University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > "From the Casebooks of..."

"From the Casebooks of..."

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Andrew Lewis.

In a field with few design principles (“defense in depth”? separate duties?), few rules of thumb, no laws named after people more influential than Murphy, no Plancks or Avogadros to hold Constant, and little quantitation of any sort (we count bad things and how long it takes to fix them), it appears the best we can do right now is telling stories.

Over (enough) beer we cons up lightly anonymized War Stories about late night phone calls, scary devices, hard to find bugs (which exploiters somehow found), the backups that didn’t, stupid criminals, craven prosecutors, cute hacks (but “don’t try this at home”) and pointy-haired bosses… There will be a few of these in this talk, but also some Cautionary Tales, parables, isomorphs of the Old Stories demonstrating human frailty and that the Law of Unexpected Consequences operates most strongly near the intersection of Bleeding Edge and Slippery Slope. Also just a bit about the future.

Mark Seiden, a programmer since the ‘60s, has worked since 1983 in areas of security, network, and software engineering for companies world-wide. As a Yahoo Paranoid and as a consultant, recent projects have included design, architecture, and implementation for ebusiness systems, security for online financial transaction processing and for a distributed document processing system, as an expert in computer crime cases, and testing of network, procedural and physical security in diverse deployed systems, enterprises, and colocation facilities.

Time Digital named him one of the 50 “CyberElite” in their first annual list, and he’s been involved with four National Academy of Sciences studies on some trippy subjects. Mark was the first registant of the domain food.com. He’s been played by an actor in a rather bad movie. His Erdos number is 4.

This talk is part of the Computer Laboratory Security Seminar series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2024 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity