Herbert Hugh Thompson

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Hugh Thompson
Born Nassau, Bahamas
Residence United States
Citizenship American
Fields Computer science
Institutions Microsoft
Columbia University
RSA Conference
Blue Coat Systems
Alma mater Florida Institute of Technology
Known for security

Dr. Herbert Hugh Thompson is a computer security expert and an Adjunct Professor in the Computer Science Department at Columbia University.[1] He is also the Program Chairman of RSA Conference[2] the world’s largest information security conference with over 25,000 attendees annually. Thompson is the co-author of a book on human achievement titled The Plateau Effect: Getting from Stuck to Success published by Penguin in 2013[3][4] and has co-authored three books on information security including, How to Break Software Security: Effective Techniques for Security Testing published by Addison-Wesley,[5] and The Software Vulnerability Guide published by Charles River 2005.[6] He is perhaps best known for his role in exposing electronic voting machine vulnerabilities as part of the HBO Documentary Hacking Democracy. He was named one of the “Top 5 Most Influential Thinkers in IT Security" by SC Magazine[7] and has been referred to by the Financial Times as “One of the world’s foremost cryptology and internet security experts.”[8]

Career[edit]

Thompson began his career as an research intern for Microsoft Corporation while working on his Ph.D. in Applied Mathematics at the Florida Institute of Technology.[9] He then went on to co-found Security Innovation Inc., an application security company and worked as their Chief Security Strategist. In 2007 he started another technology security company called People Security and also began teaching a course on “Software Security and Exploitation” at Columbia University that focused on methods to circumvent security mechanisms in software.[10] He has written several books and over 100 peer reviewed papers on Computer Security and Hacking.[11][12][13] Thompson has delivered keynotes at every RSA Conference since 2007.[14] He has been interviewed by top news organizations including BBC News,[15] Bloomberg Television,[16] CNN,[17] Fox News,[18] The New York Times[19] and the Associated Press.[20] He is also a contributor to the New York Times,[21] Scientific American[22] and IEEE Security & Privacy magazine.[23] Thompson is currently Senior Vice President at security infrastructure company Blue Coat Systems.[24]

Electronic Voting Security[edit]

In 2006, Thompson participated in four hack tests for the nonprofit election watchdog group Black Box Voting.[25] Two of his tests involved altering election results reports on the Diebold GEMS central tally machines. Thompson also collaborated with Harri Hursti in the Black Box Voting projects in Leon County, Florida and Emery County, Utah. Thompson's GEMS central tabulator hack was achieved by inserting a Visual Basic script onto the GEMS server machine at election headquarters. Both the Visual Basic script hack by Thompson and the memory card hack by Hursti Hack can be seen in HBO's "Hacking Democracy" where Hursti and Thompson hacked into Diebold Election Systems's voting machines and central tabulator system in Leon County, Florida proving its vulnerability.[26] Education Thompson completed his bachelors, masters and Ph.D. in applied mathematics at the Florida Institute of Technology.

Books[edit]

  • Sullivan, Bob, and Hugh Thompson. Getting Unstuck: Break Free of the Plateau Effect. Penguin, 2014.(ISBN 0698183819)
  • Sullivan, Bob, and Hugh Thompson. The Plateau Effect: Getting from Stuck to Success. Penguin, 2013. (ISBN 1101624248)
  • Thompson, Herbert H., and Scott G. Chase. The Software Vulnerability Guide. Charles River Media, 2005. (ISBN 1584503580)
  • Thompson, Herbert H., and Spyros Nomikos. The Mezonic Agenda: Hacking the Presidency. Syngress Pub., 2004. (ISBN 1931836833)
  • Thompson, Herbert H., and J. A. Whittaker. How to Break Software Security. Addison Wesley, 2003. (ISBN 0321194330)
  • Thompson, Herbert H. "A Bayesian model of sequential test allocation for software reliability estimation." Ph.D. Dissertation, 2002 (ISBN 0493619062)

