Security Seminar
Computer security: I think we can win!
By a number of important measures, the Internet is working spectacularly well. A large part of the world's economy uses it to great advantage. But there is crime and espionage as well, and the attackers are highly capable, motivated, and spectacularly successful.
Meanwhile, experienced security people despair. The same bugs seem to persist, the lessons of the past ignored or forgotten. This has been going on for decades.
But I am an optimist. Despite the steady drumbeat of repeated problems, we are still very early in the game, making widespread rookie mistakes. In many cases, we are Not Even Trying. Despite the incredible progress of Moore's Law, our software isn't much better than thirty years ago.
This is going to get better over the coming decades. We have tools and techniques we haven't explored or deployed very far. We can get the upper hand—yes, it is possible to write a secure program. They are our computers, on our networks, running software we choose: we have the home-field advantage. We ought to be able to win.
Ches is known for his early work in Internet security, including firewalls, proxies, and as co-author on the first full book on Firewalls. He is also noted for his work in visualizations, especially Internet maps, which have appeared widely. Ches has worked at Bell Labs and AT&T Shannon Lab, and was a cofounder of Lumeta Corp.
He continues to invent, collaborate, write apps, consult, and give talks worldwide. He is a visiting scholar at University of Pennsylvania.