Tuesday, March 31, 2009

The New School of Information Security with Adam Shostack

26th episode of The Silver Bullet Security Podcast.

Interview with Adam Shostack

Frank Abagnale's book got me started in Security: Catch Me If You Can

Security Renaissance: the notion that we have so many people with so many diverse backgrounds that it's a great time to be in security

3 big idea:
1. there is this conversation which has moved away from technology
2. if we're going to succeed, we need to actually test our ideas about what it is we should do - to be able to test our processes
3. we need to discuss what's happening, be willing to discuss our successes and our failures, and analyze what we're doing in such a way that can advance the sience and the state of the art

as the system is moved from a desc of an alg to an implementation, does it retains the properties that you think it retains?
does it actually deliver in the real world the properties that customer wants?

Tylenol in the 1980s, someone put cyanide in their capsules, people died.

most computer security incidents actually lead to death.

if Tylenol is able to spring back - should we really be so unwilling to discuss the things that are going wrong for us today?

lenght: 30:12m