References[edit]

  1. ^ [ http://www.cs.columbia.edu/~hthompson/ Columbia University course page for COMS E6998-9 Software Security and Exploitation]
  2. ^ RSA Conference Appoints Dr. Herbert H. Thompson as Program Committee Chair and Advisory Board Member
  3. ^ Schawbel, Dan. "Bob Sullivan: How Plateaus Prevent You From Career Success". Forbes. 
  4. ^ Coffey, Laura. "Hey, high-achieving women! Here's how perfectionism holds you back". Today. 
  5. ^ Whittaker, James (2003). How to Break Software Security. Addison Wesley. ISBN 0321194330. 
  6. ^ Thompson, Herbert (2005). The Software Vulnerability Guide. Charles River Media. ISBN 1584503580. 
  7. ^ "IT security reboot 2006: Top 5 influential security thinkers". SC Magazine. 
  8. ^ Jones, Sam. "Encryption expert offers support to UK’s GCHQ chief". Financial Times. 
  9. ^ Thompson, Herbert (2002). A Bayesian model of sequential test allocation for software reliability estimation. Florida Institute of Technology. ISBN 0493619062. 
  10. ^ [ http://www.cs.columbia.edu/~hthompson/ Columbia University: COMS E6998-9: Software Security and Exploitation]
  11. ^ Thompson, Herbert H. "Why security testing is hard." IEEE Security & Privacy 1.4 (2003): 83-86.
  12. ^ Whittaker, James A., and Herbert H. Thompson. "Black Box Debugging." Queue 1.9 (2003): 68.
  13. ^ Thompson, Herbert H., and James A. Whittaker. "Rethinking software security." DOCTOR DOBBS JOURNAL 29.2 (2004): 73-75.
  14. ^ Thompson, Hugh. Keynote: “The Hugh Thompson Show with Guests Steve Wozniak and Craig Newmark” RSA Conference, http://www.youtube.com/watch?v=X3_grIAuV00
  15. ^ BBC News, “How Safe is the Internet of Things?” http://www.bbc.com/news/business-28414165
  16. ^ Bloomberg Television, First Up with Susan Li, “Cyber Security Threat Dynamic, Dangerous”. http://www.bloomberg.com/video/cyber-security-threat-dynamic-dangerous-thompson-VBG2kLSxRb6aBvXmoqUvvQ.html
  17. ^ CNN transcripts Archived 24 December 2010 at WebCite
  18. ^ Fox News Television, “Increase in One Day Wonder Websites Help Disguise Malware” http://www.foxnews.com/tech/2014/08/28/increase-in-one-day-wonder-websites-help-disguise-malware/
  19. ^ N. Perroth, “Security Needs Evolve as Computing Leaves the Office,” New York Times, 11 June 2014. http://bits.blogs.nytimes.com/2014/06/11/security-needs-evolve-as-computing-leaves-the-office/
  20. ^ R. Satter, “RESEARCHERS STYMIED BY HACKERS WHO DROP FAKE CLUES”, AP, 10 December 2014. http://hosted.ap.org/dynamic/stories/E/EU_HACKER_WHODUNIT
  21. ^ Sullivan, Bob, and Hugh Thompson. “Brain, Interrupted,” New York Times, May 5, 2013, pg. SR12.
  22. ^ Thompson, H. "How I Stole Someone’s Identity." Scientific American, online feature posted August 18 (2008).
  23. ^ Hugh Thompson, "The Human Element of Information Security”, IEEE Security & Privacy, vol.11, no. 1, pp. 32-35, Jan.-Feb. 2013, doi:10.1109/MSP.2012.161
  24. ^ "Blue Coat Names Security Market Visionary Dr. Hugh Thompson as Senior Vice President and Chief Security Strategist". 
  25. ^ Black Box Voting site containing Thompson and Hursti projects Archived 22 July 2007 at WebCite
  26. ^ HBO's documentary "Hacking Democracy" Archived 24 December 2010 at WebCite