Bill Hancock's resume has been online for many years. As with many resumes of charlatans, several things stick out as "how is that possible" or "that doesn't add up". Hancock's resume is no exception. The following page is attrition.org commentary on Hancock's resume, pointing out parts of interest that call into question his honesty, integrity and history. This commentary is based on Hancock's 2000 resume, timeframes are relative to that year.
Note, several associates of attrition.org staff, both business and personal, have vouched for Hancock to some degree, stating that he has knowledge of security and networking in many areas. Those same people could not vouch for many aspects of his life, especially from his resume.
Bill Hancock's introduction paragraph for his online resume:
Creator of many network and security standards as well as designer and implementer of some of the largest networking and computing environments in the world. Well respected author of 25 books and over 3,000 articles. Designer and architect of the worlds first multiprotocol firewall facility and the first firewall for the Windows-NT operating system, first expert system-based network intrusion detection system and first multiprotocol dial-up security system. Well known computer and network security technical expert with hundreds of hacker trackdowns and conviction credits. Popular and humorous speaker who has delivered keynote and technology strategic addresses at InterOP, COMDEX, Mactivity, Windows-NT World, CompSEC, IEC, TCA, DECUS, Share and many other major events. Designer of technical strategic directions for many of the largest companies in the world. Heavily quoted technologist in the Wall Street Journal, Business Week, CIO Magazine, Barrons and other major publications on networking and security futures. Also featured on television and radio programs on CNN, CNBC, ABC, NBC, BBC and other network programs in the areas of security, networking and technology futures.
"author of 25 books" - While it is certainly feasible that Hancock could write an average of one book a year, given the history and prevalence of computer related books, he most likely did not start writing at the start of his career. Conservatively, that means he claims to have written at least two books a year. The Library of Congress (LOC) only lists 8 books attributed to Bill or William Hancock, related to computers:
According to the LOC, Hancock, William Marvin was born in 1957. His picture seems to back that birth year up. However, this does not match his resume, which says he was a consultant to TI in 1970. Either the Bill Hancock who wrote the books listed in the LOC isn't the same person, or he lied about his birth date. Or of course, TI was hiring pubescent consultants in the early 70s to build their mainframes.
"author of .. over 3,000 articles" - Again, depending on the start of his writing, this number lies between "very questionable" and "ridiculous". Consider Hancock has a day job, designing networks, speaking, authoring books and more. If he wrote his first article in 1970 and the rest over a 30 year career, that is 1 article every 3.65 days. If he began writing in 1985, closer to when computer related articles were starting to pick up, that is 1 article every 1.82 days. To put this in context, we asked a few journalists how many articles they have written with no context or mention of Hancock's numbers. Remember, these are journalists that are paid full time to write articles:
Many claims of articles likely stem from his involvement in Computers and Security, a magazine he has written for. Over the years though, his claims of involvement ranged from "contributor" to "columnist" to "Editor in Chief".
While juggling a career as a security consultant, doing all of the other stuff he lists, he supposedly wrote as many articles as full time journalists? Doubtful.
"Designer and architect of the worlds first multiprotocol firewall facility - The use of "multiprotocol firewall" is curious, as the very first firewalls were "multiprotocol". Given the history, and accepting that first firewall was likely built at DEC in 1988, the distinction of "first multiprotocol firewall facility" would also be at DEC, while Hancock was an "independant consultant". Jump to 1990 on Hancock's resume, and it says "Architect and designer of FireWall/Plus, CyberwallPLUS, Access/Plus and the world.s first commercial Intrusion Detection Software". Odds are Hancock didn't fully understand the commonly accepted history of firewalls and developed "FireWall/Plus" a year after third generation "circuit level" firewalls.
"Designer and architect of the first firewall for the Windows-NT operating system - It is not easy to determine if FireWall/Plus was the first firewall for NT or not. However, the claims that it is the "only Multi-Protocol FireWall" are absurd, yet Network-1 made these claims for years.
"first expert system-based network intrusion detection system" - Based on Hancock's resume, he claims credit for the first Network Intrusion Detection System (NIDS) sometime between 1990 - 2000. However, the commonly accepted history of IDS systems puts the first one in use between 1986 and 1988, some two to four years before Hancock's claims based on his resume. Later in his resume, he claims it is the "world's first commercial Intrusion Detection Software (multiple award winning products for technical excellence)".
"first multiprotocol dial-up security system" - This term is nebulous at best, and without clarification cannot be verified or disputed. Given the prevalence of dial-up systems, for security or anything else, the odds of Hancock doing a 'first' is difficult to imagine.
"hundreds of hacker trackdowns and conviction credits" - They key word here is "conviction credit". The Attorney General (AG), Department of Justice (DOJ), Federal Bureau of Investigation (FBI) and other law enforcement agencies don't exactly have an "official credit" system for convictions. The prosecuting attorney, investigating body and maybe even the forensic analysts could claim credit for convictions. One thing they all have in common, is presence during the trial, specifically as someone on record (lawyer or witness). Attrition.org staff will offer US$250.00 to anyone who can prove our assertion wrong, by producing verifiable court records that show otherwise: Attrition.org does not believe Bill Hancock was involved in 25 "hacker trackdowns and convictions", let alone "hundreds".
