Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!samsung!think.com!barmar From: barmar@think.com (Barry Margolin) Newsgroups: comp.org.eff.talk Subject: Re: "Computers at Risk" Message-ID: <1990Dec11.213718.13211@Think.COM> Date: 11 Dec 90 21:37:18 GMT References: Sender: news@Think.COM Distribution: na Organization: Thinking Machines Corporation, Cambridge MA, USA Lines: 49 In article faustus@gargoyle.uchicago.edu (Kurt Ackermann) writes: >1. Why are references to the US government written "Government"? By using it as a proper noun they imply the US Government, rather than any government or the concept of government in general. >5. Why is the "rogue program" that "stalled thousands of computers" > referred to as the "Internet incident"? Well, it was an incident that occurred on the Internet. >6. Why is it the Defense Department that's doing all this stuff???? The Defense Department has long been the leader in the development of computer communications and security facilities. One of the primary justifications for the development of packet-switched networks was to support communications that could be used during warfare (packet switching support rapid bypassing of portions of a network that have been bombed to oblivion). And advanced computer security was developed so that computers could be used to hold military secrets. >7. What is and has been the National Academy of Science's role in > the development of computer networks? How is the National Science Foundation related to the NAS? Over the last few years the NSF has been sponsoring the national educational and research network that replaced the Arpanet. >8. What exactly is a "nationwide computer" that was jammed by the > "rogue program" of the "Internet incident" fame? "Nationwide computer" is probably a confusion of "nationwide computer network". The Internet Worm certainly was a rogue program. >10. What are your opinions???? The computer industry has been extremely lax about dealing with all the issues of computer vulnerability. However, they are not totally to blame, because computer purchasers frequently don't ascribe much value to protection from vulnerability, so the vendors are simply responding to the market. All parties need to be educated to the need, and the people making purchasing decisions must be willing to spend a little extra to get less vulnerable systems. If there were money in computer security, more vendors would invest more research resources into it, and things would get better. -- Barry Margolin, Thinking Machines Corp. barmar@think.com {uunet,harvard}!think!barmar