Show 001 - An Interview with Avi Rubin

In the debut episode of the Silver Bullet Security Podcast, Gary talks with Avi Rubin, professor of computer science and technical director of the information security institute at Johns Hopkins University. Avi made headlines in 2003 when he revealed glitches in Diebold electronic voting machines.

Links:

• A partial transcript of the interview in IEEE Security & Privacy
• Avi’s site
• Brave New Ballot: The Battle to Safeguard Democracy in the Age of Electronic Voting, Avi’s forthcoming book
• ACCURATE - A Center for Correct, Usable, Reliable, Auditable, and Transparent Elections
• Froot Loops and Corn Flakes
• Subscribe to IEEE Security & Privacy

 

 Show 001 - An Interview with Avi Rubin [20:03m]: Play Now | Play in Popup | Download

This entry was posted on Wednesday, April 19th, 2006 at 1:47 pm and is filed under Shows. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “Show 001 - An Interview with Avi Rubin”

1. Kevin W. Wall Says:
   May 25th, 2006 at 9:05 pm

   Not realizing that April 1st came late this year, I naively took the troll bait posted by Gary McGraw to the Securing Coding mailing list (SC-L@securecoding.org). Fortunately, I didn\’t reply to the entire list and make a fool of myself. (Instead, I waited until now to embarass myself in front of an even larger audience.

   In looking back, both Gary and I thought that others might enjoy our private dialogue, and thus I agreed to share this discussion with the world. (Of course, now I will have to go into hiding in the FBI\’s witness protection program, but I digress.)

   A final note before we begin. The views expressed belong soley to Gary and myself and do not represent the views or opinions of our respective companies. (And I have over 200 lines of discarded disclaimers to prove it!)

   On Monday, May 15, 2006 8:33 PM, Gary McGraw posted to the Secure Coding List…
   gem>>> To: SC-L@securecoding.org
   gem>>> Subject: [SC-L] New podcast (sneak preview)
   gem>>>
   gem>>> Hi all,
   gem>>>
   gem>>> Tomorrow, we\’ll announce the existence of the Silver Bullet
   gem>>> Security Podcast with Gary McGraw. Woo hoo. The first
   gem>>> interview is with Avi Rubin. This activity is sponsored by
   gem>>> IEEE S&P Magazine…who by now all sc-l readers should know well!
   gem>>>
   gem>>> See http://www.cigital.com/silverbullet
   gem>>>
   gem>>> Hope you all like it!
   gem>>>
   gem>>> gem

   On Tue 5/16/2006 11:22 AM, Kevin Wall responded…
   kww>> To: Gary McGraw
   kww>> Subject: RE: [SC-L] New podcast (sneak preview)
   kww>>
   kww>> \”Silver Bullet\” Security Podcast ??? Argh!!!
   kww>>
   kww>> Really Gary. You of all people. You disappoint me. How could you let
   kww>> those yahoos > who came up with that name get away with that? Make
   kww>> them go back and read Brook\’s classic \”No Silver Bullet: Essence and
   kww>> Accidents of Software Engineering\” article.
   kww>>
   kww>> Didn\’t you tell them with an name like \”Silver Bullet\”, they were
   kww>> instantly going to loose any credibility that they might
   kww>> otherwise have had (at least to those who are clueful enough
   kww>> to have read Brooks\’ article)?
   kww>>
   kww>> -kevin

   On Tuesday, May 16, 2006 11:41 AM, Gary McGraw responded…
   gem>> To: Wall, Kevin
   gem>> Subject: RE: [SC-L] New podcast (sneak preview)
   gem>>
   gem>>
   gem>> Hah. Kevin, dude, it\’s a JOKE. It\’s irony.
   gem>>
   gem>> Supposed to be funny. Sorry it hit you wrong.
   gem>>
   gem>> gem

   On Tue 5/16/2006 12:39 PM, Kevin Wall replied…
   kww> To: Gary McGraw
   kww> Subject: RE: [SC-L] New podcast (sneak preview)
   kww>
   kww> Phew… for a moment there, I thought Citigal was being
   kww> taken over by evil marketing droids or that (much worse) you had
   kww> turned to the dark side (i.e., clueless management
   kww>
   kww> -kevin

   On Tuesday, May 16, 2006 12:52 PM, Gary McGraw replied…
   gem> To: Wall, Kevin
   gem> Subject: RE: [SC-L] New podcast (sneak preview)
   gem>
   gem> Still giggling over here.
   gem>
   gem> gem

   Finally, on Tue May 16 13:11:27 2006, Kevin Wall wrote…
   To: Gary McGraw
   Subject: RE: [SC-L] New podcast (sneak preview)

   Gary,

   Well, I\’m glad to here that you hadn\’t given in to the partial lobotomy (which seems to be mandatory with most organizations I\’ve worked with) or been abducted and brainwashed by space aliens.

   I guess I\’m just overly sensitive to the \”Silver Bullet\” name because at least twice in the past, at two different companies I\’ve worked for, I\’ve had to work with IT development organizations who in all seriousness had officially named themselves something like \”Silver Bullet Organization\” and THEY were not doing it for the irony….they were just clueless and had never read Brooks\’ Silver Bullet CACM article.

   —-
   That\’s when Gary asked me to post this thread on the comments to the website. So, while I remembered my Brooks, I forgot that other famous sage whose name starts with \’B\’ and who incorrectly is credited with saying \”there\’s a sucker born every minute\”. Sigh. Somebody give me a blanket to hide under. (And make it a wool one, to go with my sheepish grin.)

   Regards,
   -kevin wall

2. Kevin W. Wall Says:
   May 26th, 2006 at 8:05 pm

   _Before_ people start correcting me, I\’ll correct myself. Apparently, I don\’t remember my Brooks as well as I thought. (Gary…you should have caught me on that one!)

   Brook\’s \”No Silver Bullet: Essence and Accidents of Software Engineering\” was published in IEEE Computer in April 1987, not in CACM as I originally stated. (Apologies to IEEE Computer Society, but when you\’re old enough to remember using punched cards, one should be permitted to forget such details. Should have done my homework though and double-checked instead of going by memory. I\’ll blame in on a parity error.)

   Anyway, for those you haven\’t read this classic paper, you can find it at:
   http://www.computer.org/portal/site/computer/menuitem.eb7d70008ce52e4b0ef1bd108bcd45f3/index.jsp?&pName=computer_level1&path=computer/homepage/misc/Brooks&file=index.xml&xsl=article.xsl&

   Also, in the _ACM Queue_ for this month, Alex E. Bell reminds us in \”Software Development Amidst the Whiz of Silver Bullets…\” that we *still* haven\’t gotten it after all these years. You can find the current month of _ACM Queue_ at http://www.acmqueue.org/.

3. gem Says:
   May 29th, 2006 at 2:05 pm

   Here is a pointer to the Brooks paper that Kevin talked about. It was published by the IEEE, not the ACM.

   Brooks, Frederick P., \”No Silver Bullet: Essence and Accidents of Software Engineering,\” Computer, Vol. 20, No. 4 (April 1987) pp. 10-19.

   http://www-inst.eecs.berkeley.edu/~maratb/readings/NoSilverBullet.html

   Of course now we know that the claim that \”there is no silver bullet\” is patently false. Hah hah hah.

   gem

4. Mark Says:
   July 12th, 2006 at 6:07 pm

   Two comments:
   1. I have enjoyed what I have heard so far.
   2. Everytime my iTunes checks for new episodes it tries to get a fresh copy of episode 1. Episode 2 does not have this problem. Any help would be appreciated.

   Keep up the good work.

Leave a Reply