Frank Lloyd Wright was Right! presented at AUScert 2009

by Dan Klein,

Summary : AusCERT has been holding conferences for quite a few years, and the CERTCC was founded over two decades ago. Yet in spite of these prominent centers of excellence, we keep seeing new attacks, new exploits, and new vulnerabilities - in simpler terms, 'same stuff, different day'. It's not because there are more bad guys out there (although there are), and it's not because the bad guys are smarter (but they are). In my opinion, it is because we are working with tools and systems that are fundamentally flawed. Our house of bricks is built on a sandy foundation, and we find ourselves at a crossroads - the same crossroads that every technology has faced in our history: start over again and do it right from the start, or keep doing it wrong until it all falls over in a heap.
This talk will try to take a lighthearted look at some really bad news. Either we will have to spend a lot of money redeveloping our basic tools, infrastructure, and operating systems properly, or we will have to spend a lot of money patching bugs and regularly recovering from security disasters (and continually be faced with the same basic problems). One way we have a lot of unhappy people now, the other will have a lot of unhappy people later.
In the 1950's, the architect Frank Lloyd Wright was given a tour of Pittsburgh, which ended atop Mt. Washington. He was asked 'okay, what should we do?'. In his inimicable style, he looked around and said 'raze it and start over'. Having lived in Pittsburgh for 35 years, I can tell you that he was right.
I've worked with computers for as long as I've been in Pittsburgh. Frank's advice is strangely apropos.