Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Science

Spafford On Infrastructure Risks 85

nealmcb writes "In a major report from the AAAS, Eugene Spafford, director of CERIAS, summarizes the many risks to our information infrastructure (viruses, bugs, single points of failure, etc.), their causes (explosive growth, primacy of time-to-market over quality, lack of support for basic information security research, etc.), and the negative effects of the DMCA, CBDTPA, and other corporate maneuvers."
This discussion has been archived. No new comments can be posted.

Spafford On Infrastructure Risks

Comments Filter:
  • My Favorite... (Score:2, Interesting)

    by Speedy8 ( 594486 )
    My favorite are all of the P2P programs that people run that can be auto updated. Imagine the havoc that can be created with control of 1,000,000 computers with fast internet connections.
  • Diversity (Score:3, Funny)

    by Anonymous Coward on Friday July 26, 2002 @06:16PM (#3962094)
    How am I supposed to download my Windows ME patch if as soon as I connect with a fresh install I get infected? Microsoft should include a rescue CD that runs Linux.
    • Actually there are people doing this.
      I read about it a couple of years ago.
      It was a university that provided a rescue
      diskette that booted Linux. The Linux installation
      then automagically made downloaded and installed
      windows on the hard drive.

      Sorry I can't remember what university it was
      but I think it was somewhere in South America.
  • by captain_craptacular ( 580116 ) on Friday July 26, 2002 @06:17PM (#3962099)
    A report from the AASWEDW discussing IISDCED and UPDESCTG interrelation issues with OPWSEDSC and NMEDSE, along with EWSDICE or WEDGCDSE legislation. Film at 11.
  • This comment made me think twice about how important they think security is: "After all, disruption of eBay, Amazon, Google, or online chat groups does not seem like much of a menace." -- Eugene H. Spaffor A major security breach at eBay or Amazon will surely result in millions of dollars of lost transactions and loss of investor confidence. How is that not a menace? One can argue that the US economy is more important than security because it has an global effect. And without google, most websites won't even need security. We just slashdot them until they are unavailable. :)
    • by Anonymous Coward
      Problems with Amazon or eBay are not likely to bring people to question their faith in the US economy. Now, if one problem affected all of them more or less equally, then that would be one sector of the economy, and people would question that sector, but not the whole economy. Notice it has taken more than a few corporate bad apples and misdeeds being smoked out to bring the market into a complete funk, not one or two.
    • Spaff is pretty well known in the Internet, but I am affraid I can't think of a major contribution to computer security from him since tripwire.

      Incidentally, it is somewhat disappointing that he puts out the comparisons of Windows vs Unix viruses as 'proof' that UNIX is more secure without addressing the specific features of UNIX that would make it so. It is one thing for a slashdotter to assert 'unix is more secure than windows', a university professor specialising in computer security should be able to do more than recite opinions, he should be able to explain why and how one system is more secure than another. The systemic lack of security argument does not work by the way since UNIX is the only mainstream operating system that did not originally have a security model. All the security features in modern UNIX are retrofitted - in some cases (shaddow passwords) in the face of opposition from UNIX purists.

      The principal reason why Macs, Ataris and MSDOS machines all had chronic virus problems is that they have no account based security controls. A rogue program can corrupt any system file it likes. A secondary reason is that in their original incarnation every one of the machines has supported the clueless operating mode of try to boot from removable media. The only difference since then is that the Internet has proven a far more effective vector for malicious programs than floppy disks and the clueless enabling vector has been run from email.

      He conveniently ignores fact that there are Virus building toolkits written for Windows and the vast majority of the 'dozens of new viruses a week' are no more than minor variations on the same basic cores. Nor does he tie this back to his initial theme of an O/S monoculture which is somewhat odd because the main reason why there are epidemics of Windows viruses is simply the fact that the population of Windows machines is large enough to support epidemics. For a virus to become an epidemic all that is required is for each infected host to pass on the infection to an average of more than one new host. There are two reasons an infected Linux box is less likely to do this, first 90% of the hosts an infected linux box attempts to infect are likely to be Windows boxes imune from a linux virus. Second the remaining 10% of linux boxes are likely to be considerably more heterogeneous that the average windows machine. There are likely to be a large number of different builds and even different processors, all in all a much harder target to infect.

