October 4th, 2005 06:44 AM
Originally posted here by catch
English is organic... stop being elitist and deal with it.
There have been many geniuses in the field of information security... yet sadly they and their works are largely overlooked, because... like all geniuses they are too far beyond the general public (in this case the general community security community) to be appreciated much beyond their immediate peer group.
James Anderson (doesn't even have a wikipedia entry)
This guy was light years ahead of everyone, back in the early 70's he wrote a series of papers titled "Computer Security Technology Planning Study" that outlined the first concepts of a security kernel including formal methods to mathematically prove this kernel operated correctly, automated host based intrusion detection systems, buffer overflow attacks, and modifications required to create "safe" programming languages.
In 1980 he published another paper that addressed a structured approach to compromising computer systems (internally and externally)... with the intent of improving audit trails titled "Computer Security Threat Monitoring and Surveillance" that addresses quantifying normal use and the concept of secure subsystems.
David Bell (also lacks a wikipedia entry)
Along with Len LaPadula developed the first usable formal state transition model to deal with computer security back in the mid-70s.
Richard Bisbey (Oh my... also lacks a Wikipedia entry, guess I have my weekend cut out for me)
Along Dennis Hollingsworth developed what was essentially the first Capabilities Maturity Model back in 1978 (about 15 years before Carnegie Mellon came up with the CMMs) though it was specifically for operating system security.
Jonathan Millen (wikipedia has never seemed so useless to me)
Did a lot of work with Mathlab back in the early 70s and then was a pioneer in formal analysis of covert channels as well as trusted system evaluations.
I think any of these people compare quite favorably against someone who has done little more than maintain the Jargon File. (which he modies at will to support his political stance apparently)
Maybe I should write a tutorial... cause seriously, the list of unappreciated "hackers" goes on and on.
Did you buy the ACM portal library, if so is it worth it? It's not letting me see a pdf.
Ware, W. H., ed., Security Controls for Computer Systems:
Report of Defense Science Board Task Force on Computer
Security, AD # A076617/0, Rand Corporation, Santa
Monica, Calif., February 1970, reissued October 1979.
**edit: found a free one http://www.rand.org/publications/R/R609.1/R609.1.html
October 4th, 2005 07:46 AM
Yeah... I've got a lifetime membership... if you ever want docs from there just let me know.
October 4th, 2005 01:13 PM
NOTE: The following post is my $0.02
I think that perhaps some people have misinterpreted the parent of this thread when he spoke of hackers. While his english isn't 100%, its good enough to see that he's at least somewhat interested in programming. Yes, it also sounds like he's looking for a sweet paycheque, but at 18 a lot of people dream of being big-shots with lots of money.
My advice to you is this: Try doing some programming if you haven't already. I spent a year of college doing it, and discovered that while I respect those who can pull this stuff off, it's just not my cup of tea. Don't get too hung up on money, it really isn't everything.
\"The future stretches out before us, uncharted. Find the open road and look back with a sense of wonder. How pregnant this moment in time. How mysterious the path ahead. Now, step forward.\"
Phillip Toshio Sudo, Zen Computer
Have faith, but lock your door.
November 6th, 2005 02:27 AM
Well it took me about 12 years, but I think I am getting pretty close.
I reckon my PC is quite secure too. Just need a few more tools and
it will be cool.