Until recently, security was a backwater in the world of computing.
Many people cite Albert Einstein’s aphorism “Everything should be made as simple as possible, but no simpler.” Only a handful, however, have had the opportunity to discuss the concept with the physicist over breakfast.
As an applied-mathematics student at Harvard, Dr. Neumann had a two-hour breakfast with Einstein on Nov. 8, 1952. What the young math student took away was a deeply held philosophy of design that has remained with him for six decades and has been his governing principle of computing and computer security.
For many of those years, Dr. Neumann (pronounced NOY-man) has remained a voice in the wilderness, tirelessly pointing out that the computer industry has a penchant for repeating the mistakes of the past. He has long been one of the nation’s leading specialists in computer security, and early on he predicted that the security flaws that have accompanied the pell-mell explosion of the computer and Internet industries would have disastrous consequences.
“His biggest contribution is to stress the ‘systems’ nature of the security and reliability problems,” said Steven M. Bellovin, chief technology officer of the Federal Trade Commission. “That is, trouble occurs not because of one failure, but because of the way many different pieces interact.”
Dr. Bellovin said that it was Dr. Neumann who originally gave him the insight that “complex systems break in complex ways” — that the increasing complexity of modern hardware and software has made it virtually impossible to identify the flaws and vulnerabilities in computer systems and ensure that they are secure and trustworthy.
The consequence has come to pass in the form of an epidemic of computer malware and rising concerns about cyberwarfare as a threat to global security, voiced alarmingly this month by the defense secretary, Leon E. Panetta, who warned of a possible “cyber-Pearl Harbor” attack on the United States.
It is remarkable, then, that years after most of his contemporaries have retired, Dr. Neumann is still at it and has seized the opportunity to start over and redesign computers and software from a “clean slate.”
He is leading a team of researchers in an effort to completely rethink how to make computers and networks secure, in a five-year project financed by the Pentagon’s Defense Advanced Research Projects Agency, or Darpa, with Robert N. Watson, a computer security researcher at Cambridge University’s Computer Laboratory.
“I’ve been tilting at the same windmills for basically 40 years,” said Dr. Neumann recently during a lunchtime interview at a Chinese restaurant near his art-filled home in Palo Alto, Calif. “And I get the impression that most of the folks who are responsible don’t want to hear about complexity. They are interested in quick and dirty solutions.”
This might be of interest also: Cyberwarfare statistics: A decade of geopolitical attacks
Go deeper with Bing News on:
- Computer Security for Consumer Market Incredible Possibilities, Trends Analysis and Forecast To 2027on June 18, 2021 at 10:37 am
New Analysis Of Computer Security for Consumer Market overview, spend analysis, imports, segmentation, key players and opportunity analysis 2021-2027. The study also includes an in-depth competitive ...
- Smashing Security podcast #232: Zoomolympics and language matterson June 17, 2021 at 4:24 am
Video gaming giant Electronic Arts suffers a hack following slack security, the Japanese Olympics are proving unpopular with everyone apart from cybercriminals, and le coq est mort. All this and ...
- US Computer Fraud and Abuse Act: What the ‘landmark’ Van Buren ruling means for security researcherson June 15, 2021 at 7:48 am
ANALYSIS Following years of consternation, the US legal landscape appears to have tilted decisively in favor of ethical hackers, as a recent Supreme Court decision effectively narrows the scope of ...
- 17 cyber insurance application questions you'll need to answeron June 3, 2021 at 7:24 pm
At first, most of the cyber insurance questions involved basic computer security and merely checked to see if we had firewalls and antivirus and not much else. Now the questions suggest that ...
- Norway’s auditor general lifts lid on energy industry’s cyber security riskson June 3, 2021 at 10:54 am
“In collaboration with the energy industry, we have carried out extensive work to implement checks and security measures to reduce the risk of attacks on computer networks that control power ...
Go deeper with Google Headlines on:
Go deeper with Bing News on:
- Researchers create ‘Shadow Figment’ cybersecurity decoy tech that lure attackers into a fake worldon June 19, 2021 at 7:48 am
Over the past several years, hackers have increasingly targeted the physical systems we rely on to run our society. Electrical utilities, food processing plants, and aluminum producers are only a ...
- Lawmakers Urge Private Sector to Do More on Cybersecurityon June 18, 2021 at 6:30 am
The private sector in the U.S. must do more to defend against cyberattacks, lawmakers from both major parties stressed Thursday as several senators introduced legislation designed to target hackers.
- What To Look At When Assessing Your Cybersecurity Vulnerability Riskon June 18, 2021 at 6:20 am
Considering all these factors provides security teams with a platform they can rely on to effectively address risks by fixing the vulnerabilities that have the greatest impact on reducing the attack ...
- The Cybersecurity 202: The race is on to make hacked companies more accountable to government.on June 18, 2021 at 4:23 am
Lawmakers are taking their first stab at requiring far more companies to tell the government when they’re hacked. A draft bill being circulated by Democratic and Republican senators would require ...
- Why improving diversity in cybersecurity is vital for everyoneon June 18, 2021 at 3:00 am
The information security sector has a long way to go, but building cybersecurity teams of people from different backgrounds brings different voices to the table - and can improve defences.