Thursday, February 7, 2019

My Publications

Fault Resistance and Recovery within System 250. ICCC USA 10.1972 Fault Tolerant Multiprocessor Design for Real Time Control. Computer Design 12.1973 Multiprocessor Controlled Switching Systems. CNET/CNRS France 7.1975 A System for the Implementation of Privacy and Security. ICCC 9.1976 Capability Based Systems. Symposium on Operating Systems 11.1977 Lead paper on System 12 Integration and Field Experience. ISS Italy 5.1984 Field Experience of Computer Controlled Switching Systems. FTCS16 Austria 7.1986 A Perspective on Object Oriented Programming. ACM Washington D.C. 4.1988 Chairman WCF on "Broadband Evolution and Campus Drivers" Phoenix, AZ 2.1993 "The Carrier Network Perspective" 7th Broadband Networks, Washington D.C. 11.1993 "SALT and Web-IVR" DeVry University, Florida.NET May 2004 Architecture review of Composite UI Application Block (CAB) for rapid development of Smart Clients - South Florida Code Camp Feb 2007 Architecture Choices for Security - Functionality with Security - Florida .Net Aug 2007

Tuesday, February 5, 2019

Millions of Google, Roku, and Sonos Devices Are Vulnerable to a Web Attack

https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/

Software Security from Transparent Capabilities

Software security policies, monitor subjects accessing objects, applying access rules. Sadly the rules only apply to a small subset of interactions because the mechanism is identity limited. Calls made by programs within an application like a browser, and the individual machine instructions within programs, go unchecked. Compilers, code reviews and run-time analysis attempt to fill the void with best programming practices. It helps, but security is also threatened by anonymous scripts and downloads that introduce evil lines of code, that spy, steal or cause harm. Moreover, the time of checking and the context of execution differ, while errors from imported scripts are ignored. The internet is hostile and software is vulnerable, so using the web is unavoidably dangerous.
Best practices, operating system calls, and security monitors are unavailable, ignored or bypassed. Logic demands an assured policy check everything. This includes the program calls within a browser or when dealing with email. To realize, comprehensive software security requires digital integrity assured of trusted computers executing trusted instructions. Nothing else covers the full spectrum of threats. The PP250 computer used capability-based addressing to achieve a trusted, comprehensive solution. A stored algebra of capability keys regulates the actions of programs. Every instruction is validated and thus all programs to programs calls are checked. This encapsulation mechanism allows best practices, compilers, languages and code analysis to work. Software survives, succeeds and thrives, even in a browser. Given the concerns over cyber crime, this paper reviews a generic, transparent capability based security system to rekindle interest in this most effective, software security mechanism. View here

Monday, December 10, 2018

From Axios: 2. The AI crossroads

kenneth@hamer-hodges.us has shared an Axios story with you:

2. The AI crossroads
https://www.axios.com/newsletters/axios-future-57c72b75-e4cb-4c3e-8d4f-085b084246a5.html?chunk=1&utm_term=emshare

Monday, November 26, 2018

Ken Hh shared 'The online threat that cybersecurity teams don’t cover' with you

Google News
Ken Hh shared 'The online threat that cybersecurity teams don't cover' with you
 
Quartz
The online threat that cybersecurity teams don't cover
Businesses increasingly rely on social media for everything from selling products to collecting customer feedback. Their online brands...
 
Get the Google News app
Google News on Google Play Google News on App Store
 
You received this email because Ken Hh shared this with you. If you no longer want to receive email notifications of shared content from Google News, unsubscribe here.
 
© 2018 Google LLC
1600 Amphitheatre Parkway, Mountain View, CA 94043

Friday, November 16, 2018

Seeking Alpha: Oh Look, Another Hack Attack

Seeking Alpha: Oh Look, Another Hack Attack.
https://seekingalpha.com/article/4222927-oh-look-another-hack-attack

Tuesday, November 13, 2018

The Telegraph: Cyber attacks are the biggest risk, companies say

The Telegraph: Cyber attacks are the biggest risk, companies say.
https://www.telegraph.co.uk/technology/2018/11/12/cyber-attacks-biggest-risk-companies-say/