      The heterogeneous platform argument is unfortunately one of those arguments that works fine on the individual level and fails entirely at the public policy level. The problem being that it may be logical for me to use an obscure operating system to reduce the risk of virus (or other attack) but if everyone chooses the same O/S the obscurity advantage is lost. Incidentally Linux is far too mainstream for the obscurity argument to apply, if you want to be obscure you would have to use something like the Genera (Lisp machine) system we got the Clinton administration to use to do their press release publications onto the Internet from. (The machine was not choosen for security through obscurity, however we did remark afterwards that if the machine was ever compromised we could probably write the list of suspects with the expertise to crack it for the Secret Service)

  • by BoVLB ( 552171 ) on Friday July 26, 2002 @06:24PM (#3962123) Journal

    On page 2 he says:

    Currently we are seeing new computer viruses and worms, targetted at [Windows], reported approximately once every 75-90 minutes on average.

    which implies over a hundred per week, but on page 9 he says:

    [T]he Microsoft family of software has tens of thousands of known viruses, and new ones are being reported at the rate of dozens per week.

    which sounds somewhat lower. Which is it?

    Either way, it's a pretty horrific number.

  • by Beryllium Sphere(tm) ( 193358 ) on Friday July 26, 2002 @06:29PM (#3962142) Journal
    One problem is not so much lack of basic research as it is lack of a "literature" to search. It's routine for someone to present some time-consuming research at a security conference only to have the Q&A consist of "did you know that's been done already?"

    Also, we don't know how much research is being done behind closed doors. The NSA has a lot of bright people and is big enough to do basic research *if* they choose. Their mission does include infrastructure protection.

    Spafford's comments about the pressure of time to market were on target. Bruce Schneier spoke at Microsoft once. An employee asked him what MS could do to make secure products. Schneier's response was, simply, that Microsoft shouldn't -- that security is expensive, slows development, and won't result in more sales. That last may have changed by now.

    For perspective, some of the government's cyberwarfare investigators have said that any hostile power's virus attack would get lost in the noise of daily blue screens, system "upgrades" and random viruses. On the offensive side, they recommend that if you want to stop a computer from working you should use an OS-independent attack from an F-18. Such an attack can't be fixed by downloading a patch.
    • it Has not changed as far as MS's concern about writing secure code..

      MR Blox(MS Employee) in his comments recently about whether the new C++ library to prevent buffer overflows should be required to be used by MS programmers listed as optional!

      But here is the kicker we poor open source coders seem to be able to write code without buffer overflows..maybe MS programmers are just plain fucking stupid!
      • But here is the kicker: we poor open source coders seem to be able to write code without buffer overflows

        Two words: sendmail

        • Well, that's only one word :)

          But, yes, there's nothing about OSS that prevents buffer overflows. It just has a greater change of being caught and fixed IMO than CSS. Not that the buffer overflows will be caught immediately. Sendmail's problems went for years without being noticed. But many of them are now fixed.

          You are absolutely right though -- OSS is not immune to things like security holes, viruses, worms, or othre bugs. It stands a slightly better chance, and I use it all the time, but people who think it's the holy grail are just deluding themselves.
  • by bons ( 119581 ) on Friday July 26, 2002 @06:37PM (#3962174) Homepage Journal
    If anyone wants a clear understand of the disconnection between academia and the real world, feel free to download this pdf and stare in horror at Chapter 1. I don't think I can make it to chapter 2 at this point.

    So far I've read a poem that, while interesting, a quick search on google shows that the person who presented it is also the translator [ucsc.edu]. Right. Can someone please find the original so we can verify this for ourselves? Thank you.

    I've seen police, fire fighters, and medical personnel compared with researchers in the social science and humanities. I've seen proposals for information to be on a "need to know" basis, with the only people who "need to know" being the government and (of course) researchers. I love it when someone welcomes a loss of freedom provided it doesn't include them.

    If you want some good music to listen to this to, I reccomend Love Me, I'm a Liberal by Phil Ochs [pdx.edu] unless you're too young, in which case you might as well listen to the Jello Biafra version [geocities.com]

    • by chefmonkey ( 140671 ) on Friday July 26, 2002 @06:46PM (#3962212)
      For those of you that find PDF a Pain In The Ass, you can grab an HTML version of this chapter from here [ucsc.edu].
    • Can someone please find the original so we can verify this for ourselves?

      Yep, it's a load of horsehockey.

      The passage he's trying to cite, I beleive, is from an essay Louis Aragon wrote in La Révolution surréaliste, n 4 (published in 1925):

      "Que les trafiquants de drogue se jettent sur nos pays terrifiés. Que l'Amérique au loin croule de ses buildings blancs."

