Why is IT in so much pain? Parallels of modern server security to 1700 maritime navigation.

Feb 07, 2001

Abstract

At the turn of the 18th century, maritime navigation was in a dismal state. Numerous ways of determining latitude were known, but none for determining longitude. So, ships at sea could find their north/south position with relative ease. However, in order to ascertain their longitude, they resorted to throwing logs over the stern of the ship, observed how fast they receded, and then plotted their estimated progress on a map. So inaccurate was this method that whenever a ship lost sight of land, it was essentially lost. Thousands of lost lives, and incalculable amounts of cargo lost to the deep is a testament of how 18th century maritime navigation was almost as much art as skill.

Defenders of IT infrastructure often find themselves in a similar state. The dismal reality of modern server security is that whenever the underlying integrity of a mission-critical server is in question ("have we been hacked?"), more often than not, the server must be rebuilt from scratch. Why?

This talk will focus on why IT is in so much pain, and speculates on what missing technologies can make IT less miserable. Other topics presented include how IT suppliers must take on a larger burden of responsibility for creating safe software -- including OS vendors, application vendors, as well as compiler and installer vendors. And, a model of IT capabilities in the context of Maslow's Hierarchy of Needs will also be presented -- i.e., are we worrying about mortgate payments when we don't have air?