Скачать или смотреть 2007-04-11 CERIAS - Dumb Ideas in Computer Security

Recorded: 04/11/2007
CERIAS Security Seminar at Purdue University

Dumb Ideas in Computer Security

Dr. Charles P. Pfleeger, Pfleeger Consulting Group

Every profession goes through mistakes and unwise steps, especially in its early years. It is through trial and error that leaders and innovators of the profession are able to advance knowledge. Computer security is no exception. Both insiders' and outsiders' choices have held back and even harmed the state of computing. Of course, hindsight is usually more accurate than foresight.This talk picks a handful of ideas that in retrospect have turned out dumb, ideas such as compound complexity, single-state hardware, downloaded code, and incomplete mediation. For each idea we will see from where the idea came, why it is unwise, and why we should have known better. From these examples, we will see how better choices can be made in the future.

Dr Charles P Pfleeger is a consultant, speaker, educator and author on computer and information system security. He has over thirty years experience in computing. A former professor of computer science at the University of Tennessee, he has done consulting and research work in the U.S. and abroad. He is now an independent consultant with the Pfleeger Consulting Group. His book, Security in Computing 4th edition, co-authored with Shari Lawrence Pfleeger, was just published by Prentice-Hall. (Visit: www.cerias.purude.edu)