The Bitter Tale of Desktop Security


HCS welcomes club alumnus Ivan Krstić to discuss security on the desktop, why it isn't, and how it might be. Join us this Thursday, March 5 at 7 PM in Science Center 112 for what promises to be a fascinating and in-depth discussion. This lecture is open to the public.

It's 2009. About 75% of all corporate machines are infected with at least one piece of malicious code. We're seeing the emergence of weapons-grade botnets, designer trojans, and smart mobile malware. The black hat community is graduating from a ragtag army of rebels without a cause to a group of well-paid professionals engaging in research-quality work to rake in profits and evade detection. The entrenched players in the security industry have been predictably slow to respond. Now, seemingly bewildered by the new security landscape, they are increasingly claiming that salvation lies in restrictive new systems which threaten to transform your computer into little more than a glorified abacus. There must be a better way.

This session doesn't require a security background: we will turn to history to try and explain why none of our machines are secure. We'll then look at the problems of legacy and authority and explain why the road to a secure desktop is fraught with such toil and peril.

Ivan Krstić is a software architect and researcher currently on leave from Harvard University. Until recently, he worked as director of security architecture at One Laptop per Child, an education non-profit that aimed to produce a $100 laptop for children in the developing world. Prior to that, Ivan served as director of research at the medical informatics laboratory of a European children's hospital, tackling infrastructure and security problems in wide-scale digital healthcare.

Ivan is deeply involved in open-source and free software, co-authored the best-selling Official Ubuntu Linux Book, and specializes in architecture and security of large distributed systems. He has consulted on both matters for some of the largest websites on the Internet. Described by Wired magazine as a "security guru", in 2007 the MIT Technology Review named him one of the world's top innovators under the age of 35 for his work on the OLPC security platform, Bitfrost. In 2008, eWEEK declared him one of the top three most influential people in modern computer security, and one of the top 100 in all of IT.

The Bitter Tale of Desktop Security: Our 35-year War
Thursday, March 5
7 PM
Harvard University Science Center, Room 112