On Sun, 02 Dec 2007 20:04:42 EST, Dude VanWinkle said: > Anyone who was a security expert 30 yrs ago should be ridiculed. Their > job description was "I inspect all 5 & 1/4 disks that get mailed to > us" and should be a reason NOT to hire them :-P Anybody who doesn't know the history of security well enough to know what was going on 30 years ago deserves to be ridiculed. Here's a classic paper (the original Multics vulnerability analysis by Karger and Schell): http://www.acsac.org/2002/papers/classic-multics-orig.pdf Here's their 30-years-later retrospective: http://www.acsac.org/2002/papers/classic-multics.pdf Executive summary: We've learned somewhere between diddly and squat from 30 years of experience. Incidentally, Karger&Schell is the "unnamed Air Force document" that Ken Thompson references as the source for his Turing Award lecture: Thompson, K., "Reflections on Trusting Trust", Communications of the ACM, Vol. 27, No. 8, August 1984, http://www.acm.org/classics/sep95/ Ridicule these guys at your own peril. You can count me out, my personal timer is currently sitting at 29 years 10 months.. ;) Incidentally, 30 years ago, the 5.25" disk was still well in the future - even the 8" floppy was relatively new.
Attachment:
pgpyj5EH1o1pi.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/