      I'd translate this more as "That the drug traffickers throw themselves on our terrified countries. That far away, America's white buildings collapse."

      I wouldn't even interpret the first sentence as relating to America, since Aragon clearly considered America to be quite distant from himself and, consequently, any countries he would feel compelled to call "our."

      Using such a questionable quote without checking sources was extremely irresponsible on the part of Dr. Greenwood. On the other hand, Wlad Godzich should be summarily dismissed from his position at UC Santa Cruz for such academic dishonesty as daring to translate the same phrase as "The time will come, America,/When the hordes of Afghanistan/Will crash your gleaming airplanes/Into the shiny towers of Manhattan."

  • all that information about the infrastructure weaknesses - I guess he did not get the memo [slashdot.org] about hush on the disclosure of information. After all, if noone knows or talks about the problem, then it goes away, right? ---
  • by CajunArson ( 465943 ) on Friday July 26, 2002 @06:49PM (#3962223) Journal
    OK, as a recent Purdue Grad (Spafford heads CERIAS at Purdue) and as someone who is going into security research for a Masters degree.... I'm going to shoot my mouth off!!

    Spafford's article is somewhat of a hit & miss. I'm going to paraphrase a few sections that IMHO are good, and some that are not so good.

    The Good:
    -- UCITA: ~"This legislation will ban research into security issues with software products and even outlaw criticism of software design"~ I could'nt agree more, what kind of an idiotic company could possibly object to FREE DEBUGGING being done by University researchers, that could lead to drastically better software, instead of skipping beta, if I were a commercial developer I'd GIVE IT TO THE UNIVERSITY FIRST!! (As a rabid old-school capitalist I actually think the road to more $$$ is to put out a good product, unfortunately a bunch of short sighted schmucks thought they could cheat the system.... and look at their stocks...)

    -- The lack of research in security: yeah, Purdue churned out over 125 Seniors in Computer Engineering, and I'm the only one that I know who is doing grad work (or has a job) in security proper, and I'm only getting a Master's, so I won't help his PhD count, (not that a Master's isn't helpful, he wants to have people to take over for him when he retires).

    -- The lack of qualified people in Law Enforcement: Another *excellent* point, if we just had a competent core of cyber-crime investigators, a whole bunch of this BS about Carnivore wouldn't even be neccessary since they could do the proper investigatory work to get probable cause for warrants and nail the criminals while not violating the Constitution...
    (sometimes I think I'm the only one who wants to punish the criminals while simultaneously not punish the normal people...) The laws do need updates in some ways (NOT the DMCA), but warrants
    to look through e-mails and electronic corespondance should have clearly defined levels of evidence neccessary (just like today there are
    pretty well defined levels for searching your house).

    -- ~"That common system that runs commerce, defense, and much of the scientific establishment. It is under a constant barrage of viruses, worms, and hacker (he said hacker, not cracker BTW) attacks, this system which you use to browse the internet is also going to run an Aircraft carrier next year. What would we say if the US Airforce bought crop dusters since they are cheaper than F-16's?"~

    Another excellent point, but I don't see what he has against Linux since I use it every day!! :) OK, we all know he's attacking Windows, and he has an excellent point.... The aircraft carrier (My guess is it's the Truman or more likely the Reagan) has all kinds of reinforced bulkheads and compartments so that even if one part of the ship gets hit, the rest can keep on fighting! (here comes the analogy) So why the hell would you have one, integrated, incredibly vulnerable system running everything from a powerpoint presentation in the briefing rooms, to
    controlling the airplane elevators and ordance tracking system?? It's dangerous and completely uneccessary, I wouldn't even put Linux in charge of most of the sensitive systems, they have enough money to build custom systems (note that custom systems can still be modular and communicate with each other, they are just built to better tolerances in a restricted environment of a ship) You can run some isolated Windows boxes to do some word processing or Powerpoint slides, just don't give the ship a bluescreen!

    OK, now time for a few gripes (don't worry this list is shorter)

    -- ~"The traffic on the internet doubles every
    90 to 120 days" It looks like Spaff fell for the
    old WorldCom line too... :) He does use some hyperbole in this piece (if the worst case of everything he talks about actually happened the internet would already be fried, but he is trying to present his position trenchantly).

