Distinguished Lecture Series presents Andrew Odlyzko
November 07, 2010
Distinguished Lecture Series presents Andrew Odlyzko on November 8, 2010.
Title: Providing Security with Insecure Systems
Date: Monday November 8, 2010
Location: CSIC Building, Room 1115
Network security is terrible, and we are constantly threatened with the prospect of imminent doom. Yet such warnings have been common for the last two decades. In spite of that, the situation has not gotten any better. On the other hand, there have not been any great disasters either. To understand this paradox, we need to consider not just the technology, but also the economics, sociology, and psychology of security. Any technology that requires care from millions of people, most very unsophisticated in technical issues, will be limited in its effectiveness by what those people are willing and able to do. This suggests that one can provide adequate security using contrarian approaches that violate traditional security and system engineering precepts (such as encouraging "spaghetti code").