Dr Ross Anderson

Another post for geeks. Hehehe. Just attended a talk by a guest lecturer, Dr Ross Anderson from Cambridge University. Very cool guy. Why? Cause there's actually an entry on him in wikipedia. Dr Ross is an expert on all things security and as seen from his webpage, he's done some very very cool research. He even puts his whole book online free for download. He came to share on two of his most interesting research areas.


The first one was titled "Programming Satan's Computer". Satan's Computer was a term he coined with Roger Needham in expressing the difficulty in coming out with cryptographic protocols. He shared a lot of his previous experience in helping banks come out with better ATM security systems. He also shared his dislike for Microsoft and their "treacherous computing" idea:P

2nd topic was on Economics of Security. It's basically applying economic reasonings rather than tehcnical ones on why security systems sometimes fail and why do certain people do certain things and caused havocs in computing environments. One interesting topic was on incentives in finding bugs in software. He gave a rather funny example to illustrate this point. Supposed, the National Security Agency (NSA) finds a bug in Windows. Would they inform Microsoft to patch it? If they do, they will protect about 300million Americans. But if they don't, they can spy on 400million Europeans, 1billion Chinese and a couple of Middle-Easterns. So the rationale in security is more often than not, driven by economic and sociology motivations. Hence, his research together with a few economists is to analyze the trend in security systems via an economic perspective.

I have no plans to specialize in security but it's still so interesting. Will be doing mostly databases and data management stuff. That should be fun as well since database research is pretty strong in Edinburgh University. Will also find time attend all these ad-hoc guest lectures. Lots of new and interesting ideas to glean from:)