    -- ~"Only 12% of people in security research are women and minorities"~ OK, I could care less really, I DO discriminate... I only think the best & brightest should be doing this sort of thing, I don't care if you are a Purple-with-green-Polka dotted Female, just as long as you are the best, and I also don't care if you fill every quato imaginable, if you can't hack it, leave. He does raise a good point that too many of the security researchers aren't even from this country, but I think this means we should get more of America's best interested in security, and let the foreign exchange students learn too.

    OK, that's it, this is a topic near & dear to my heart so I just had to spout off, go ahead & flame away! :)
  • by Enigma2175 ( 179646 ) on Friday July 26, 2002 @06:54PM (#3962233) Homepage Journal
    From the article:
    The amount of traffic we see on the backbones of the networks has been doubling approximately every 90 to 120 days.

    I thought that myth had been debunked [slashdot.org]. It now has passed into the realm of the 'factoid'.

    • I thought that myth had been debunked. It now has passed into the realm of the 'factoid'.

      Spaff published the piece a week before it was debunked. The file is dated Jul 19, the article you cite follows from an Economist article dated Jul 26.

      Now looks like what we had was:
      2 years of tenfold growth
      3 years of twofold growth.
      (dotcom bubble pop)
      2 more years where numbers aren't in (though DSL connects were about doubling per year).

      Substituting "doubles every year" in Spaff's article makes it a bit less gee-whiz, but no less valid.
  • There is something fundamentally wrong with the way we create software. The solution requires a fundamental change in the way we program our computers. Software suffers from a seminal problem. The primary reason that software is so unreliable and so hard to produce has to do with a custom that is as old as the computer: the practice of using the algorithm as the basis of software construction. Moving to a pure signal-based software model will result in at least an order of magnitude improvement in both reliability and productivity.

    There is something rotten at the heart of software engineering. We are using a software technology that was introduced one hundred and sixty years ago by Lady Ada Lovelace and Charles Babbage. This was at a time when the best performance they could hope for that speed demon of theirs--the analytical engine, too bad they never got it to work--was maybe fifty cycles per second at the most. Times have changed somewhat since then. More details can be found at the links below:

    Project COSA [gte.net]
    • I remember your (identical) posting on July 22nd, which you claim on your web site drove 1400 hits worth of traffic to your site.

      Other than writing a thesis, and driving traffic to your web site, what have you done?

      You appear to be attempting to start an Open Source project to address the problem using your approach arrived at from your thesis materials, without a proof-of-concept.

      With respect, if your methods worked, they should be able to work manually, without having to build up a huge supprt infrastructure.

      In other words, you should be able to apply them to a demonstration problem, and have the results speak for themselves.

      You should also be aware that *declaring* an Open Source project is not the same thing as *causing* one to come into being. Merely declaring something will not cause thousands of elves to come out of the woods and solve your problems for you, Seymore Cray's claims to the contrary.

      If you want to convince people, *do something*, don't just *talk about doing something*.

      -- Terry
      • If you want to convince people, *do something*, don't just *talk about doing something*.

        I have done a lot more than you think. These ideas did not materialize into thin air from nowhere while sitting on my ass. They've been a long time coming. You may not realize it but that is the brunt of the work. The rest is just engineering.

        I am working on a two-sided project, AI (Animal) and software reliability (COSA). I have done a tremendous amount of research in AI (see the links below) and written C++ code for a chess learning spiking neural network which can be downloaded from the site. Check it out. I am currently writing code for the COSA execution kernel.

        I think this work is too important to allow business interests to control it. I have decided to open-source all the code and research as soon as I can attract one or more sponsors.

        Temporal Intelligence [gte.net]

        Animal [gte.net]
        • I think you have misunderstood me.

          Yes, it's a lot of work to do the design engineering necessary for any project, including an Open Source Software project. And the design engineering is the most important part of a project -- I generally spend no less than 60% of my time on any project doing design work, and it's usually a much greater percentage than that.

          But if you want volunteers to do your coding for you, you have to be able to motivate them, and you're not handling this aspect of your project properly.

          The only thing that will motivate people to donate code to your project is if the project infrastructure already exists, and if at least a minimal set of working code exists.

          In your thesis, you describe purpose-specific objects with which other objects communicate. But you don't put up source code for the communications infrastructure that must underpin these objects, and you don't put up source code for the common function example objects themselves.

