Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Security Government The Courts News

Interview with Eugene Spafford 168

Posted by michael from the open-sesame dept.
scubacuda writes "Dr. Eugene 'Spaf' Spafford, security expert and professor of Computer Science at Purdue University, talks with Greplaw about what drove him to the computer security field, what it's like to testify before the White House and Congressional committees on information security and public policy, and how legislating technology is 'bad law.' For you budding legal geeks interested in forensics, technology, law, and ethics, Spaf has provided a reading list."
This discussion has been archived. No new comments can be posted.

Interview with Eugene Spafford More

Interview with Eugene Spafford

Comments Filter:

  • This guy rocks (Score:5, Interesting)

    by PissingInTheWind ( 573929 ) on Tuesday April 06, 2004 @11:05PM (#8788426)
    I saw him recently in a conference. He talked about how we all need as americans to make sure we know how to stand in the menace of the actual "orwellian" (his words) government policies.

    He sure knows his stuff and is a great source of inspiration for all of us.

  • It's a complicated matter... (Score:4, Funny)

    by Deraj DeZine ( 726641 ) on Tuesday April 06, 2004 @11:07PM (#8788441)
    what it's like to testify before the White House and Congressional committees on information security and public policy

    Define "like."

  • The interviewer wasn't listening (Score:5, Interesting)

    by ObviousGuy ( 578567 ) <ObviousGuy@hotmail.com> on Tuesday April 06, 2004 @11:10PM (#8788455) Homepage Journal
    It's great how the interviewer opens up the topic of virii and Spafford replies quite clearly that virii are not things he studies and that he can give references to other experts if the interviewer so wishes. Then the interviewer just plows ahead trying to make out like virii are the key problem in computer security.

    At least Spafford was a good sport and continued doing his best to try to bring all of the subsequent virus questions back into the umbrella of computer security.
    • My guess is this interview was done over email. Spaf refers to "see my answer above" at one point, which indicates to me the interview wasn't done in real time. There's also no follow ups, or referring to previous answers in any of the questions, all telltale signs of an email interview.

      The journalist is still at fault of course. Roger Rustad should have done his homework and found out that Spaf doesn't research viruses. He wasted half his questions on this fairly boring topic. Anyway, it sounds like S
    • Well, he certainly did a pretty decent job analyzing the 1988 Internet Worm [psu.edu].
    • "Plowed ahead."

      Good call. I sent him a list of the questions several months ago and he just returned them the other day.

      When I saw the direction he took it at the beginning, I considered adding/editing/rewording my original list of questions to fall under that umbrella. For better or worse (perhaps worse) I went ahead and published what I had.

  • Be very cautious when legislating technology (Score:5, Insightful)

    by ElliotLee ( 713376 ) on Tuesday April 06, 2004 @11:10PM (#8788456) Homepage Journal
    Technology typically finds its own solutions to problems, which makes many laws incredible nuisances, stifling innovation.

  • architectural differences? (Score:5, Interesting)

    by Frisky070802 ( 591229 ) * on Tuesday April 06, 2004 @11:23PM (#8788550) Journal
    I'm curious about Spaf's comment that the prevalence of worms on Windows is due to architectural differences rather than market share. Is there proof of this? Certainly people write worms/virii for Windows because it's easier, but also because it's so much easier to hit critical mass.

    It's also worth noting that of the 3 UNIX worms he mentions, one, the RTM worm, hit long before it was fashionable to spread things in Windows. The architecture not only permitted it, the holes had been around for ages.

    Interesting that Spaf said RTM should be jailed for unleashing that worm. If he had been, would he be an MIT professor now?

    • I'm curious about Spaf's comment that the prevalence of worms on Windows is due to architectural differences rather than market share. Is there proof of this? Certainly people write worms/virii for Windows because it's easier, but also because it's so much easier to hit critical mass.

      A year ago, I would have agreed with this point of view. Internet Explorer, Outlook Express, IIS, and Windows itself were crawling with major security issues that different worms and viruses could exploit.

      Now days, viruses a

      • Re:architectural differences? (Score:5, Interesting)

        by zcat_NZ ( 267672 ) <zcat@wired.net.nz> on Wednesday April 07, 2004 @12:05AM (#8788839) Homepage
        Allow me to respond to myself;

        The problem is no longer with the Operating System itself. The problem is that most users care far too little about how the operating system works, and are much too trusting.

        Say, for example, that you came back to your car one day, and there was the following note on the windshield.

