[cap-talk] Butler Lampson does it again
Matej Kosik
kosik at fiit.stuba.sk
Tue Dec 22 00:18:07 PST 2009
Karp, Alan H wrote:
> The November issue of CACM has an article by Butler Lampson titled "Usable Security: How to Get It" in which he concludes you can't. As with all his recent work he assumes a particular access control model which almost guarantees his conclusion. His only solution to limiting the damage that can be done when an attack succeeds is to have a "green" computer for important stuff, such as banking, and a "red" computer for general surfing. Of course, he admits that the "green" machine isn't really secure and that he doesn't know how to give users some control over moving information between the two machines without compromising security.
Is there any point in refuting his claims if there is no bounty for it?
More information about the cap-talk
mailing list