          Frankly, without example code, all it will ever be is a thesis, unless you end up finding funding and paying people to work on it, because as it stands, there is no reward equation for Open Source Software volunteers to work on an initial implementation; Open Source is really lousy at creating initial implementations.

          -- Terry
  • by Jonny Ringo ( 444580 ) on Friday July 26, 2002 @07:27PM (#3962345)
    This whole report regarding "stuff rushed to market over quality" reminds of buying fire works at an indain reservation. The guy I went up to was missing 2 fingers. Like I'm going to buy some m-80's from a guy who lost 2 fingers.

    So, I wish I could see the state of the computer of the guy who's trying to sell me a computer.
  • by Tadghe ( 18215 ) on Friday July 26, 2002 @07:46PM (#3962402) Homepage
    I'm sorry, but how can I take a "study" seriously when there not even citations of sources.

    Spafford is the master at soundbytes, but I'm still not convienced he knows what he's talking about.

    We could talk about the scare tactic scenario (page 4) he presents about 50% of the phones going down along with the internet (ok, anyone with half a cluepon, tell me how "the internet" can go down...portions of it yet (we saw it effectively "down" on 911) but it's pretty well impossible to take down the public 'net unless you nuked the entire planet. Ditto for the phone systems (even the legandary Blotto Box (assuming it would work) could only take down a NPA.)) but suspending reality for a moment and living in the the Spaff's world....

    His basic math does not add up (another poster has already pointed this out already) and does not agree with the data avaliable (talking about his virii numbers). even the virii whores at Mcafee don't claim there are new worms/virii ever 75-90 mins (page 4.2)

    Consider such statments he makes, such as...

    "[...] on average over 1 million each year from computer misuses and computer crime [lost each year]. Worldwide, as much as 1 trillion may be lost in downtime and damages each year. Not only is poor security costing us real money, it is also harming our national competiveness."

    The FBI study is not cited only mentioned. The numbers he mentions are not backed up with facts, neither are there facts to back up the "national competiveness" loss he cites (surely it's not because our economy is in the tanker no?).

    He goes on to say that only "100 (maybe 60)". people in higher Ed have training in Security (as he defines it I might add). But again, no facts to back that up, only conjecture.

    I loved the paragraph.
    "As best I as I can tell, the total amount of money available this most recent fiscal year for *basic* research in information security was about $2 million (through the National Science Foundation); a great dealof the money is being spent on acquisition and development of technology for security, but rather that is money spent on extentions of known methods rather than basic reasearch"

    Ok, from a basic logical thinking point of view...either the 2 mill was avaliable for basic research or not (he says both, he says at the begining it is, but then says that most of the money was spent on "extentions of known methods")

    after this he goes on to say that comp sci as a discpline was created at Purdue (where he works).

    Finally for some WorldCom quotes...
    "The amount of traffic that we see on the backbones of the networks has been doubling ever 90 to 120 days" That's pretty much a direct quote from some of the FUD that the WorldCom guys were pitching back in 99-2000.

    He goes on to bitch about people intering the Comp Sec field without a degree and tries to pitch those folks as having no real level of depth or expertise. I can only point out that the great and powerful Spaff has been personally hacked by those selfsame people....

    My point being in this that you gentle reader, need to take Spafford with a very large grain. Always ask for the proof.

    If you wish to learn more about spafford simply browse some of his old Usenet posts.
    in particular you may find such threads as "CERT as told by Spafford" entertaining. Spafford used to be one of the honchos that kept general security info from the hands of the unwashed masses....

    You can also read his "the sky is falling" report to the Whitehouse a few years ago, again it makes interesting reading.

    Mark this as a troll if you must, but don't accept every blind statment by somone with a PHD as gospel.

    • I have to agree that a bit (a lot?) of what Spafford wrote was a bit over the top. My favorite could have been written by somebody on /.

      "The next generation of Navy aircraft carriers is going to have all weapons systems, propulsion, and command and control run by the very same system that you use at home to browse the Internet and play computer games. This is the same one that keeps coming up with "blue screens of death," which take on new, grim meaning in a military environment."

      If Spafford had been a bit more toned down, he could have still made the same points without introducing vulnerabilies in his arguments that would make one cringe. OTOH, his points should be contemplated and analyzed. Computer/network security is pathetic if one considers the worse case scenario. A design error that is inherent in a commonly used protocol used by network routers could potentiall create havoc. Hmmm, didn't we come close to this one?
      • I have to agree that a bit (a lot?) of what Spafford wrote was a bit over the top. My favorite could have been written by somebody on /.


