[cap-talk] Butler Lampson does it again
Kenneth Hamer-Hodges
ken at sipantic.net
Mon Dec 21 19:45:52 PST 2009
He backed himself into this corner long ago. Once he led the industry
now he is forced to defend it. It is a just punishment.
Unfortunately we now live with this tragic lack of judgment.
k
David-Sarah Hopwood wrote:
> Karp, Alan H wrote:
>
>> The November issue of CACM has an article by Butler Lampson titled "Usable Security:
>> How to Get It" in which he concludes you can't.
>>
>> As with all his recent work he assumes a particular access control model
>> which almost guarantees his conclusion. His only solution to limiting the
>> damage that can be done when an attack succeeds is to have a "green" computer
>> for important stuff, such as banking, and a "red" computer for general surfing.
>> Of course, he admits that the "green" machine isn't really secure and that he
>> doesn't know how to give users some control over moving information between
>> the two machines without compromising security.
>>
>
> Yep, I came to the same conclusion. Lampson is no longer even making any
> subtle or instructive mistakes, just really obvious ones.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
>
More information about the cap-talk
mailing list