[Cryptography] Flawed security assumptions. NIST paper.

[Tom Mitchell]

This has applicability in the current newsworthy email noise generating
stuff.
If the primary servers were well designed and managed it would be
"impossible"
for a user to be careless.

http://csrc.nist.gov/nissc/1998/proceedings/paperF1.pdf

.....
"The need for secure operating systems is especially crucial in today’s
computing environment. Substantial increases in connectivity and data
sharing have increased the risk to systems such that even a careful and
knowledgeable user running on a single-user system is no longer safe from
the threat of malicious code."

....
I would assert() that  while applications have limits without OS support
it makes sense to design applications now in ways that clarify the OS
infrastructure
and services needed.

Encryption can and should be used as part of the infrastructure....


-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160711/ae16e9af/attachment.html>