        "Helpful advice from another motorist; your engine has become clogged with a black, sticky residue which may be slowing it down. You can remove a plug from the bottom of the motor and drain this gooey stuff out, and your car will run so much better. Pass this advice on to everyone you know"

        Most people would know enough about their car to recognise that this is not good advice, yet they will happily install 'updates', submit banking details to suspicious websites, or delete arbritrary files out of /windows/system32 with barely a thought.

        See what I mean?
        • Sometimes this social engineering can be much more clever than baffling them with tales of sludge in the engine. Think of the recent emails from "Microsoft" with an update.

          The equivalent analogy to this with cars is finding a note saying that the local police station is providing free smog checks, with an address to place in a bad part of town. If you did not know that the police have nothing to do with smog checks, you might believe the note. And if you didn't know that the address was not correct, you mi
        • Most people would know enough about their car to recognise that this is not good advice
          Most? Most people you know, or most people in a representative sample of the population of western society?
          • On reflection; I think the problem is more a matter of scale, and ease of (mis)use.

            If you told enough people to drain the oil from their cars, with a plausable reason for doing it, perhaps a number of them would. Expecially if it was as easy as removing a file from /windows/system32.

            The same applies to telling everyone they know.

            Computers make lots of tasks easy; they don't differentiate between intelligent, productive tasks and pointless or destructive actions.
        • The architectural differences in your analogy are: MS cars have a button on the outside of the hood that dumps the oil. This is a feature that users demanded, but when the people who implemented it did not consider that someone other than the authorized driver might want to push it.
    • Uhh, unless my knowledge of history is off, RTM's worm hit only Vaxen...

      Yes, Vax/VMS, an OS so ancient, I've used it but a little. Enough to believe that it's not very UNIX-like at all, at least...

      Y'know, there was once a time when people believed that worms (not viruses) could be helpful/useful... of course, that has long since been disproven...

  • Spaf?! (Score:3, Funny)

    by Anonymous Coward on Tuesday April 06, 2004 @11:28PM (#8788593)
    If he's so smart, why couldn't he think up a better nickname? I rest my case.
  • I really dont know anything about Spaf, but i think that i read somewhere once, that back in the day ( late 80's early 90's ) his personal machine at MIT or Purdue or where ever he was at the time got hacked fairly badly ..

    anyone have any memories of this ??

    or am i just have a bad Acid Flash back .. ???
    • Yeah yer ok -- he mentioned it in one of his articles (can't be arsed to dig it out ATM). Back when Clifford Stoll was going big-time IIRC. Speaking of hacks, was anyone else reading this thread at 0? The whole 8878xxx UID block woulda been banned if it was me...
      • oh, ok cool .. so i didnt imagine it, i might have to have a bit more of a dig to see if i can find it again..

        more so for the "how he dealt with it" and "what happend that he could tell" point of view , rather than a *haha he got hacked* .. cause getting owned it teh Suxzor! no matter who you are ..
    • Spaf is mentioned in an online book [xs4all.nl] called Underground about a group of hackers from Melbourne, Australia. Back in they 80's they apparently hacked his machine in order to steal something he had on there. Its mentioned in chapter 5.
    • There was a documentary on ABC (Australian Broadcasting Corporation) TV about two early Australian hackers/crackers, Electron and Phoenix. It was called "Breaking into The Realm".

      You can read an article/review about it here [theage.com.au] in the Melbourne Age. Eugene Spafford was interviewed in the documentary, and was a target of the above-mentioned hackers.

      I will use the term hacker from now on, but you can substitute the term cracker if you think it is the more "correct" term.

      My recollection of the documentary

  • CERIAS (Score:3, Informative)

    by newdamage ( 753043 ) on Wednesday April 07, 2004 @12:10AM (#8788875) Homepage Journal
    For those of you interested, CERIAS [purdue.edu] is actually a pretty impressive research group. One of the PhD students is teaching our cs426 class right now, and it's one of the few CS classes I've taken where I'm actually learning practical knowledge about computer security.

    Go Boilers!
    • Don't forget about their mirrors for many linux distros and NTP servers!

      Nothing like having a NTP server less than 10 miles away!
      • Wow, people use the NTP servers? The sysadmins will be glad to know that all of the bs they've had to deal with getting the new ones up hasn't been in vain.
    • One of the PhD students is teaching our cs426 class right now...

      Heh, I had CS426 taught by Spaf himself :P

      Do they still have the lab where you get to play around with a UNIX shell script
      virus?