"Popular and humorous speaker who has delivered keynote and technology strategic addresses at InterOP, COMDEX, Mactivity, Windows-NT World, CompSEC, IEC, TCA, DECUS, Share and many other major events" - InterOP is the successor to Comdex and started in 2003, and there are no obvious references to conferences with that name before 2000. Comdex doesn't appear to offer a concise list of speakers and the only obvious connection between Hancock and Comdex is his own resume. Mactivity was a real conference, and apparently folded into MacWorld Expo as the "Pro" track (an Errata reader writes to us: "I don't believe I saw Hancock there, but I did see him present at a MacWEEK MVB event before Macworld Expo around the same time period. He was very funny, and we still call him "the Etherhose guy".) "Windows-NT World" doesn't appear to be a real conferences based on several Google searches. Hancock was a speaker at Compsec 2000. The IEC runs (http://www.iec.org/events/ now 404), but there are no references to "bill hancock" on their site. TCA could be just about anything, as it is a very common acronym; Texas Counseling Association, Texas Classical Association, TCA - Train Collectors Association, Truckload Carriers Association, etc. He may have meant 'CompTIA' but still no definitive reference. Hancock spoke at (http://www.anonymous-insider.net/advocacy/research/1995/0302.html now 404) CUS '95 but according to the Wikipedia entry, "Members included companies and organisations who purchased DEC equipment". [Note: A third party has since verified that Hancock did speak frequently at DECUS events, "presenting between two and probably six sessions at each symposium. His topics ranged from VMS system management to networks. We consistently had to schedule Bill's sessions in large rooms to accommodate the usually large audiences. Admittedly, some of his sessions were somewhat content-light in that he would describe what he did, but not how he did it. Bill was a very good speaker, sprinkling his technical sessions with many amusing anecdotes which no doubt contributed to his popularity among the session attendees. As far as I know, he did not present any keynote sessions.] Finally, searching the Share Proceedings finds no reference to Hancock. As with many aspects of his resume, he appears to pad the truth (speaking at a couple low end conferences) and expand it to dozens of events.
"Heavily quoted technologist in the Wall Street Journal, Business Week, CIO Magazine, Barrons and other major publications on networking and security futures." - As someone who has been 'heavily quoted', I can say this means nothing. Journalists typically look for flavor quotes or sound bytes. One or two lines that just offer some hint of perspective on an issue. If you can form complete sentences and have an opinion, you stand a good chance of finding your way into such publications over time.
Hancock's education is primarily listed as coming from "Greenwich University", a controversial university that is considered to be a pay-for-diploma mill. Given both his Masters and Ph.D. come from this university, it is clear Hancock opted to take a shortcut on formal education.
"1990-Present Network-1 Security Solutions, Inc. (Nasdaq: NSSI) - Standards writer for ANSI, ISO and IEEE, IETF and other orgs. " - If Hancock participated in all of this, it stands to reason he would be mentioned in an RFC or two as well as the IEEE 802.x series journals. Yet, his name appears in a single RFC: 1882!The 12-Days of Technology Before Christmas. B. Hancock. December 1995. (Format: TXT=9130 bytes) (Status: INFORMATIONAL). Given that just about anyone can sit in on an IEEE meeting, Hancock likely did that and stretched the rest.
"1982-1990 Independent Consultant - Network and Security Consultant (International) - Designed and implemented over 4000 networks with many thousands of computers on them" - Simple math tells us that he could not have designed 4,000 networks unless he designed 1 network and had 4,000 customers implement the same one. Even if that were the case, he did not work with a customer for 4 hours and move to the next one, as that is all the time he could have spent if his number is accurate: 8 years @ 52 weeks = 416 weeks. 416 weeks @ 40 hours = 16,640 hours. 4,000 networks / 16,640 hours = 1 network designed every 4.16 hours. "Designed one of the world's largest networks (1.5m nodes, 58K routers) for realtime air-to-ground and ground-to-ground network access world-wide" - According to the Waite Group, there were approximately 300,000 Unix installations in existence worldwide. In Computer networks and Internets, Douglas Comer said that the Internet contained around 5000,000 nodes in 1990. It is difficult to imagine a network that was three times larger than the 1990 Internet, somewhere between 1982 and 1990.
Hancock's resume specifically says he is an author of "over 25 books", yet only lists 21 with 1 "coming soon". Of these books, only a handful can be referenced in any manner.
Hancock claims he was an "Advisor to U.S. Presidential Commission on National Network Facilities", yet the only Google hit for this is Hancock's resume/bio. It stands to reason there would b e at least one other reference to such a commission.