Embedded Systems  
      September 2005  
       Les Approximations Dangereuses  
Les Approximations Dangereuses:
      The Sorcerer's Apprentice and other Dangerous Approximations

The myth of the “Sorcerer's Apprentice” can be summarized by the old saw, “Beware what you wish for, your wishes may come true”.

In cyberspace, the intersection of security, privacy, and access continue to create new challenges for corporate security, law enforcement, privacy, and safety. The tradeoffs are many, the implications subtle. The public discourse on these topics has more often than not failed to take into account past experience with similar hazards; ignoring the reasons for pre-Internet limitations on information gathering and behavior. Often, seemingly obvious solutions to problems have subtle hazards and dangers, and have side effects worse than the original disease. The best of intentions can go awry, as in December 2001, when America Online's spam filtering mechanisms waylaid Early Action admissions decisions emailed to applicants by Harvard University.

Surveillance, monitoring, and protection tools often represent the only way in which applications and support networks can be monitored and protected. The technologies and their internal approximations are highly useful, but are often employed with a focus on their strengths, with a lesser degree of attention paid to their limits and robustness.

The side effects vary widely, from inconsequential annoyances to the electronic equivalents of multiple sclerosis, progressive diseases which effectively incapacitate the affected systems. While it is true that the connected world would not and could not exist without these approximations, there are dangers and limits.

Approximations however, are not reality. Understanding the limits of approximations is critical to their safe use. Conclusions beyond the scope or validity of the approximation are dangerous to all parties involved. While active responses to perceived attacks are the most serious concern, even seemingly innocuous defensive measures can have a severe impact on an organization and its customers and partners.

Speaker: Our speaker will be Robert Gezelter, a Senior Member of IEEE and a member of the IEEE Computer Societyís Distinguished Visitors Program. Mr. Gezelter holds BA and MS degrees in Computer Science from New York University. He is a contributor to the Computer Security Handbook (2002) and the Handbook of Information Security (2005). He has spoken and written extensively on operating systems, networks, performance, security, tools, and similar areas.

Mr. Gezelter is in private practice, and maintains his offices in Flushing, New York. He can be contacted via his firmís www site at http://www.rlgsc.com.

Sponsors: IEEE Green Mountain Section and Computer Society
Champlain College, Burlington, Vermont
Venue: Champlain College, Alumni Auditorium
Date: Wednesday, September 28, 2005
Time: 4:00 PM to 5:30 PM
Press Release: http://www.rlgsc.com/ieee/Vermont/2005-09/PressRelease.pdf
Reservations: Gary Kessler gary.kessler-at-champlain.edu, Subject: IEEE DVP RSVP
Session Notes: http://www.rlgsc.com/ieee/Vermont/2005-09/sorcerers.html

Questions to: webmaster@removethis.rlgsc.com