  • Interesting Read (Score:5, Interesting)

    by value_added ( 719364 ) on Wednesday April 07, 2004 @12:11AM (#8788882)

    Overall, an article worth reading. Two things I found worth noting. First, the "false convenience" metaphor in

    "So long as false convenience and poor design are more important to the average user than security and safety then we are going to have problems."
    I thought was an excellent way to characterise the arguments often raised when such things as user education, simple point-and-click interfaces, administration costs, etc. are the topics of discussion. Also, when asked,
    "
    What is your preferred platform-Wintel, Linux, MacOS, or....? "
    the response is notably diplomatic:
    "It depends on the application need. No one system (or language or database or...) is ideal for every use. I'm a big believer in using the right tools for the right jobs."
    but then goes on to mention:
    • primary system - Mac OS X (owns 5 Macs)
    • mail and file server - Solaris on a Sun box
    • laptop - OpenBSD
    • tablet PC - Windows

    • Re:Interesting Read (Score:2, Insightful)

      by Barto ( 467793 )
      Which is contradictory how? Make sense not you do.

      He owns a Mac box for desktop use, Solaris for his server, a Windows tablet PC (there really is no functionally equiv. alternative tablet platform) and OpenBSD for his laptop (really the only odd one out, probably as his system for x86 coding).

      Looks to me like he's chosen "the right tools for the right jobs," just like he says in the article.

      Barto

    • Re:Interesting Read (Score:3, Informative)

      by Chuu ( 307073 )
      About the tablet PC, every CS professor at Purdue University got a free tablet PC from microsoft, as well as a donation of enough for a class dedicated to table pc applications (more info : http://www.cs.purdue.edu/homes/cmh/490T/). I believe microsoft also donated a couple hundred (!) PocketPC's for Purdue's e-stadium project. I wouldn't read too much into the fact he owns a tablet.

  • all you need to know about information security (Score:3, Funny)

    by theMerovingian ( 722983 ) on Wednesday April 07, 2004 @12:23AM (#8788952) Journal

    rot13 [rot13.com]

  • Similar Names... (Score:4, Funny)

    by CedgeS ( 159076 ) on Wednesday April 07, 2004 @12:25AM (#8788965) Homepage Journal
    Great! Now I can find all the tech law websites I want with one simple command:

    cat internet | egrep -i gr[:vowel:][:explosive\ consonant:]law

    Which reminds me, I really wish multi-character atoms would work with reg-ex. The spec calls for them, but they haven't worked in any implementation I've used.

  • Problems with Academia. (Score:1, Insightful)

    by Anonymous Coward
    The problems that I see arising are when people like Spaf have a significant influence on the maturation of the computer crime field. This, from a practitioner's point of view, is frustrating as people such as Spaf have rarely left their offices and campuses, have little to no experience (in comparison), and often pontificate loudly.
    I know how little they are actually doing up at CERIAS in regards to forensic analysis. They have 1 guy working on research, and another guy who releases tools that have an inte

  • I always enjoyed his lectures (Score:3, Interesting)

    by frinkster ( 149158 ) on Wednesday April 07, 2004 @01:28AM (#8789392)
    He's quite the story teller and can relate one to almost every security issue there is. His class was the kind where you almost didn't realize you were learning until it was too late - the final comes and you ask yourself how you learned all the answers.

    It was even interesting to see who he lined up as a guest lecturer each time he had to fly to Washington to brief the Government on something. They all had some weird story about security lapses somewhere important.

  • True Story (Score:4, Interesting)

    by CajunArson ( 465943 ) on Wednesday April 07, 2004 @02:23AM (#8789680) Journal
    It's boring but what the hell....
    I graduated from Purdue undergrad ECE in '02 and with the job market the way it was back then I knew I'd go to grad school. I had picked up a big interest in infosec my last year there so I emailed Spaf about opportunities in grad school. As soon as he found out I was a lowly Computer Engineer he basically said I shouldn't bother.
    So I ended up at Carnegie Mellon instead, and I just finished my MS in Information Networking with a focus on security, I even got to write a Mandatory Access Control system for Linux for my thesis.... Hey Gene? Am I up good enough to be a grad student now?
  • ...what next, GropeLaw?

  • A nice interview, but I would be interested to see what Spaf's views are on TCPA.

Slashdot Top Deals

One man's constant is another man's variable. -- A.J. Perlis

Close