Multics was flawless?

Multics LogoLast week I participated in a very geeky panel discussion about a now-defunct standard for computer system security: the TCSEC. I showed some charts and diagrams about costs, error rates, and adoption of government-sponsored programs for evaluating computer security. During the panel, some audience members made the following claim:

“After its evaluation, Multics never needed a security patch.”

I admit I find this hard to believe, and it’s not consistent with my own Multics experience. However, most of my Multics experience predated the evaluation. So I ask: does anyone know if Multics had a security patch after its B2 TCSEC evaluation?

[see newer posting; also, I’ve added links below to Multics information on line] Continue reading Multics was flawless?

Example of KISS

Ok, this is a backwards observation.

One of my hot buttons is to spot “cyber security principles,” that is, general but pointed observations on how to improve cyber security.

A long-held principle is “Keep it Simple, Stupid.” Thanks to Moore’s Law and the constantly falling price of ever bigger, faster, and more complex tech, no one puts much effort into keeping things simple. The extra features draw more customers even if they make the tech more fragile.

Continue reading Example of KISS

GUIs: Control, Conveyance, Continuity, and Context

Scream of anguishI’m a sucker for basic principles distilled into pithy prescriptions.

A freelance writer, Brian Boyko, has distilled the basic features of graphical user interfaces (GUIs) into four principles: Control, Conveyance, Continuity, and Context. He uses them to structure a well-reasoned though shrill critique of Windows 8.

Continue reading GUIs: Control, Conveyance, Continuity, and Context

A really simple Drupal 7 example module

I developed this module back when I managed my self-hosted Drupal system. Since then I’ve found that there’s more to life than managing your own web site, and that it’s cheaper and more effective to do it through WordPress.com even though I retain a fondness for Drupal. Yes, it’s ironic that this Drupal example is hosted on a WordPress server.

Continue reading A really simple Drupal 7 example module

Boston University’s RAX Library

(circa 1973-8)

Boston University (BU) developed its own timesharing system in the 1970s for its IBM 360 and 370 mainframes. The system was based on the batch-oriented Remote Access Computing System (RACS) developed by IBM. McGill University also participated in RAX development, but their version was renamed “McGill University System for Interactive Computing” (MUSIC). Although many of the details are lost in the mists of time, both systems used some text processing tools developed at BU.

Continue reading Boston University’s RAX Library