This Thursday, the fine people at the Harvard Computer Society are hosting my one last talk in Boston before I run away and switch coasts. I’ll be focusing on two questions: why are our computers so insecure, and why is it so hard to fix the situation?

While I hope to offer some insights that the technologists in the audience haven’t heard before, this is also my first security talk in a few years that doesn’t require much of a security background. Which is to say, the only prerequisite is a bit of curiosity. The talk is open to the public — hope to see you there!

When: This Thursday, March 5th, 7PM
Where: Harvard Science Center, room 112, 1 Oxford Street, Cambridge, MA (Map)
What: The Bitter Tale of Desktop Security: Our 35-year War
Abstract: It’s 2009. About 75% of all corporate machines are infected with at least one piece of malicious code. We’re seeing the emergence of weapons-grade botnets, designer trojans, and smart mobile malware. The black hat community is graduating from a ragtag army of rebels without a cause to a group of well-paid professionals engaging in research-quality work to rake in profits and evade detection. The entrenched players in the security industry have been predictably slow to respond. Now, seemingly bewildered by the new security landscape, they are increasingly claiming that salvation lies in restrictive new systems which threaten to transform your computer into little more than a glorified abacus. There must be a better way.

This session doesn’t require a security background: we will turn to history to try and explain why none of our machines are secure. We’ll then look at the problems of legacy and authority and explain why the road to a secure desktop is fraught with such toil and peril.