Sami Vaarala

a software professional and an enterpreneur

Since 2009 I've been working in Poplatek Oy, a card payment industry company I co-founded.

contact info

Curriculum Vitae of Sami Vaarala

Personal Information

I was born in February 12, 1977, in Oulu, Finland, and I'm currently living in Espoo, in the capital region of Finland.

contact info

Career Interests

My main interest is software engineering: I enjoy writing high quality software with a variety of tools and programming languages. I've also worked in various management positions.


2006 Lic.(Tech.)
Completed my Lic.(Tech.) studies at Aalto University (previously Helsinki University of Technology, HUT) in the summer of 2006.
2000 M.Sc.(Tech.)
Graduated M.Sc.(Tech.) in March, 2000, with distinction and a quick graduate's scholarship (3.5 years). Majored in computer science, minored in mathematics.
M.Sc.(BA) studies in Aalto University (previously Helsingin Kauppakorkeakoulu, HKKK), about 300 credits in enterpreneurship. Passed matriculation examination from Lyseonpuiston lukio in Rovaniemi, spring 1996.


1.7-2009-present Poplatek
Working on payment terminals (multi-platform code in C/C++ and Lua) and payment servers (mostly in Java). Co-founder of Poplatek (a spin-off of Codebay).
4.3.2006-30.6.2009 Codebay
Working on a wide variety of subcontracting projects, including: networking, embedded devices, security, payment systems. Co-founder of Codebay.
2.4.2004-4.3.2006 Stinghorn
CTO of Stinghorn, with responsibilities in technology, R&D leadership, and technical product management. Deployed incremental R&D process which greatly improved R&D performance and product quality. Introduced virtualization into the company's product mix.
3.7.2000-31.3.2001 Military
Compulsory military service in the Finnish Defence Forces Communication and Information System Center (Puolustusvoimien Tietotekniikkalaitos). Working on Windows NT security solutions and VPN technology.
1.6.1999-2.4.2004 Netseal
Worked with Netseal MPN product (a mobile IPsec solution) in multiple roles ranging from a group leader to senior system architect. Working with IETF standardization (IPsec and Mobile IP), protocol and architecture design, specifications (co-authored RFC 3519, Mobile IPv4 NAT Traversal), and patenting (authored and co-authored several patent applications). Military service during 3.7.2000-31.3.2001.
28.5.1997-31.5.1998 Nokia
Working as a summer trainee/training engineer in Nokia Telecommunications. My work concerned I/O (SCSI) drivers for the DX200 digital phone exchange.

In addition, I've been lecturing two courses (a practical security course nicknamed "hacker course", and cryptography basics) in Aalto University, in 2003-2009.


I have multiple academic and standardization publications, see publications.



Very experienced, also for embedded devices
Very experienced
Very experienced
Javascript / Ecmascript
Very experienced; I have written my own Javascript interpreter
Web development
Quite experienced
Python, Perl, shell scripts
Reasonable, but not an expert


Native language
Excellent (Laudatur)
Adequate, non-practicing (Eximia)
German, Spanish
Basics, non-practicing


Amiga and PC demo scene work (using the name Silver Eagle) in demo groups The Silents, Pygmy Projects, Pulse.


authored and co-authored publications

Antti Nuopponen, Sami Vaarala, Teemupekka Virtanen, IPsec clustering, in Yves Deswarte, Frederic Cuppens, Sushil Jajoda, Lingyu Wang (Eds.) Security and Protection in Information Processing Systems, pp. 367-379, Kluwer Academic Publisher, ISBN 1-4020-8142-1, USA, 2004. (19th IFIP International Information Security Conference (SEC 2004)).

Lauri Auronen, Antti Peltonen, Sami Vaarala, Teemupekka Virtanen, Distributed Computing with a Trojan Horse, Australian Information Warfare and IT Security Conference (AIWSC 2003), November 2003.

Sami Vaarala, Antti Nuopponen, Teemupekka Virtanen, Attacking Predictable IPsec ESP Initialization Vectors, Proceedings of the 4th International Conference on Information and Communications Security (ICICS 2002), December 2002. (Published in Lecture Notes in Computer Science, vol. 2513.)

Antti Nuopponen, Sami Vaarala, Attacking Predictable IPsec ESP Initialization Vectors, course report for the Helsinki University of Technology course "Tik-110.452 Special course in practical security of data system", March 2002.

Sami Vaarala, Implementing Internet Key Exchange (IKE), Master's Thesis, February 2000.

IETF work

Henrik Levkowetz, Sami Vaarala, Mobile IP Traversal of Network Address Translation (NAT) Devices, RFC 3519, November, April 2003.

Sami Vaarala, Nuutti Kotivuori, Fragmentation MTU Extension for Mobile IPv4, Internet-Draft (draft-vaarala-mip4-fragmtu), January 2004.

Sami Vaarala, Antti Nuopponen, Farid Adrangi: Optimized Mobile IPv4 UDP Encapsulation, Internet-Draft (draft-vaarala-mip4-optudp), January 2004.

Sami Vaarala (Ed.), Mobile IPv4 Traversal Across IPsec-based VPN Gateways, Internet-Draft (draft-ietf-mobileip-vpn-problem-solution), March 2003.

Farid Adrangi, et al., Problem Statement: Mobile IPv4 Traversal of VPN Gateways, Internet-Draft (draft-ietf-mobileip-vpn-problem-statement-req), January 2003.

Antti Nuopponen, Sami Vaarala, Mobile IPv4 coexistence with IPsec remote access tunnelling, Internet-Draft (draft-nuopponen-vaarala-mipvpn), July 2002.

Sami Vaarala, Mobile IP NAT/NAPT/Firewall Traversal, Internet-Draft (draft-vaarala-mobileipnat-traversal), July 2001.

M.Sc. theses supervised

Mikko Varso, Efficient tunneling through restrictive firewalls, Helsinki University of Technology, November 2004.

Mikko Saarinen, Legacy User Authentication with IPSEC, Helsinki University of Technology, February 2004.

Matti Järvinen, PKI Requirements for IPsec, Helsinki University of Technology, May 2003.

Marko Rantee, Implementing a framework for Mobile IP in Windows 2000 and XP, Master's thesis, Tampere University of Technology, October 2002.


An embedded Javascript (Ecmascript E5) interpreter.

Duktape is similar in spirit to Lua, but favors compactness and portability over speed as there are several very fast Ecmascript implementations already out there. Duktape has a combined reference counting and mark-and-sweep garbage collector with finalization support. As part of E5 compliance Duktape has, among other things, full regular expression and Unicode support. There is a C API for writing C/Duktape bindings.

See the main Duktape site: