NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY
08/18/05
Today's focus: Long-term perspective: 200-year software
Dear security.world@gmail.com,
In this issue:
* Dan Bricklin's essay takes the long view
* Links related to Security
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Nokia
Managing Security on Mobile Phones
This white paper describes the challenges of provisioning and
managing security in mobile phone environments and explains how
a well-designed deployment can alleviate these challenges. Learn
about new technology that Nokia is developing to address the
challenges of transparently managing security like IPSec VPN on
mobile phones. Download today!
http://www.fattail.com/redir/redirect.asp?CID=110159
_______________________________________________________________
MOBILE MANAGEMENT
Should companies strictly control employee use of mobile
devices? Employees are finding more ingenious ways to use mobile
devices to stay connected, access important data and communicate
more effectively. But there are increased security risks. This
NW Face Off gives you both sides of the debate. Click here:
http://www.fattail.com/redir/redirect.asp?CID=110090
_______________________________________________________________
Today's focus: Long-term perspective: 200-year software
By M. E. Kabay
I was interested to read an abstract of Dan Bricklin's
stimulating essay, "Software That Lasts 200 Years," last year in
NewsScan's Innovation newsletter.
Bricklin and Bob Frankston created VisiCalc in 1978, which some
of my older readers will recall was the first electronic
spreadsheet (it ran on the Apple II). In the decades since that
early success, Bricklin has contributed in many ways to software
development. He has worked with Software Garden, Slate, Trellix
and Interland, and has won many awards and honors.
In his essay <http://www.bricklin.com/200yearsoftware.htm>
Bricklin points out that many aspects of our society are created
with relatively long expected lifespans - for example,
buildings, roads, bridges and so on. In contrast, most computer
software has been written under the assumption that it will last
only a few years.
The Y2K debacle was a result of assuming that software written
in the 1970s could not possibly still be in use 25 years later.
Bricklin points to accounting standards as further evidence of
the short-term expected lifespan of software: "In accounting,
common depreciation terms for software are 3 to 5 years; 10 at
most. Contrast this to residential rental property which is
depreciated over 27.5 years and water mains and brick walls
which are depreciated over 60 years or more."
Bricklin makes the point that computers are increasingly
responsible for storing important societal documents, which
until recently were stored on relatively stable paper. As I
pointed out in my 1995 paper "Eternity in Cyberspace" (
available in HTM or PDF
<http://www2.norwich.edu/mkabay/overviews/> ), there are serious
issues of long-term readability of computer-based records due to
changes in application software, operating systems, and
hardware.
Bricklin goes on to discuss factors that are conducive to
short-time horizons as the norm in software development. He
proposes interesting changes in the ways that society manages
software development, including shifting from private corporate
sources towards more public efforts that include explicit
emphasis on longevity and portability. He brings in lessons from
civil engineering, where:
* A common body of knowledge is the basis of professional
education in the field.
* Standards bodies collate and publish best practices.
* Publicly funded or industry-based inspections are normal.
* Failures lead to public investigations and published reports
(think of what we read in the "Risks Forum Digest" only even
more thorough - click here <http://catless.ncl.ac.uk/Risks/>
for countless examples of analysis of system failures).
It seems to me that taking a longer-term perspective on software
engineering must also involve integrating security
considerations in all aspects of systems development from the
very first discussions of functional requirements all the way to
long-term maintenance and evolution of our systems. The same
principles should apply to network design and implementation.
I hope you will read Bricklin's entire analysis and think about
it. We need to fix these underlying problems before we work
ourselves into yearly equivalents of Y2K disasters.
The top 5: Today's most-read stories
1. Windows worm beginning to spread
<http://www.networkworld.com/nlsec5449>
2. Cisco to juice 6500 switch
<http://www.networkworld.com/nlsec5148nlsecuritynewsal5332>
3. Help Desk: Sniffing on a switch
<http://www.networkworld.com/nlsec5450>
4. Zotob worm exploits Windows 2000 Plug and Play
<http://www.networkworld.com/nlsec5451>
5. Google goes berserk
<http://www.networkworld.com/nlsecuritynewsal5333>
Today's most-forwarded story:
Cisco to juice 6500 switch
<http://www.networkworld.com/nlsec5151nlsecuritynewsal5336>
_______________________________________________________________
To contact: M. E. Kabay
M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Division of Business and Management at Norwich University in
Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay@norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.
New information assurance journal - Norwich University Journal
of Information Assurance (NUJIA). See
<http://nujia.norwich.edu/>
_______________________________________________________________
This newsletter is sponsored by Nokia
Managing Security on Mobile Phones
This white paper describes the challenges of provisioning and
managing security in mobile phone environments and explains how
a well-designed deployment can alleviate these challenges. Learn
about new technology that Nokia is developing to address the
challenges of transparently managing security like IPSec VPN on
mobile phones. Download today!
http://www.fattail.com/redir/redirect.asp?CID=110158
_______________________________________________________________
ARCHIVE LINKS
Archive of the Security newsletter:
http://www.networkworld.com/newsletters/sec/index.html
Security Research Center:
http://www.networkworld.com/topics/security.html
Instant sign-up for Security News Alert:
http://www.networkworld.com/isusecna
Instant sign-up for Virus & Bug Patch Alert:
http://www.networkworld.com/isubug
_______________________________________________________________
FEATURED READER RESOURCE
WIRELESS LANS BUYER'S GUIDE: THE GOODS ON 185 PRODUCTS
We've compiled the largest buyer's guide ever on wireless LAN
equipment. Whether you're looking for an access point, PC Card
or trying to decide between 802.11a, b or g, take a look at the
information that vendors have provided us. We've got the goods
on 185 products. Click here for more:
<http://www.networkworld.com/bg/wlan/index.jsp>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2
International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>
To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>
Subscription questions? Contact Customer Service by replying to
this message.
This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________
Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>
Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772
For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>
Copyright Network World, Inc., 2005
No comments:
Post a Comment