NOW READ THIS
("Security Advisory")

Go Back

---

Submitted by: Bill Hickey
NCVA List Master

NRT-0182 AUSCert Speaker Claims Computer Security has Failed:

The computing industry relies on "obsolete concepts and assumptions" and has "massively failed when it comes to desktop security," according to Ivan Krstic, security architect for the One Laptop Per Child project. At the opening session of the annual AusCERT computer security conference he said that the computing industry relies on concepts and assumptions that first surfaced in the early 1970's. "The way modern desktop security works is by relying on the user to make informed and sensible choices on things they don't understand," Mr. Krstic told conference delegates. Citing early consumer experiences with personal firewall products as an example, he noted that computer users were constantly bombarded with complicated dialogue and decision boxes they had no hope of understanding. Mr. Kristic denounced as "deeply flawed" the principle of giving software executed by a computer user the same level of privilege as the user, and added that this approach has been ingrained in operating system architecture since 1971.

(www.smh.com.au 22MAY07)

Last Modified: Monday, 28-May-2007 09:16:08 EDT