[Edinburgh-pm] [OT] SICSA Distinguished Visitor Seminar on ethics of Computer Security Research

Robert Rothenberg robrwo at gmail.com
Thu May 19 02:49:15 PDT 2011


This may be of interest.

-------- Original Message --------
Date: Wed, 18 May 2011 14:41:19 +0100
From: David Aspinall <David.Aspinall at ed.ac.uk>
Subject: SICS Distinguished Visitor Seminar on ethics of Computer Security
Research


Dear All,

I'm delighted to announce an Informatics seminar by John Aycock on 1st
June, see abstract below.  John is a SICSA Distinguished Visiting Fellow
arriving next week.  He'll be based in Glasgow but touring other SICSA
universities giving several different talks.

For people who haven't seen the note from SICSA, I'm pasting that
further below, it contains an ad for John's talk in Glasgow on 27th May.

  - David

----------------------------------------------------------------------


          Computer Security Research: Considered? Harmful?

    John Aycock, Associate Professor, University of Calgary, Canada
                  SICSA Distinguished Visitor

                     3pm 1st June, 2011
            Informatics Forum, Ground Floor Room G.03

There are a number of simmering ethical issues when it comes to applied
security research.  Vetting by research ethics boards is not enough, as
some work can slip through the boards, and other work can slip through
the cracks of ethics policies.  I'll draw on some of the work my
colleagues and I have done in the area of security ethics, and combine
it with some ideas from the last two workshops on ethics in computer
security research (WECSR) to give an overview of the ethical landscape
and what needs to be done to fix some of the problems.


---------------------------------------------------------------------


Professor John Aycock will be visiting Scotland as part of the SICSA
Distinguished Visitor Fellowship programme from May 24th - 1st June 2011.

John Aycock is an Associate Professor at the University of Calgary,
Canada, in the Department of Computer Science. He researched compilers
once upon a time, then turned to computer security, where he conceived
and taught the University's "Computer Viruses and Malware" and "Spam and
Spyware" courses. He has published lots of papers and annoyed many
people; those two things are sometimes but not always related. He is the
author of two books on computer security, most recently "Spyware and
Adware" published in 2010 by Springer.

Among a number of other engagements during his visit (including a
keynote talk at the forthcoming SICSA PhD Conference) Professor Aycock
will be leading a talk at the University of Glasgow on 27th May 2011.
Details below:

Speaker: John Aycock, Associate Professor, University of Calgary, Canada
Date: Friday, May 27, 2011
Time: 4:00pm
Location: Level 5, Sir Alwyn Williams Building, University of Glasgow


           Title: Stux in a Rut: Why Stuxnet is Boring

Abstract: Stuxnet has been described as "a watershed moment" and "a
game-changer" for security. While one would expect those gushing
superlatives from mainstream media, the surprising source of those
comments is security researchers themselves.  I will begin by arguing
that Stuxnet is nothing short of unsurprising. In fact, there are few
game-changing moments in the history of malware, and I'll put that into
its proper context by identifying and discussing the handful of
"highlights" in the last few decades.  Why are we not seeing more
novelty in malware? It would be easy to dismiss malware authors as
untalented, unimaginative hacks, but the underlying cause may be deeper
than that. I'll look at whether the relationship between malware and
anti-malware is a contributing factor. Finally, if even the
highly-touted Stuxnet isn't interesting, what can we expect from malware
in the years to come?  I'll draw on some of our proactive threat
research to illustrate some potential directions.




More information about the Edinburgh-pm mailing list