Citibank e-mail looks phishy

Steven M. Bellovin smb at
Wed Nov 15 19:56:39 EST 2006

On Tue, 14 Nov 2006 18:21:38 -0500 (EST), "Leichter, Jerry"
<leichter_jerrold at> wrote:

> One of Henry Petroski's early books is "To Engineer Is Human: The Role
> of Failure in Successful Design".  Petroski argues that we only learn
> from failure.  Success tells us how to build exactly the same thing
> the next time.  Failure is the inevitable result of pushing out beyond
> what you already know.  (Wonderful book, highly recommended.)
> It's a curiosity of the financial industries that they repeatedly
> forget what they've learned!  Architects design buildings that stay
> up.  Engineers build bridges that don't fail when the wind blows.
> Doctors abandon treatments that kill patients and don't go back to
> them.  In most fields, failures are translated in to "best practices"
> that are used to produce codes and rules and educational methods and
> such that avoid repeating those failures - and remain in force
> pretty much forever (sometimes beyond their useful lifetime, but
> that's a different problem).

I wish that were true of our field...

	In particular, the principles of uniformity, evolvability,
	portability and convenience are most flagrantly avoided.
	There seem to be many reasons for the avoidance of the
	principles. The following all appear to be at least partially

	   1. We don't write. The principles are badly formulated;
	papers containing them are badly written, badly motivated
	or inconclusive, or else never written at all. Many such
	papers tell how a system should be or is going to be
	developed; few papers analyze carefully and conclusively
	the results of a system development.

	   2. We don't read. Very few system developers are familiar
	with work done outside of their own project.

	   3. We profit neither from our mistakes nor from our
	successes. After a success, we tend to go out and make
	a new collection of mistakes (such as trying to build a
	grand design after a small system).


	   5. We tend to repeat the mistakes of others.

>From "The Role of Motherhood in the Pop Art of System Programing", Peter
Neumann, 1969.

One of my favorite papers is Epstein, McHugh, and Pascale's "Evolution of
a Trusted B3 Window System Prototype", because it describes an approach
that didn't work.  Such papers are all too rare.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list