IT Security

The Move and the Big Start

May 17, 2012
By

Returning to my recollections on Texar, we come to the latest installment on the aspects of being an entrepreneur at Texar. An investment from VCs in the bank and visions of grandeur. That’s where we were in the Spring of 1999. We needed office space and found 3500 sq. ft. of it in the west end of Ottawa. Nice space, nothing fancy, but nice nonetheless. There’s an old rule of thumb that says 120 sq. ft. per person is adequate, unless you’re using cube farms in which case you can crunch that down to 64 sq. ft. Not being a believer in overcrowding I stuck with the old belief of 120 sq. ft. of space per person, preferably with a door and a window. That meant we could cram in about 30 people in the space we’d rented, less in reality as the boardroom was to remain off limits. As we were moving from my basement to the new digs all it required was getting phone and Internet service. That took some doing but soon enough it was done. We had our domain moved over, we had FreeBSD boxes up and running our mail and web services, and we were

Read more »

Top Computer Scientists, Ever

May 15, 2012
By

I was going through papers as I try to clean up 30+ years of computer science clutter and came upon this list I made back in 2004. It’s a list of the 22 most influential people in computer science, in my opinion. James Anderson John Backus Dan Bricklin & Bob Frankston Vannevar Bush Fernando J. Corbato Edsger Dijkstra Doug Engelbart Richard Fateman Grace Hopper Kenneth Iverson Alan Kay Donald Knuth J.C.R. Licklider John McCarthy Ted Nelson Dennis Ritchie Claude Shannon Richard Stallman Ivan Sutherland Andrew Tannenbaum Ken Thompson Alan Turing Looking over that list today I wouldn’t change a thing. No one else comes to mind as being sufficiently great so as to go up on that list. If you just

Read more »

RIM No More?

March 30, 2012
By
RIM No More?

Although I’ve never wanted a RIM device I’ve appreciated what they offered way back when, mainly the 90s when it was a very handy device for sales people or those on the road. An easy way to stay connected. But I could never own one because the device made little sense to me as a techie. It always seemed to be nothing but a bunch of compromises structured around upselling various other services. The constant and only focus on the business user may well have been warranted early on, but as consumer sales of handheld devices eclipsed business sales RIM stood around, hands in pockets, hoping that it didn’t matter. And when they tried to do a consumer product it always seemed halfhearted. Like the Playbook. I was looking forward to that, but when it came out it seemed some “genius” at RIM figured it had to be tethered to a Blackberry to operate fully. Why? Who the hell knows. All I know is that it pushed many people I knew to an iPad. I doubt that was RIM’s intent, but that’s what they accomplished. I also never fully understood their idiotic notion of having so many devices. I even

Read more »

How About noOS?

October 16, 2010
By

We have NoSQL but maybe it’s time for noOS. I’ve talked about this with colleagues for a while. Many are old enough to realize why we have operating systems, but some of the younger crowd don’t. The reason for an operating system is to equitably share the resources of a computer. This made sense when the systems were large, hulking brutes sitting in air conditioned rooms. It makes no sense today when one core of an average computer is faster than any mainframe of 40 years ago — or even a roomful of them. It’s why I’ve had discussions asking why we even need an OS anymore. Perhaps it’s time to revisit another  idea that came out of the great CS labs, namely machines that only ran a language. I’m talking about Lisp Machines, Smalltalk Machines, APL Vector Machines, etc. These machines had the beauty of allowing you to program extensions into their core via well-defined languages all within a fully interactive environment. It was bliss programming these types of systems. And it’s not like computers aren’t fast enough to allow for fully interactive, dynamic environments as the way to build applications. Today’s hardware makes those old Smalltalk, Lisp and

Read more »

Bemoaning the State of Information Security

September 22, 2010
By

I’ve been in the field of computer security for nearly 25 years and the same old stuff still bugs me. The constant desire to foist security requirements on the end-user is unbelievable, and unwarranted. Security is, at best, an esoteric field and one that most end-users are not sufficiently well versed in to be able to make logical decisions. Add to that the constant drone by security “experts” that much of the problems lie in lack of process and procedures, or user unwillingness to follow these same processes and procedures, is simply more proof that the problem lies elsewhere. The problem with security is that it’s a pain in the ass. My security pedigree allows me to state that. I wrote the Canadian Criteria (CTCPEC). I was one of six authors, and the only non-US author, on the US Federal Criteria which was to replace the Orange Book and Rainbow Series. I co-authored the Common Criteria, and was one of the lone voices of dissent when it took on the form everyone is currently familiar with. As a senior IT security researcher with the Canadian government I set up the first virus centre to study the propagation of malware and

Read more »

