[cap-talk] Ivan Kristic sells POLA at AusCert 2007
Jed Donnelley
capability at webstart.com
Wed Jun 13 11:33:02 EDT 2007
At 06:29 AM 6/13/2007, Toby Murray wrote:
>A better sound-bite sell of POLA I'm yet to see in the popular media.
>
>http://news.com.com/Expert+IT+industry+has+failed+in+desktop
>+security/2100-1002_3-6185295.html
>
>original link from here
>
>http://catless.ncl.ac.uk/Risks/24.68.html#subj4
>
>shame it wasn't picked up on other popular tech media though.
Nothing new for this list of course. For me the first part of the
statement (up to the "no exaggeration", "badly broken" paragraph)
is a good rendition of the fundamental story.
The historical perspective (1971 Unix story) seems a bit
weak to me, but then it ends strong with:
...reminded the delegates that modern computers "run
untrusted code every time they visit a Web site."
The more common this view becomes of course, the better
for our basic position. Thanks for sharing that Toby.
--Jed http://www.webstart.com/jed-signature.html
More information about the cap-talk
mailing list