Until recently, security was a backwater in the world of computing.
Many people cite Albert Einstein’s aphorism “Everything should be made as simple as possible, but no simpler.” Only a handful, however, have had the opportunity to discuss the concept with the physicist over breakfast.
One of those is Peter G. Neumann, now an 80-year-old computer scientist at SRI International, a pioneering engineering research laboratory here.
As an applied-mathematics student at Harvard, Dr. Neumann had a two-hour breakfast with Einstein on Nov. 8, 1952. What the young math student took away was a deeply held philosophy of design that has remained with him for six decades and has been his governing principle of computing and computer security.
For many of those years, Dr. Neumann (pronounced NOY-man) has remained a voice in the wilderness, tirelessly pointing out that the computer industry has a penchant for repeating the mistakes of the past. He has long been one of the nation’s leading specialists in computer security, and early on he predicted that the security flaws that have accompanied the pell-mell explosion of the computer and Internet industries would have disastrous consequences.
“His biggest contribution is to stress the ‘systems’ nature of the security and reliability problems,” said Steven M. Bellovin, chief technology officer of the Federal Trade Commission. “That is, trouble occurs not because of one failure, but because of the way many different pieces interact.”
Dr. Bellovin said that it was Dr. Neumann who originally gave him the insight that “complex systems break in complex ways” — that the increasing complexity of modern hardware and software has made it virtually impossible to identify the flaws and vulnerabilities in computer systems and ensure that they are secure and trustworthy.
The consequence has come to pass in the form of an epidemic of computer malware and rising concerns about cyberwarfare as a threat to global security, voiced alarmingly this month by the defense secretary, Leon E. Panetta, who warned of a possible “cyber-Pearl Harbor” attack on the United States.
It is remarkable, then, that years after most of his contemporaries have retired, Dr. Neumann is still at it and has seized the opportunity to start over and redesign computers and software from a “clean slate.”
He is leading a team of researchers in an effort to completely rethink how to make computers and networks secure, in a five-year project financed by the Pentagon’s Defense Advanced Research Projects Agency, or Darpa, with Robert N. Watson, a computer security researcher at Cambridge University’s Computer Laboratory.
“I’ve been tilting at the same windmills for basically 40 years,” said Dr. Neumann recently during a lunchtime interview at a Chinese restaurant near his art-filled home in Palo Alto, Calif. “And I get the impression that most of the folks who are responsible don’t want to hear about complexity. They are interested in quick and dirty solutions.”
This might be of interest also: Cyberwarfare statistics: A decade of geopolitical attacks
Go deeper with Bing News on:
Computer security
- Considerations for the security of evolving workspaces
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward?
- Are companies falling behind on cyber security training?
New data from a Waterloo-based cyber security service suggests hackers have shifted their tactics and companies may not be keeping up.
- Computer Security: Four gifts for your Christmas break
Just as physical threats don’t stop outside working hours, CERN’s annual closure won’t put a stop to cybersecurity attacks in the coming weeks. The number of attacks might even increase, as attackers* ...
- National Computer Security Day 2023: History, Significance, and How To Celebrate
National Computer Security Day is celebrated every year on 30 November. It is important to note that this year, the day will be observed on Thursday. We observe this day to draw the attention of ...
- Fortifying the Digital Frontier: International Computer Security Day 2023
As we approach International Computer Security Day 2023, it is essential to reflect upon the journey that has led us to this point. The roots of this observance can be traced back to a seminal event ...
Go deeper with Google Headlines on:
Computer security
[google_news title=”” keyword=”computer security” num_posts=”5″ blurb_length=”0″ show_thumb=”left”]
Go deeper with Bing News on:
Cybersecurity
- BlueVoyant Research Reveals U.K. Organisations Are Increasing Their Focus on Supply Chain Cybersecurity Risk
The survey found that high-profile breaches are exerting an upward influence on budgets, with 51% of U.K. respondents expecting them to lead to more budget for internal resources to help protect ...
- Smashing Security podcast #351: Nuclear cybersecurity, Marketplace scams, and face up to porn
Hacking fears are raised at Western Europe’s most hazardous building, why porn sites might soon be scanning your face, and our guest narrowly avoids a Facebook Marketplace scammer. All this and ...
- Unified network promises US Army rapid connectivity, cybersecurity
The unified network and related operations promises global connectivity and fewer isolated pathways to monitor, ultimately promoting cybersecurity.
- Rethinking cybersecurity by bridging the accessibility divide
One of the legacies to emerge from the pandemic is the accelerated digital transformation that companies had to undergo, in some instances, overnight. Brian Pinnock, vice-president: sales engineering ...
- See me talking about “Future-proofing enterprise cybersecurity for AI, vulnerabilities, and business risks”
Using real-life examples of organisations who have been hacked, I’ll be discussing with experts from Skybox Security the importance of adopting a resilient strategy for dealing with ...
Go deeper with Google Headlines on:
Cybersecurity
[google_news title=”” keyword=”cybersecurity” num_posts=”5″ blurb_length=”0″ show_thumb=”left”]