[cap-talk] Any hope in RSA 2008?
lists at notatla.org.uk
lists at notatla.org.uk
Sat Apr 5 19:14:12 CDT 2008
Jed Donnelley <jed at nersc.gov> wrote:
> >> Ah, so where is the conference that is marketing to the long
> >> term solution group? Where is that group? Those are the
> >> people I want to talk to.
> >
> > There isn't one. The cost of bailing is so high that there is no budget
> > left for problem solving.
If the marketing people are making money selling equipment to the
prospectors they don't care whether worthwhile gold is found.
If the purchasing managers (not on the whole very technical) value
herd mentality (buying IBM etc) and are spending other people's
money they won't know or care whether it's cost-effective. They won't
look for solutions not being marketed.
In the absence of actual users/customers who know they have security
requirements beyond today's limited "solutions" maybe we need to list
some use cases;
- what kinds of security
- how much of it (assurance)
- how much they want it (What are they prepared to do?)
that are ideally legal and socially approved. The ordinary desktop
Internet user is a good start - what more is needed on this
(beyond CapDesk)? Popular server situations too. Long-term
solutions to those could be worth promoting.
> It might not be so bad if there was a vigorous alternative
> with promise being pursued. It's the lack of same that I'm
> lamenting. Am I wrong in this?
Alan Kay has said "The computer revolution hasn't happened yet".
http://www.cra.org/Activities/grand.challenges/kay.pdf
http://video.google.com/videoplay?docid=-2950949730059754521
> I still believe that the ultimate "problem" is the lack of
> security/integrity. That is what InfoWorld ranked as the
> #1 all time tech "flop,"
And can anyone estimate the cost of this situation as it is now
and under alternative models? Include computer crime, effort
expended on IT security and lost opportunities where IT might
be used it weren't for the security problems.
More importantly what is the TCO per user or per-organisation
for those use cases where we can see reasonable alternatives?
More information about the cap-talk
mailing list