The Silver Bullet Security Podcast

with Gary McGraw

Sponsored by Cigital and IEEE Security & Privacy

Show 011 - An Interview with Dorothy Denning

On the 11th episode of The Silver Bullet Security Podcast, Gary talks with Dorothy Denning, a professor in the Department of Defense Analysis at the Naval Postgraduate School. Previously, Dorothy was a distinguished professor at Georgetown University and a professor at Purdue University. Gary and Dorothy discuss Dorothy’s involvement in the Clipper Chip controversy (which earned Dorothy the moniker “clipper chick”), the concept of geo-encryption, and a famous 1990 paper she wrote describing a series of interviews with malicious hackers.

• Transcript of this episode [PDF]
• Wikipedia: Dorothy Denning
• Clipper Chip (More)
• Clipper Chick - a 1996 Wired article about the Clipper Chip controversy.
• The Future of Cryptography
• Location-Based Authentication: Grounding Cyberspace for Better Security - A 1996 paper by Dorothy Denning and Peter F. MacDoran about geo-encryption.
• Concerning Hackers Who Break into Computer Systems - Dorothy’s 1990 paper.
• Big Sur Power Walk

 

 Show 011 - An Interview with Dorothy Denning [22:22m]: Play Now | Play in Popup | Download

This entry was posted on Thursday, February 15th, 2007 at 6:07 pm and is filed under Shows. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Show 011 - An Interview with Dorothy Denning”

1. Oleg Zhylin Says:
   February 21st, 2007 at 9:25 pm

   I have to disappoint you about C/C++, it will never be gone. If it will no longer be tought in schools we are facing Idiocracy movie (http://www.imdb.com/title/tt0387808/) in software development. Developers must know how to program computers, not software abstractions over them.

   As to the topic of the podcast, I would like to emphasise again that C/C++ are _system_ languages which were, are, and will be used to program systems cores. And if we want those cores to be secure, we have no other way but to understand how to use the tools properly.

2. gem Says:
   February 27th, 2007 at 8:45 pm

   If you have to code to the metal, you can use assembly like we did back when I was a kid. I suppose C is like assembly on steroids, so it will have a place.

   However, rampant use of C in non-system places is not helping. And there is no excuse for C++ which is the worst piece of unbelievable crap ever foist on the planet as a programming language.

   Learning to use C in a secure manner is a good idea. (As you probably know, I have spent a decent chunk of my research career working on that kind of thing.) However learning to use C++ in a secure manner is idiocy itself. Just throw out the language.

   Who me opinions??

   gem

   company www.cigital.com
   podcast www.cigital.com/silverbullet
   book www.swsec.com

Leave a Reply