The Beginning: Becoming an Entrepreneur

September 16, 2010
By
The Beginning: Becoming an Entrepreneur

Being an entrepreneur all starts with a single desire: to change the world. You think you can change it by coming up with a cool piece of technology, something no one else has. Something that will fundamentally change and challenge the way the world functions within a particular arena. My arena of expertise is computer security. I’ve been doing it for nearly three decades. I’m one of the old guard and back in the ’90s had a cool idea: a generic policy engine capable of implementing and enforcing any computer security policy devised. I successfully completed my Master of Computer Science showing that the technology was feasible. My next goal was to get the capital to actually build and sell the thing. I thought it would be easy. Boy was I wrong! It had all started in late 1997 with my thesis due, time running out, and patience all around at an all time low. I decided to take an extra week during Christmas and a few weeks thereafter to finish my thesis off once and for all. I figured a month of diligent work and I’d be done! I didn’t expect what nature was about to throw our way —

Read more »

According to some … the universe is 20 years old

September 12, 2010
By

Just a bit of a rant today. I’m getting more than a bit tired of hearing from reasonably intelligent people that they can’t find a given piece of research because they tend to have this odd belief that the entire universe is but 20 years old. Twenty years old? What, are you nuts? I’m sure that’s what some of you are thinking. Hardly. 20 years ago is when the first web page went up. Some seem to think that anything before that time period simply doesn’t exist, especially if it can’t be located by Google, Bing, or some other search engine. Some organizations, like the IEEE and ACM, strive to get their older archives online but many don’t have the resources. And so I am faced with folks who simply can’t seem to comprehend the notion that a lot of research was done “back in the paleolithic”, as my kids tend to say (i.e., before the 90s). A bit of searching in a library or a good online index of articles for journals would assist even the dullest of researchers in determining what’s out there. Similarly, I tired of supposed researchers who simply give a new name to an idea

Read more »

Why We May Never Have IT Security

July 31, 2009
By

I’ve been asked repeatedly why security is so bad. For years I’ve just ignored the question, figuring it was pretty obvious to anyone who spent more than a few seconds observing IT. However, I’ve come to the conclusion that it’s not obvious. Most people don’t get why IT security is hard and getting harder and why we’ll never truly have IT security to the point where we don’t have to worry about it. Much of the problem actually stems from the fact IT security is pretty much in the same place it was back in the 70s and 80s. It’s stagnant. This isn’t a problem with the folks in IT security but rather a sad indictment of IT itself. It’s been stagnant in the 70s and 80s, not much has changed. And therein lies the problem. But why do I say that it’s the same as the 70s and 80s? Because no one is attacking the real problem: the actual IT infrastructure we have. We are still using the same technologies invented back in the 70s and 80s (sometimes earlier!) and attempting to interconnect said technologies in ways they were never meant to be connected. This has meant hacking and

Read more »

Ph.D.s, Focus, and the Loss of the Infinite

July 2, 2009
By

I’ve been trying for a long while to put into words why I became disenchanted with the Ph.D. process, and why that was one reason — though not the overriding reason — why I terminated my pursuit of a doctorate. But today, sitting back and reading a bit of Thomas Aquinas I came to a sudden epiphany. The reason is straightforward, and ironically was told to me by a dearly departed friend years ago. The problem, is that Ph.D.s are too narrowly focused. Or, as Jim Anderson so eloquently put it way back when, “Some of the stupidest people I know have Ph.D.s.” He bemoaned their inability to grasp the larger picture, instead focusing on minutiae, some small problem ignoring all else. Sometimes ignoring reality itself and coming up with a “solution” that worked only within some fantastical model that had little relation to how the real world functioned. Now Jim, like myself, was an old grey beard of security. In fact, I would argue that Jim was responsible for what today is called “information security”. The very foundations of computer security were formulated and documented by Jim way back in 1972. I was fortunate enough to work with Jim

Read more »

10 Years Too Early

April 3, 2009
By

Over at Musings of a VC in NYC there’s a new article titled “Only Ten Years Too Early“. Man that brings back some memories for me. 10 years ago I began my startup. It’s no more, but the technology we worked on is finally becoming accepted. In fact, the amount of interest mounts constantly. 10 years to the month that I started that startup I’m now building something similar, though rudimentary and simple in comparison, for clients of mine. What they want now is but a pale shadow of what we had then. 10 years early. Way too early. Sigh.

Read more »

Page 1 of 2
1 2

Musings

A blog of my musings. Some folks find it interesting and so I continue. Hopefully it will remain fairly interesting. At worst, it'll keep me writing orthogonally to my day job.

Month at a Glance

May 2012
M T W T F S S
« Mar    
 123456
78910111213
14151617181920
21222324252627
28293031  

StatPress

Visits today: 449
Total page views: 117654