http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=284839 By Robert McMillan March 12, 2007 Computerworld Whitfield Diffie has been credited with making privacy possible in the Digital Age. As a co-inventor of public- key cryptography, he is among the most respected contributors to the field of computer security. In an interview with the IDG News Service, Diffie, chief security officer at Sun Microsystems Inc., talked about the state of computer security, Microsoft Corp.s role in it and privacy issues. When the PC went on the network, there were security implications that nobody thought about. How do you think Microsoft has responded over the past five years or so? I think there are two issues. I think youll find that lots of [potential security problems] were foreseen. I think the critical thing [is] that Microsoft showed that its judgment was correct. If it had paid less attention to security, maybe it would have had less market share. The interesting thing to me is why its been so hard for them. I think it has to do with the problems of legacy code and the legacy interface expectations of their customers. Do you believe that theres a sense among users that the Internet is not trustworthy? I think thats a well-placed misconfidence. How do you see the state of security on the Internet today? Phishing is the security problem, at that level, that I hear the most about right now. But I certainly dont worry about the security arrangements of going to AmericanExpress.com. Im not the least bit worried about that, partly because of the law and partly because the essential point of SSL is that the certificate costs enough money that the thieves arent putting up a front. I conjecture that the expansion of networked communications and societys dependence on network communications is outrunning the security of that network and will continue to do so for quite some time. What are your thoughts on Internet privacy? I believe in privacy, but privacy is just one of a number of considerations. What bothers me is that information about people is so readily available in a way not auditable to them, to organizations like ChoicePoint, who broker it around and enable other people, who are not legally constrained in what they do with it, to make decisions based on it. McMillan is a reporter for the IDG News Service. _________________________________________ Visit the InfoSec News Security Bookstore http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Mon Mar 12 2007 - 22:42:27 PST