[cap-talk] High level dissonance
Karp, Alan H
alan.karp at hp.com
Sun Feb 24 17:17:40 EST 2008
Ivan Krstić wrote:
>
> Every computer attack is an attack on the user. If it weren't so, we
> wouldn't much care about the attack. Viruses that destroy data are an
> attack on the user's data; viruses that render the machine inoperable
> are an attack on the user's ability to get her work done. Viruses and
> trojans that zombify a machine and join a botnet are an attack on
> _some other_ user's ability to get her work done.
>
The context of my remark was in regard to thinking about the user interface in designing secure systems. A number of attacks don't exploit flaws in the user interface, e.g., a macro virus in a spreadsheet or a drive by download.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list