CowboyRobot writes: In an interview, Internet security pioneer Eugene Spafford talks about why security has struggled even after its first big wake-up call 25 years ago, the Morris worm. He was one of the first computer scientists to dissect the game-changing worm that hit the Internet 25 years ago and took down thousands of computers. He's also credited for defining software forensics and shaping other security technologies. But Eugene "Spaf" Spafford says security still isn't taken seriously enough today. "If everything was in balance, we would have people who are trained across the areas and products they are looking at that are designed to be solid and secure. Any breaking of a system would be a largely futile exercise they would nonetheless indulge in as confirmation or assurance. Instead, we have a marketplace where that is rewarded: Microsoft just gave $100,000 [to a researcher in its bug bounty program]. This is treated as a first line in security defense. The fact that people are able to make that much money and find that many flaws is indication that something is very wrong with the way we're building systems."