 |
Frank W. Abagnale Jr. |
Self-described "master con" is actually one, but not in the manner he claims. His escapades that
spawned a book and major motion picture were fabricated. His 30+ year career of claiming he
was the #1 fugitive on the FBI's most wanted list, among other things, is the foundation
of his actual con; outrageous speaking fees. Read more about his creepy and misogynistic
behavior in addition to his claims of being a master con that that works with the FBI.
[More information.] |
 |
Walter O'Brien |
Self-proclaimed genius, outlandish claims of computer wizardry, CEO of a supposed
billion-dollar company, and the basis of the CBS TV show "Scorpion". In reality,
basically every claim O'Brien has made does not stand up to any level of scrutiny. With
the airing of the TV show, O'Brien is riding the publicity wave, still peddling his
claims. [More information.] |
 |
Gregory D. Evans |
A supposed "hi-tech hustler", plagiarist and convicted criminal, Evans has invented himself
as some form of hacker with the ability to break into anything and spin that
supposed knowledge into advising companies on security. Now with 'LIGATT
Security', he is leading their questionable campaign to increase stock value
through press manipulation. [More information.] |
 |
Ankit Fadia |
Fadia is a self-claimed expert on computer security, shameless self-promoter, author of numerous books with plagiarism
and has made numerous claims with little to no peer input as to his actual knowledge or skills. A (former) fifteen year old
claiming to be an expert on computer or network security is absurd. [More information.] |
 |
Simon Joseph Smith |
Simon Smith is arguably one of InfoSec's most prominent charlatans to appear in 2016/2017. Some veterans of the industry
still question if he is an elaborate troll or a person doing business in the security industry. [More information.] |
 |
Dr. Ali Jahangiri |
A questionable Sc.D holder and book plagiarizer, Jahangiri is a self-proclaimed information
security expert with 14 years of experience. With a list of certifications and education bonafides
that scream "career academic", his public offerings have been few and far between. [More information.] |
 |
Laura Callahan |
Laura Callahan is a former senior director at the United States Department of Homeland Security who resigned after an investigation revealed that she had
obtained academic degrees from a diploma mill. She is also a former Deputy CIO of the US Department of Labor
and former senior information technology manager at the White House. [More information.] |
 |
Dan Verton |
What started out as occasional articles in news outlets turned into a full-blown ego-laden pundit writing books and even testifying before Congress.
A supposed expert on cyber-war, his primary ability is generating fear, uncertainty and doubt (FUD) rather than rational
information. [More information.] |
 |
Dr. Bill Hancock |
"Dr." Hancock is enshrouded in lies and half-truths; his purchased educational degrees (including doctorate), lies about serving as a U.S. Navy Seal
and obvious lies about work experience are the tip the iceberg. [More information.] |
 |
Kim Schmitz (aka Kimble) |
Schmitz, a convicted criminal, found a world of press ready and willing to bite on his stories of hacking,
some of which are almost a direct rip-off another charlatan (se7en). This may be one of the better cases demonstrating
that media outlets want sensationalism, not the truth. [More information.] |
 |
Ian Murphy (aka Captain Zap) |
Murphy, a convicted petty criminal, has lied about military service, government work, technical skills and everything
between, forging a business based on lies and half-truths about his past 'hacking' experiences. [More information.] |
 |
Frank Jones (aka SpyKing) |
Jones, a felony-convicted scammer, had built a life based on selling fraudulent services and goods that
were never delivered. Self-claimed as mentally insane to attempt to avoid conviction, he has continued
to operate in the security and TSCM industry as best he can. [More information.] |
 |
Steven Gibson / GRC |
Perhaps the most "colorful" charlatan, a marketer by trade, Gibson has moved into the security
industry telling us about software company conspiracies, re-inventing years-old security technologies
and dishing out emotional manipulation as "facts". [More information.] |
 |
Ira Winkler |
Keep your distance, for this man can hack your company and steal a billion dollars! Where most
security professionals operate based on fact and relevant experience, Winkler has made an
entire career over an overhyped and questionable penetration test that he may not have actually
participated in, and then let his ego run wild with it. [More information.] |
 |
Christian Valor (aka se7en) |
One of the earlier frauds in the industry, the only talent Valor ever displayed was
manipulating the media and friends. His claims of hacking ability eroded as quickly as
his claims of security knowledge. [More information.] |
 |
John Flowers |
Caught lying about his education to better solicit investments, Flowers' claims of
past hacker activity is questionable and has not been verified by a third-party. [More information.] |
 |
Carolyn Meinel (aka HappyHacker) |
After at least seventeen distinct career changes, any notion that Meinel was a security
expert or had any technical ability beyond Windows parlor tricks is misplaced. [More information.] |
 |
John "JP" Vranesevich |
Not only a fraud, Vranesevich's short lived "career" as a security expert was based on
exploiting those around him, changing morals and ethics as it suited him, and walking
all over the industry he claimed to be influential in. [More information.] |
 |
EC-Council |
EC-Council, the company behind the 'Certified Ethical Hacker' (CEH) certification, has a
tendancy to forgo ethics and profit off plagiarized content from other sources. [More information.] |
 |
ICSA Labs |
ICSA Labs, formerly NCSA, now a Verizon Business under the Cybertrust blanket.. is "committed to .. meet or exceed our stakeholders' expectations",
which begs the question of their testing methods and vendor neutrality among other things. [More information.] |
 |
InfoSec Institute |
InfoSec Institute (ISI), a company offering security training, pen testing classes and more,
routinely plagiarizes content for their classes, profiting heavily off it. [More information.] |
 |
Hakin9 |
Hakin9 online magazine does not rely on ethical business practices to sell copy. [More information.] |
 |
mi2g Limited |
If you ask them, mi2g Limited, a "security intelligence firm", will tell you they have been in the security
industry as far back as 1995, at least "collecting data". In reality, mi2g only popped up in 1999 as a security
outfit of any sort. Since then, the chain of absurd press releases, outlandish "research", and outright lies has
been a plague on the security industry. [More information.] |
Copyright by Attrition.org. Permission is granted to quote, reprint or redistribute provided the text is not altered, and appropriate credit is given.
Charlatans... the fakes in the industry. Below, we point out a few cases of fakes walking
among us. Some of the groups or companies listed below don't fall so much into the 'charlatan'
category, but are pointed out for other reasons. As humans, we all make mistakes. The issue isn't
that these people made mistakes, it's that they won't own up to them, lie to attempt to cover
their actions, or use it to further their personal agenda at the expense of the industry.
Like many parts of the entire Errata page, this section is incomplete.
Don't let a lack of bullets and references under a given name mislead you. They were put here
for a reason, even if we haven't had time to fully document it in one place. Fred Cohen has written an interesting
paper entitled "The Seedy Side of Security" that covers some of
the concerns we share. Yes, there is some personal bias in this page. Being in the security industry
in various capacities, these people make our lives more difficult and negatively impact our business
and passionate hobbies. Read the material with a grain of salt; don't implicitly trust us. Make
your own decisions based on all the facts you can find, not just what you read here.
