news email alert system. Used Perl, LWP, HTML Parser to build a tool to download specific news pages from the Telescan Comtex server based on security ticker symbols. Parsed the HTML pages to extract specific headers and text. Formatted the information and sent it to each user interested in that ticker symbol.

Developed code to produce dynamic HTML pages and forms from templates. Used Perl and Sybase/Sybperl on FreeBSD and Solaris UNIX platforms. This code allowed the internal content developers to produce reusable templates and style sheets that incorporated database records, newsletter data, stock quotes, hotline data, and other specialized information.


o    Coded NSAPI modules to do direct authorization of user logins to the INVESTools site. Implemented automated mail and fax services for portfolio trigger alerts. Programmed a system to assist content managers in uploading newsletters and hotlines, and sending them out in a mass mailing to special subscriber lists. Used Perl to build the low level SMTP sendmail interface.

Wrote code that employed cookies and a backend database to validate subscriptions of users. Multiple warning levels were used for subscriptions that would end within a certain period and that were past due.

·         Ten Square.  Customer/Advertiser tools for advertising configuration, management, content, and target customer feedback reporting. Java Servlets, WebLogic, Oracle, PL/SQL, JDBC, XML, SAX, DOM. Perl DBI and DBD. Wrote Java code for advertising and coupon content management. Used Perl/DBI/SAX to load daily XML based customer tracking logs into the backend Oracle database.

·         GEOCAST. Business systems and applications for a digital tv broadcast. Port Perl/mod_perl to Java servlets, EJB model, JDBC and Oracle on a Weblogic server.

·         E-lingo. Online, real time language translation systems. Helped the company SSL enable all their web services for  complete end-to-end secure translations. Built new versions of the Apache web server with DSO modules for mod_ssl and their custom translator backend interface. Modify C/C++/Perl/Java client side API libraries to use Open_SSL libraries. Built customer certificate server.

·         InfoSeek/Go Network/Walt Disney Internet Group. Principal Engineer for software development on the Go Translator Product. Apache, Perl/mod_perl, and Solaris. The Go Translator was a profitable stand alone service in the InfoSeek/Go portal. It used Apache with mod_perl on a Solaris UNIX 3 tier load balanced platform to provide fast dynamic translations of HTML pages.

o    Did load testing and performance evaluation of the existing hardware and software. Made recommendations for additional equipment and for revisions to the network architecture, worked with NOC to fine tune the Resonate load balancing configuration.

Used the Object Oriented features of Perl Modules to build the internal code so that is was extensible and easy to add new functionality. Reworked the software and presentation architecture to use templates to remove perl code from the pages, which allowed for simultaneous separate development by designers, HTML page writers, and programmers. Added significant new features to parse and rewrite HTML from translated pages.

Added SSL interface libraries to allow translation of secure pages. Designed, managed, and implemented localization of the Go Translator site. Worked with wireless to include a version of Go Translator on internet phones and Palms. Did research and a complete evaluation for a port to Java, JSP, and Servlets.

·         Freeloader division of Individual Inc. Server software team. C++, Oracle, Solaris. Proprietary client/server “push” service.

o    Participated in all phases of server design and worked with the client side programmers to define the client to server protocol. Wrote and integrated NSAPI shared lib modules into the threaded Enterprise web server to handle the Freeloader client requests. Formatted and passed the requests to the back end Oracle database, retrieved the results, and then used HTTP 1.1 to send the data (or acknowledgment) to the client.

The server side was designed to use several content acquisition and web server front ends networked to a single Oracle back end database. Server software consisted of content management, advertising management, tracking information management, story formatting, multimedia scene publishing, a stock quote feed, system administration, the web server front ends, and the Oracle database used to maintain information on the entire system.


o    The client product was a proprietary application that allowed the user to select information based on topics instead of channels. The client used HTTP 1.1 to wrap the client requests and send them to the web server. Client requests included registration, authorization (cookies and dbms), profile updates, catalog download, ad downloads, scene downloads, tracking data uploads, stock quotes, and topic based story downloads.

·         Subcontractor on a project to implement a prototype web based EDI system for the Harbinger Corporation. The goal was to use the same data and forms as the Harbinger Motif and MS Windows based products. This was an Alpha release and work had to be done without documentation or support from the original programmers.

o    Used the source code to reverse engineer the company's UNIX/Motif based EDI product. The source consisted of over 300,000 lines of C++ code. Wrote code to extract the company's proprietary GUI EDI forms and dump them to a separate file. Wrote a C++ cgi program to authenticate users, pick form files, serialize them, send them to a java front end applet, and then to accept the filled out form. Set up and administered a HP workstation running HPUX 10.20 UNIX. Installed the Apache web server with SSLeay extensions and several gnu utilities. Set up and self signed certificates for the secure web server.

