« Hand-Crafting My FOAF | Main | Post RSA Conference Wrapup »

February 22, 2004


Feed You can follow this conversation by subscribing to the comment feed for this post.

Matthew S. Hamrick

Just thought I would comment that in building actuarial tables, insurance companies have a relatively small set of policy-holder behaviors and traits. Auto insurance underwriters look at age, vehicle model and model year, zip code, driving history, and maybe a few more traits. How do you even start to build a table for the computer industry? You're running Windows? Fine, double your premiums. You're running Windows 95? Great, double them again. You haven't updated your router firmware in three months? Well... what does that do the measure of risk? Anything?

I've always really liked the idea of IT insurance as a way to drive effective, practical security protections, but I think we're light-years away from collecting enough information to build a reliable actuarial table.

Zooko O'Whielacronx

I enjoyed this article.

The RSA expo floor really makes me feel sad nowadays. It has really driven home the lesson that security is not, as I once believed, a tool that naturally lends itself to increasing freedom. Instead, like all tools, it cuts either way depending on the hand that guides it.

I remain hopeful that capability access control will be deployed and will enable, in Mark Miller's phrase, "cooperation without vulnerability". The concept of mutually untrusting code (operating on behalf of mutually untrusting people) cooperating in a single address space is a paradigm that the MUD culture has been practicing for at least a decade and that the Java culture is likely to discover in 2004.

The increasing importance of virtualization, Trusted/Treacherous Computing, and the like also lead us closer to this paradigm.


So then one day this guy discovers the answer to the Reimann Conjecture and now Fear and risk are en vogue again. I was curious what you think might be the replacement for prime number pki?

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)

My Photo