September 13th, 2005, 11:16 PM
Alan Cox On The Future Of Comp. Security
Saw this on slashdot and thought it would be of interest here.
The Next 50 Years of Computer Security: An Interview with Alan Cox
by Edd Dumbill
Author's note: Alan Cox needs little introduction--most will know him for his long-standing work on the Linux kernel (not to mention his appreciation and promulgation of the Welsh language among hackers). Cox is one of the keynote speakers at EuroOSCON this October, where he will talk about computer security.
According to Alan Cox, we're just at the beginning of a long journey into getting security right. Eager for directions and a glimpse of the future, O'Reilly Network interviewed him about his upcoming keynote.
September 14th, 2005, 03:15 AM
Interesting interview, but I'd like to hear more on this subject. He makes some good points...but a lot of people are doing that these days (see recent thread: 6 dumb ideas in computer security).
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
September 14th, 2005, 04:14 AM
He is light on details, but it is in advance of a talk he is going to give so that is not a surprise. Maybe a transcript will be released afterwards.
I also posted the other article you mention. I liked them both precisely because of their simplicity. For a noob still working on getting a handle the endless technical details, a broader perspective is welcome.
September 14th, 2005, 12:56 PM
-Tom Perrine http://www.usenix.org/publications/l...fs/perrine.pdf
It may be that UNIX came along and swept up a new generation, and the “old skool” operating systems and their “old guard” were not able to pass along the accumulated knowledge. It may be that so many of the older papers and research and real-world experience are not available online and, hence, not findable with a quick Google search. Or it may be that the computer science and engineering curricula aren’t covering the history of computing at all, let alone the history of secure computing.Whatever the reasons, we’re losing a lot of time and energy rediscovering technology and re-visiting the same failed solutions over and over again.
Maybe Alan should get himself an ACM account and do some reading.
September 14th, 2005, 02:13 PM
Note; its also funny to think of how security will evolve in the Encryption sector when the NSA positivly hates further advances in the Encryption field.
With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!
Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.
September 14th, 2005, 06:38 PM
we are fortunate that most attackers want to control and use systems they attack rather than destroy them.
Java for example has done a lot to make memory allocation bugs and many kinds of locking errors very hard to make.
"the screen saver won't install." (umm.. i don't want that to happen) i want my freedom as a user
and lot of other
but i ran out of time in the net cafe...
so will just press the submit botton :P