        "The next generation of Navy aircraft carriers is going to have all weapons systems, propulsion, and command and control run by the very same system that you use at home to browse the Internet and play computer games. This is the same one that keeps coming up with "blue screens of death," which take on new, grim meaning in a military environment."

        If Spafford had been a bit more toned down, he could have still made the same points without introducing vulnerabilies in his arguments that would make one cringe
        Well, he isn't really over the top, the difference between say Windows XP and Windows NT/2000 is minor. Perhaps you should read about the USS Yorktown.
        RISKS [ncl.ac.uk] digest 19.88 (1998): USS Yorktown dead in water after divide by zero [ncl.ac.uk].

  • Are always better than hand ringing and chicken littling. This article would be improved manyfold if the tone were more scientific and less OH MY GOD.

    If you ask most fuds they will tell you that only another fud knows anything useful:

    "We have a number of policy decisions that are being made by low level technical people"

    I think that the whole point of this diatribe is to get more money for his research program. It would help if he cited his sources and gave examples.

    Of course, it has already been pointed out that the doubling of internet traffic every 100 days was debunked just days ago. Errors like quoting bogus statistics just servers to further discredit this piece.

  • The wrong approach. (Score:3, Informative)

    by Restil ( 31903 ) on Friday July 26, 2002 @07:55PM (#3962426) Homepage
    Constantly, the money that companies are forced to spend on recovering from various infrastructure attacks are should not always be referred to as "losses". Certainly, if someone broke into your building and stole something, that is a loss. But if your entire corporate network is down for two days while your IT department is working overtime and the rest of the company is not, while getting paid, this is not a loss. This is an operating expense. This is part of the expected cost of using software that has well known vulnerabilities. This is part of that "total cost of ownership" that Microsoft is only so proud to bring up when discussing their software prices when compared with those of competitors.

    So for now on, don't suggest that companies LOSE this money whenever they're attacked. This is just part of the total cost of ownership when you run insecure software, and when you hire substandard IT personel, and when you don't have reasonable company policies regarding non-business related applictions.

    Companies can take the cheap way out. They can put Windows boxes in front of every employee of the company, content that everyone can quickly figure out what to do with minimal expense. Hire some just out of college whackjobs with no useful experience to run the network. They're cheap afterall. Nobody to train, nobody to waste money on. No need to spend money on security audits. That's just wasted money. Of course, you'll "lose" all of it the first time someone hits you, but that's the way you've decided to budget your technical department. You get what you pay for.

    -Restil
  • "...the many risks to our information infrastructure (viruses, bugs, single points of failure, etc.)"

    And these risks to the Internet have been around for HOW long now? About 30 years, from the very moment of its creation? And has it ever gone completely down the tube?

    Didn't think so.

  • I think this guy puts too much blame on the vendors. Vendors supply what people want, and people, in general, want bad software fast rather than good software a little slower. I don't buy into that, I get software based primarily on it's technical merit (which includes security, of course).

    Sometimes vendors imply that "everyone writes crappy software". I think that's bad because the consumers might not understand the idea of an application or OS that works consistantly.

    However, I don't see any clear way around that kind of marketing. And I certainly don't see any productive (as opposed to counterproductive) way of *forcing* people to write good software without public demand. After all, liability would decrease the number of free software developers. Not only that, what about software developed outside the US? Import laws? That just sounds like a bad idea.

    Jeff
  • Gene Spafford was instrumental in blocking the installation of Carnivore onto Purdue University's network. Many other schools folded, but he was adament about users rights.

  • This interview with Gene Spafford [pkiforum.com] was recommended by Bruce Schneier [counterpane.com] in his Crypto-Gram [counterpane.com] newsletter some months back.

    Bruce says:

    Long and interesting interview with Gene Spafford, about the infosec threat landscape; privacy; the challenges of digital certificates, CRLs, public key infrastructure standards and interoperability; key escrow, backup and recovery; identity fraud; trust on the Internet; and the problems of security education today. Sample quote: "Security doesn't work as an add-on. It really needs to be built-in from the beginning."

    I skipped over the intro page [pkiforum.com] but if you really want to see it it's here [pkiforum.com].

  • Meetup in Toronto was fun last night.

  • Phew!!! It's Spafford!!!

    I thought for a moment it was SpaMfford Wallace...

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (1) Gee, I wish we hadn't backed down on 'noalias'.

Working...