Dumb Ideas in Computer Security
Dr. Charles P. Pfleeger - Pfleeger Consulting Group
Apr 11, 2007PDF (325KB) Size: 220.2MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractEvery profession goes through mistakes and unwise steps, especially in its early years. It is through trial and error that leaders and innovators of the profession are able to advance knowledge. Computer security is no exception. Both insiders' and outsiders' choices have held back and even harmed the state of computing. Of course, hindsight is usually more accurate than foresight.
This talk picks a handful of ideas that in retrospect have turned out dumb, ideas such as compound complexity, single-state hardware, downloaded code, and incomplete mediation. For each idea we will see from where the idea came, why it is unwise, and why we should have known better. From these examples, we will see how better choices can be made in the future.
About the SpeakerDr Charles P Pfleeger is a consultant, speaker, educator and author on computer and information system security. He has over thirty years experience in computing. A former professor of computer science at the University of Tennessee, he has done consulting and research work in the U.S. and abroad. He is now an independent consultant with the Pfleeger Consulting Group. His book, Security in Computing 4th edition, co-authored with Shari Lawrence Pfleeger, was just published by Prentice-Hall.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.