[cap-talk] Any hope in RSA 2008?

Jonathan S. Shapiro shap at eros-os.com
Fri Apr 4 14:54:18 EDT 2008

On Fri, 2008-04-04 at 10:35 -0700, Jed Donnelley wrote:
> >We're on a sinking ship that has been kept afloat by a vigorous
> >bailing process... After all, bailing is what's worked so far.

Well, no. The boat is still sinking, and there is still no land in
sight. Bailing has not solved the problem. It has merely delayed the

> > > Right.  However, I would think that by now since we've been
> > > doing what we can for the next three weeks for the last 15 years
> > > at least and it things haven't gotten better (they've gotten
> > > worse) then it does seem pretty clear to me that this three
> > > week horizon process is not making positive progress.
> >
> >I agree, but that's not the group that this conference is marketing to.
> Ah, so where is the conference that is marketing to the long
> term solution group?  Where is that group?  Those are the
> people I want to talk to.

There isn't one. The cost of bailing is so high that there is no budget
left for problem solving.

> >Depends what "the problem" is.
> "the problem" is poor computer security/integrity that takes
> heroic effort just to keep it afloat (bailing and patching).

No. The problem is the installed base of applications that rely on
unsecurable infrastructure. Well, that and the fact that none of us can
actively point at a fully working alternative.


More information about the cap-talk mailing list