The Blind Coder

If you think visual impairment deterred 26-year-old Niko Carpenter from pursuing and excelling in a career in security and programming, your eyes are deceiving you.

Written by: Dan Kaplan

When Niko Carpenter hit the operating table at age 12 – a last-ditch effort to improve his failing eyesight – the Aurora, Ill.-native had already determined his life goal: to become a satellite engineer.

A few years prior, despite being unable to normally read words or watch TV (he began learning Braille when he was only 3 years old) Carpenter was building satellite receptors out of salad bowls and tin foil. “I was able to build in an antenna that pulled in more channels than a typical TV antenna,” he recalled. “I couldn’t get satellite TV though. I didn’t understand encryption.”

Carpenter was born with congenital glaucoma, a rare condition that involves the incorrect development of the eye's drainage system before birth. The disease robbed him immediately of the vision in his right eye, but as a young boy and pre-teen, he could still see well enough out of his left eye to make out colors, as well as navigate his bike down the sidewalk – even if he couldn’t distinguish faces.

When I was little, I was terrified of going blind... And then it happened and it didn’t really bother me as much as I thought it would.

When he was 11, with his parents recognizing his fondness for “tinkering” with things, he received his first computer. A year later, there he was, getting another surgery – this time a cornea transplant, his riskiest operation yet. Carpenter doesn’t remember much about that day, but he knows his body decided it didn’t want the donor tissue in its eye, so it rejected it, causing total blindness.

As Carpenter remembers, that was that. No big deal. Life goes on.

“When I was little, I was terrified of going blind,” he said. “And then it happened and it didn’t really bother me as much as I thought it would. You roll with the punches.”

Carpenter has indeed rolled with the punches – and the irksome bumps and bruises – all the way to Trustwave, where has been working for nearly three years as a software engineer. He currently is tasked with handling the backend development of the web application interface part of the Trustwave TrustKeeper portal, specifically the part with which merchants and acquiring banks interact as part of the Payment Card Industry Data Security Standard (PCI DSS) compliance process.

“Going blind didn’t impact me as much I would thought it would have,” he said, adding with his characteristic self-deprecating wit: “But I’ve gotten hurt a lot. I’ve run into so many poles. There’s no worse injury.”

Speak with a Sales Specialist

Our sales specialists are ready to learn the needs of your business and connect you with the cyber heroes who can help make your security story shine.

Learning to Code – and Hack

Before his teenage years, Carpenter had already developed a firm grasp on programming. He credited his capabilities to a software program known as a screen reader, which allows blind users to read the text displayed on a computer screen through a computerized voice. “That’s really the only adaptive technology that I use,” he said of the screen reader. “I’ve got one on my computer and one that comes for the iPhone.”

Most came naturally to him, save an elementary keyboarding class, which helped him memorize the keyboard so he could more efficiently code. “I’d browse websites and inspect the HTML sources,” he said. “I started hanging out in online forums.”

High school was where he grew a penchant for security, an interest that first sprouted – like so many other security researchers and ethical hackers before him – from lighthearted tinkering and hacking among consenting peers.

“Friends would mess around and play pranks on each other,” Carpenter said. “We would write programs to control each other’s computer and make them do stupid things. I remember writing a program to pop up scary balloons on a friend’s screen.”

By then, Carpenter knew his harmless hijinks weren’t being driven by angsty escapism, but by a real passion to understand what makes computers behave in certain ways. When he considered the possibility of starting a family down the road – and knowing he would need to earn money – he began thinking about potential careers. Information security seemed like a natural bridge.

When he’s not in code mode, Carpenter relies on his trusted companion Wade, a 2-year-old Golden Retriever, to help him navigate the streets of Chicago.

“It all started with, ‘let’s break stuff’” Carpenter admitted. “How do I get this to work in a way that I want it to work and that someone else doesn’t want it to work? It transitioned into, ‘OK, now I know how to break things. How can I make it so other people can’t do that?’"

Carpenter honed his skills by earning an associate’s degree in computer network security 45 minutes south from his home at Joilet Junior College in Joliet, Ill. That led him to Northern Illinois University, where he graduated in 2013 with a bachelor’s degree in computer science. Among his coursework were classes in ethical hacking. “I loved to do it,” he said. “It made me happy. And I wanted to find a career in it.”

The email that would change his life arrived in September of that year, a few months before graduation. The instructions said to come to the computer lap, laptop in hand. “I remember it saying there was going to be pizza,” he said. “I had no clue what it was.”

It was a multiple-choice qualifying test, with a few open-ended questions as well. The top scorers would punch their ticket to attend the Illinois Technology Association Tech Challenge, a programming and coding skills competition for current students at targeted Midwest universities, and compete for cash prizes.

Carpenter finished second out of 18. Off to Chicago he went. He doesn’t exactly recall where he finished in the finals – somewhere in the top-third he reckons – but something more important happened at the event, which is meant to give students a taste of the problem solving that would be necessary in a real-world, professional setting. The challenge was as much as networking opportunity as anything, and it was how he first connected with Trustwave, where he would soon join.

“When he first started, we were wondering how he would work because he cannot see the code or see the design,” said Mahmud Khair, a software architect at Trustwave and Carpenter’s manager. “But as we started working with him, we were amazed and surprised at how efficiently he can read the code. We even tried to listen to the screen reader, and we were not able to understand anything, but he does it so well, and he can do whatever he needs to do for his job.”

Coding From the Cubicle

To get around safely and efficiently, Carpenter, now 26, relies on his trusted companion and guide dog, Wade, a 2-year-old pure-bred Golden Retriever. “They go everywhere with you,” he said. A couple of years back, he retired Flair, a Golden and black Labrador mix, his companion for eight years.

“She had cataracts, went blind and start running into things,” Carpenter said, recognizing the irony of what ultimately forced her retirement. “So that didn’t work out too well.”

For now, Carpenter is content in his current role. While the job is not necessarily security focused and requires quite a bit of tedious backend coding work, his role carries significant weight because of the vast number of files the portal process every day from thousands of customers.

Contrary to what some may believe, it is the payment brands and acquirers that are responsible for enforcing compliance with PCI DSS, not the PCI Security Standards Council, which only manages the guidelines. Aside from the fact that PCI DSS puts forth among the most prescriptive requirements of any compliance mandate, acquiring banks promulgate a wide spectrum of reporting requirements for their merchants. And if merchants fail to comply, it is the acquirers that are penalized, although they typically will transfer any fines to the merchant.

“When our sponsors, who are huge customers, want something, a lot of pressure goes on me,” he said. “It’s a challenge. There’s always new stuff. Some days I’m working on the business logic. Other times it’s ‘This thing is running slowly. How can we make it faster?’”

Married to Nicole, Carpenter and his wife have a daughter, Aria, who is almost two. Carpenter has fulfilled his dream for a career and family. What’s next? For now, he loves what he’s doing – but someday a security position could come calling, where he can cash in on his ethical hacking education and interest. Carpenter would seem ripe for such a role, given his ability to think on the fly and adjust to an environment based on the variables at play.

“Whenever software doesn’t work for me, I figure out a workaround,” he said. “For example, everyone at work uses a program called Eclipse to develop in. That just doesn’t work for me. So, I wrote my own tools that do the same thing everyone else is doing. That took some time and effort, but it paid off.”