Herbert Hugh Thompson
Encyclopedia
Dr. Herbert Hugh Thompson is an application security consultant.
Thompson received his Ph.D.
in Applied Mathematics from Florida Institute of Technology
. and holds a CISSP certificate. He was an adjunct professor at Florida Tech in Melbourne, Florida
and worked for Security Innovation, Inc., where he gained experience training security testers and software developer
s for well-known software companies including Microsoft
, Cisco
, IBM
, VISA
, Hewlett Packard, Symantec
, ING
and SAP
.
In 2006, Thompson assisted in four hack tests for the nonprofit election watchdog group Black Box Voting
. Two of his tests involved altering election results reports on the Diebold GEMS central tally machines. Thompson also assisted Harri Hursti
in the Black Box Voting projects in Leon County, Florida
and Emery County, Utah
. Thompson's GEMS central tabulator hack was achieved by inserting a Visual Basic script onto the GEMS server machine at election headquarters. Both the Visual Basic script hack by Thompson and the memory card hack by Hursti Hack
can be seen in HBO's "Hacking Democracy
" where Hursti and Thompson hacked in to Diebold Election Systems's voting machines and central tabulator system in Leon County, Florida proving its vulnerability.
Thompson has also been featured on The Red Tape Chronicles on MSNBC
and on CNN's
Lou Dobbs
Thompson received his Ph.D.
Ph.D.
A Ph.D. is a Doctor of Philosophy, an academic degree.Ph.D. may also refer to:* Ph.D. , a 1980s British group*Piled Higher and Deeper, a web comic strip*PhD: Phantasy Degree, a Korean comic series* PhD Docbook renderer, an XML renderer...
in Applied Mathematics from Florida Institute of Technology
Florida Institute of Technology
Florida Institute of Technology, also known as Florida Tech, is an independent private technical research university located in Melbourne, Florida, United States. Founded in 1958 as Brevard Engineering College, the institute has been known by its present name since 1966. Florida Tech's curriculum...
. and holds a CISSP certificate. He was an adjunct professor at Florida Tech in Melbourne, Florida
Melbourne, Florida
Melbourne is a city in Brevard County, Florida, United States. As of 2009, the population estimated by the U.S. Census Bureau is 78,323. The municipal area is the second largest by size and by population in the county. Melbourne is a principal city of the Palm Bay – Melbourne – Titusville, Florida...
and worked for Security Innovation, Inc., where he gained experience training security testers and software developer
Software developer
A software developer is a person concerned with facets of the software development process. Their work includes researching, designing, developing, and testing software. A software developer may take part in design, computer programming, or software project management...
s for well-known software companies including Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
, Cisco
Cisco
Cisco may refer to:Companies:*Cisco Systems, a computer networking company* Certis CISCO, corporatised entity of the former Commercial and Industrial Security Corporation in Singapore...
, IBM
IBM
International Business Machines Corporation or IBM is an American multinational technology and consulting corporation headquartered in Armonk, New York, United States. IBM manufactures and sells computer hardware and software, and it offers infrastructure, hosting and consulting services in areas...
, VISA
Visa
Visa or VISA may refer to:* Visa , a document issued by a country's government allowing the holder to enter or to leave that country...
, Hewlett Packard, Symantec
Symantec
Symantec Corporation is the largest maker of security software for computers. The company is headquartered in Mountain View, California, and is a Fortune 500 company and a member of the S&P 500 stock market index.-History:...
, ING
ING Group
The ING Group is a global financial institution offering retail banking, direct banking, commercial banking, investment banking, asset management, and insurance services. ING is the Dutch member of the Inter-Alpha Group of Banks, a cooperative consortium of 11 prominent European banks...
and SAP
SAP AG
SAP AG is a German software corporation that makes enterprise software to manage business operations and customer relations. Headquartered in Walldorf, Baden-Württemberg, with regional offices around the world, SAP is the market leader in enterprise application software...
.
In 2006, Thompson assisted in four hack tests for the nonprofit election watchdog group Black Box Voting
Black Box Voting
Black box voting signifies voting on voting machines which do not disclose how they operate such as with closed source or proprietary operations. The term, as described by Dr. Arnold Urken of Stephens Institute of Technology, comes from the technical jargon use of the term black box, a device or...
. Two of his tests involved altering election results reports on the Diebold GEMS central tally machines. Thompson also assisted Harri Hursti
Harri Hursti
Harri Harras Hursti is a Finnish computer programmer and former Chairman of the Board and co-founder of ROMmon where he supervised in the development of the world's smallest 2 gigabit traffic analysis product that was later acquired by F-Secure Corporation.Hursti is well known for participating in...
in the Black Box Voting projects in Leon County, Florida
Leon County, Florida
Leon County is a county located in the state of Florida, named after the Spanish explorer Juan Ponce de León. At the 2010 Census, the population was 275,487. The county seat of Leon County is Tallahassee which also serves as the state capital. The county seat is home to two of Florida's major...
and Emery County, Utah
Emery County, Utah
Emery County is a county located in the U.S. state of Utah. As of 2000 the population was 10,860, and by 2009 had been estimated to decrease to 10,629. It was named for George W. Emery, governor of the Utah Territory in 1875...
. Thompson's GEMS central tabulator hack was achieved by inserting a Visual Basic script onto the GEMS server machine at election headquarters. Both the Visual Basic script hack by Thompson and the memory card hack by Hursti Hack
Hursti Hack
The Hursti Hack was a successful attempt to alter the votes recorded on a Diebold optical scan voting machine. The hack is named after Harri Hursti.- Participants :The participants were:*Ion Sancho, Supervisor of Elections, Leon County, Florida....
can be seen in HBO's "Hacking Democracy
Hacking Democracy
Hacking Democracy is a 2006 documentary film by producer Robert Carrillo Cohen and producer / directors Russell Michaels and Simon Ardizzone, shown on HBO...
" where Hursti and Thompson hacked in to Diebold Election Systems's voting machines and central tabulator system in Leon County, Florida proving its vulnerability.
Thompson has also been featured on The Red Tape Chronicles on MSNBC
MSNBC
MSNBC is a cable news channel based in the United States available in the US, Germany , South Africa, the Middle East and Canada...
and on CNN's
CNN
Cable News Network is a U.S. cable news channel founded in 1980 by Ted Turner. Upon its launch, CNN was the first channel to provide 24-hour television news coverage, and the first all-news television channel in the United States...
Lou Dobbs
Lou Dobbs
Louis Carl "Lou" Dobbs is an American journalist, radio host, television host on the Fox Business Network, and author. He anchored CNN's Lou Dobbs Tonight until November 2009 when he announced on the air that he would leave the 24-hour cable news television network.He was born in Texas and lived...
Publications
- “How to Break Software Security: Effective Techniques for Security Testing” (2004, Addison Wellesley)
- “The Software Vulnerability Guide.” (2005, Charles River Media)
- Protecting the Business: Software Security Compliance (2008, John Wiley & Sons)