Alex Stamos

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Alex Stamos
Alex Stamos at Web Summit 2015 - Dublin, Ireland.jpg
Stamos at Web Summit 2015 in Dublin, Ireland
OccupationChief security officer, computer scientist

Alex Stamos is a computer scientist and the former chief security officer (CSO) at Facebook. His planned departure from the company, following disagreement with other executives about how to address the Russian government's use of its platform to spread disinformation during the 2016 U.S. presidential election, was reported in March 2018.[1]

Early life[edit]

Stamos grew up in Fair Oaks, California and graduated from Bella Vista High School in 1997. Stamos attended the University of California, Berkeley, where he graduated in 2001 with a degree in EECS.[2]


Stamos began his career at Loudcloud and, later, as a security consultant at @stake.[3]

iSEC Partners[edit]

In 2004, Stamos co-founded iSEC Partners, a security consulting firm, with Joel Wallenstrom, Himanshu Dwivedi, Jesse Burns and Scott Stender. During his time at iSEC Partners, Stamos was well known for his research publications on vulnerabilities in forensics software[4] and MacOS,[5] Operation Aurora,[6] and security ethics in the post-Snowden era.[7]

Stamos was an expert witness for a number of cases involving digital privacy, encryption, and free speech:

iSEC Partners was acquired by NCC Group in 2010.[12]

Artemis Internet[edit]

Following the acquisition of iSEC Partners by NCC Group, Stamos became the CTO of Artemis Internet, an internal startup at NCC Group. Artemis Internet petitioned ICANN to host a '.secure' gTLD on which all services would be required to meet minimum security standards[13] Artemis ultimately acquired the right to operate the '.trust' gTLD from Deutsche Post to launch its services.[14]

Stamos filed and received five patents for his work at Artemis Internet.[15]


In 2014, Stamos joined Yahoo! as CSO.[16] While at Yahoo!, he testified to Congress on online advertising and its impact on computer security and data privacy.[17] He publicly challenged NSA Director Michael S. Rogers on the subject of encryption backdoors in February 2015 at a cybersecurity conference hosted by New America.[18][19] He resigned in June 2015 in response to a then-undisclosed program to scan incoming email on behalf of United States government intelligence agencies.[20]


In 2015, Stamos joined Facebook as CSO. During his time at Facebook, Stamos co-authored a paper (with Jen Weedon and Will Nuland) on the use of social media to attack elections.[21] He later delivered a keynote address at the Black Hat Briefings in 2017 on the need to broaden the definition of security and diversify the cybersecurity industry.[22]

Following disagreement with other executives about how to address the Russian government's use of its platform to spread disinformation during the 2016 U.S. presidential election, he made plans in 2018 to leave the company[1] to take a research professorship at Stanford University.[23]

Stanford University[edit]

As of November 2018, Stanford University's Center for International Security and Cooperation listed Stamos as "an Adjunct Professor at Stanford's Freeman-Spogli Institute, a William J. Perry Fellow at the Center for International Security and Cooperation, and a visiting scholar at the Hoover Institution".[24]


  1. ^ a b Perlroth, Nicole; Frenkel, Sheera; Shane, Scott (19 March 2018). "Facebook Security Chief Said to Leave After Clashes Over Disinformation". The New York Times. Retrieved 19 March 2018.
  2. ^ "Newton Lecture Series: Alex Stamos - UC Berkeley Sutardja Center". UC Berkeley Sutardja Center. 2015-09-24. Retrieved 2018-03-20.
  3. ^ Shandrow, Kim Lachance (2014-03-11). "4 Things to Know About Yahoo's New Information Security VP Alex Stamos". Entrepreneur. Retrieved 2018-07-16.
  4. ^ Stamos, Alexander (July 16, 2018). "Breaking Forensics Software: Weaknesses in Critical Evidence Collection" (PDF).
  5. ^ Stamos, Alexander (July 16, 2018). "Macs in the Age of APT" (PDF).
  6. ^ Stamos, Alexander (July 16, 2018). "Aurora Response Recommendations" (PDF).
  7. ^ DEFCONConference (2013-12-21), DEF CON 21 - Alex Stamos - An Open Letter The White Hat's Dilemma, retrieved 2018-07-16
  8. ^ Halderman, J. (July 16, 2018). "Lessons from the Sony CD DRM Episode" (PDF).
  9. ^ Stamos, Alexander (July 16, 2018). "Declaration of Alexander Stamos" (PDF).
  10. ^ "Declaration of Alexander Stamos in Reply of Defendant Hotz to 103 SCEA's Opposition Brief filed byGeorge Hotz for Sony Computer Entertainment America LLC v. Hotz et al :: Justia Dockets & Filings". Justia Dockets & Filings. Retrieved 2018-07-16.
  11. ^ "The Truth about Aaron Swartz's "Crime"". Unhandled Exception. 2013-01-12. Retrieved 2018-07-16.
  12. ^ "UPDATE 1-NCC Group buys U.S. security testing firm". Reuters. 14 October 2010. Retrieved 2018-03-20.
  13. ^ ."My own private Internet: .secure TLD floated as bad-guy-free zone". Ars Technica. Retrieved 2018-07-16.
  14. ^ ".trust - ICANNWiki". Retrieved 2018-07-16.
  15. ^ "Google Patents". Retrieved 2018-07-16.
  16. ^ Wagner, Kurt (3 October 2017). "Who is Alex Stamos, the man hunting down Russian political ads on Facebook?". Recode. Retrieved 19 March 2018.
  17. ^ "Online Advertising and Consumer Security". Retrieved 2018-07-16.
  18. ^ CNBC (2015-02-28), Yahoo Security Officer Confronts NSA Director | CNBC, retrieved 2018-07-16
  19. ^ "Here's how the clash between the NSA Director and a senior Yahoo executive went down". Washington Post. Retrieved 2018-07-16.
  20. ^ Menn, Joseph (4 October 2016). "Exclusive: Yahoo secretly scanned customer emails for U.S. intelligence - sources". Reuters. Retrieved 19 March 2018.
  21. ^ "An Update On Information Operations On Facebook | Facebook Newsroom". Retrieved 2018-07-16.
  22. ^ Black Hat (2017-09-13), Black Hat USA 2017 Keynote, retrieved 2018-07-16
  23. ^ "Facebook's Security Chief to Depart for Stanford University". Retrieved 2018-08-07.
  24. ^ "Alex Stamos". Center for International Security and Cooperation. n.d. Retrieved November 17, 2018.


  • U.S. Patent 9,083,727B1 Securing client connections, filed April 11, 2012, granted July 14, 2015
  • U.S. Patent 8,799,482B1 Domain policy specification and enforcement, filed April 11, 2012, granted August 5, 2014
  • U.S. Patent 9,106,661B1 Computing resource policy regime specification and verification, filed May 9, 2014, granted August 11, 2014
  • U.S. Patent 8,990,392B1 Assessing a computing resource for compliance with a computing resource policy regime specification, filed May 9, 2014, granted March 24, 2015
  • U.S. Patent 9,264,395B1 Discovery engine, filed May 9, 2014, granted February 16, 2016