·         Set up the initial Family Tree Maker web site for the Banner Blue Division of Broderbund Software. This web site was used to provide online technical support, news and articles of interest to genealogy researchers, "how to" guides, demo downloads, and access to the Family Finder Index. The second phase added a Genealogy Mall, Classified Ads, Home Pages, genealogy report uploading, Message Boards, search capabilities, and secure transactions.

o    Provided UNIX systems level 'C' programming (IPC's, INET and UNIX TCP/IP sockets) to implement a multiple daemon server that interfaced Perl CGI scripts to multiple NT backends to serve up the Family Finder Index records from the company's proprietary NT database. Also wrote several Perl CGI programs for phase II services.

·         Multiple projects at LAISSEZ FAIRE BOOKS. Reworked the Perl based shopping cart system at Laissez Faire's online book store for enhancements to the ordering system. Implemented additional features for credit card processing and payment by check. Previously converted the existing web site to use a Perl based shopping cart system. Modified the shopping cart programs to fit their specific needs, and wrote several scripts to convert existing pages to use the shopping cart format.

·         Electronic Marketplace Systems, IDG publishing. MS Windows frontend to a proprietary online service. The service provided secure transactions, research databases for IDG publications such as InfoWorld, PC World, Mac World, etc, direct contact to vendors, and graphics based advertising. Used Visual C++ and MFC to build application interfaces; plus graphics conversion for jpeg, gif, and tiff images.

·         Abbott Labs, Diagnostics Division, Santa Clara. White box QA testing and code walk throughs as a part of software development for the CellDyn4000. The CellDyn4000 was sophisticated diagnostic equipment that combined robotics with a realtime, multi-threaded UNIX (LynxOS) to do automated blood chemistry analysis.

o    Prepared and monitored inspections of detailed object oriented design (Booch Blobs) and C++ code to meet FDA and ISO9000 requirements. Plus, wrote requirements, detailed design, and code for regression test harnesses to cover all operator interface C++ classes and utility code.

·         KnowledgeWare, Inc. White box QA testing for port of existing ADW tools from OS/2 to Motif on HP/UX and SUN Solaris UNIX platforms. Portability libraries (Base, Systems, and GUI) were developed using C++ to allow the case tool applications to compile and run unchanged between X Motif, OS/2 PM, and MS Windows. Helped hire 3 QA contractors for functional testing and 1 for unit testing. Wrote the first cut test plans for both functional and unit testing. Developed test automation scripts, unit test harnesses, regression tests, and automated bug tracking.

·         Informix, Inc. Designed and wrote detailed QA test suites using ESQL-C for the Informix version 6.0 engine. Tests concentrated on distributed database features and SQL networking. Exercised features included DDL, DML, connect, triggers, and stored procedures.

·         Used Smalltalk to build an online Multiple Listing Service front end demo for Opticom Corporation. Combined bit mapped graphics and a real estate database to provide agents with a direct sales and analytic tool.

·         Pacific Bell Telephone. Provided Smalltalk programming, object oriented training, and technical leadership for a telemarketing project group within Pacific Bell headquarters in San Ramon. This system was developed to deliver current information from a central DB2 database to district based Sybase SQL Server systems, each which in turn serviced several hundred Windows workstations. All of the workstation development was done using Smalltalk.

·         Developed components of an authoring system for Nevis Technologies using Smalltalk/V PM and Smalltalk/V Windows. The system used a client/server approach to integrate Excel, Word for Windows, Sybase SQL Server, an SNA gateway, and authoring tools; all over LAN Manager using OS/2 servers with OS/2 PM and MS Windows workstations as clients.

·         At Xerox Special Information Systems developed configuration management software for installation of a message routing and printing system using X Windows, Motif, and SunOS.

·         Boeing Commercial Airplanes. Researched specialized equipment used to hold tolerances within .0020 on large machined aircraft wing parts, and produced requirements, specification, design, and scheduling for all software components.

Quotron Systems Inc., Citibank N.A.,  
Project Lead, 12/86 -- 12/90, Special Projects and Advanced Applications for Trading Systems. C, Motif, Unix systems level code.

·         Development of workstation based fixed income applications. Worked with customers and marketing to define requirements and specifications. Fixed income products were the key part of an integrated strategic architecture designed to expand the Quotron business beyond domestic equity products.

o    The applications employed a client/server architecture using UDP,TCP/IP over multiple ethernet LANs. GUI used X windows and Motif. The software was ported to various flavors of UNIX such as: Ultrix, AIX, HP/UX, SunOS, SysV, and BSD.

·         Project manager for the development of the Broadcast Data Service wide area network. This was a leased line, packet based (X.25) network used to distribute domestic and international security data for program trading. Developed requirements, technical specifications, and did high level design for multiple phase implementation. Maintained project schedules and coordinated the low level design and coding efforts of several departments. Involved 9 programmers from 3 departments, 2 QA technicians, and 1 technical writer.

o    Design work included dividing X.25 network level code between the UNIX host system and a coprocessor board running a real time O/S. The coprocessor was a proprietary 68000 based VME board used to control 8 Z8030 synchronous ports. Worked extensively with 2 people from the kernel porting group to develop UNIX device drivers optimized for the hardware and software architecture. Involved analysis at the bus level to decide interrupt versus polling techniques and use of dual ported memory.