Thursday, May 22, 2014

How Did the Peter Neumann Webinar Turn Out?

Overall, it was entertaining.Peter Neumann has been doing this since 1985 or so. So he does have perspective, and that is important.

One point that he made was that nothing much had changed since the 1985 Risks Digest. This was one bit where the talked head format failed v the old audio and slides format. No insult intended--those were the terms used in the survey questioned presented after the presentation. As little as a single figure, describing a modern classification of what was seen in 1985 could have transformed annecdote into evidence. That would have been a very useful thing.

There were many several subsidiary points. Formal methods in cryptography are a huge win. Most software was fully capable of falling over on it's own, without manipulation by attacker. We still lack any robust means of reasoning about large systems, because we have no useful theory of composability.

It was about then (45 minutes in) that his Comcast connection fell over for about six minutes. As he had already spoken about networking and cloud, this was Delicious Irony. But still a bummer, because I was hoping to hear more about that hugely important topic.

Ideally, hearing people with this sort of perspective force you to think about the foundations of your field. In my case, it lead to a bit of Web searching, thinking about why, in 2014, so many software systems or so horrible. In some cases, for large governmental systems, we already know the reasons, but keep falling into the same traps. As an Oregonian, I have to point to The Oracle debacle which wasted over a hundred million dollars.

But, in the greater scheme of things, this is a side-issue. We know how to not make these mistakes, even if avoiding them sometimes becomes lost in a beauracracy, at great public expense.

We do not, on the other hand, have a great idea of how to write software that does not suck. Peter does offer one annecdote (yes, it is a howler) of one James Gossling showing up at SRI, and proclaiming that there is this new language, called Java, that makes insecure coding impossible. We all know how that turned out.

Wandering around the Web, thinking about foundations, I found something interesting. JD Glaser, a LAMP stack games developer, in a guest post on the WhiteHat Security Blog (a recommended source) , indicts the tech book trade press for teaching insecure coding. Educators might find problems with his arguments. Perhaps *always including secure examples* might obscure the point of a lecture. But there is no denying that a huge population of coders depend upon tech book books from Wrox, O'Reilly, etc.

Read his arguments. Remarks from 1985 are very clear on one point--we need to up our game.

No comments:

Post a Comment

Comments on posts older than 60 days go into a moderation queue. It keeps out a lot of blog spam.

I really want to be quick about approving real comments in the moderation queue. When I think I won't manage that, I will turn moderation off, and sweep up the mess as soon as possible.

If you find comments that look like blog spam, they likely are. As always, be careful of what you click on. I may have had moderation off, and not yet swept up the mess.