-
Cryptography [without system integrity] is like investing in an armored car to carry money between a customer living in a cardboard box and a person doing business on a park bench.
Gene Spafford -
Secure web servers are the equivalent of heavy armoured cars. The problem is, they are being used to transfer rolls of coins and cheques written in crayon by people on park benches to merchants doing business in cardboard boxes from beneath highway bridges. Further, the roads are subject to random detours, anyone with a screwdriver can control the traffic lights, and there are no police.
Gene Spafford
-
Questioning the status quo can result in banishment, imprisonment, ridicule or being burned at the stake, depending on your era, your locale, and the sacred cows you wish to butcher.
Gene Spafford -
People in general are not interested in paying extra for increased safety. At the beginning seat belts cost $200 and nobody bought them.
Gene Spafford -
Using encryption on the Internet is the equivalent of arranging an armored car to deliver credit card information from someone living in a cardboard box to someone living on a park bench.
Gene Spafford -
Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted.
Gene Spafford -
Ability to type on a computer terminal is no guarantee of sanity, intelligence, or common sense.
Gene Spafford -
The Internet is like a herd of performing elephants with diarrhoea - massive, difficult to re-direct, awe-inspiring, entertaining, and a source of mind-boggling amounts of excrement when you least expect it.
Gene Spafford
-
Our examination of computer viruses leads us to the conclusion that they are very close to what we might define as "artificial life." Rather than representing a scientific achievement, this probably represents a flaw in our definition.
Gene Spafford -
But it doesn't have to be this way. We can do things better. We need to stop doing business as usual and start focusing on end-to-end quality. Security needs to be built in from the start - not slapped on after the fact.
Gene Spafford