Re: Just when you thought it couldn't get any worse..@AC 11:23
"Ross does some important work"
"it's always big business or banks who are insecure,"
So it would seem, most of the time. Maybe that's his speciality? Perhaps you're not aware of his works on e,g, smartmeters? (it's hidden on one of his university pages).
"[it's] never FOSS [that's insecure]"
Wtf? How did FOSS suddenly reach the front of your agenda? Banks are commonly featured by Anderson because they've been shown to lie repeatedly about how secure things are. And when something is insecure, the banks don't pay the price, they pass the cost on to their customers.
I do actually agree that it would be great if Anderson (or his team) would broaden their fields a bit. Infrastructure cybersecurity (yuk) seems to be a popular subject recently, and why not. Some realism would be welcome though. Maybe he could look there.
Maybe he could have a look at the safety critical systems and software going into the Dreamliner (given the apparent state of regulatory approvals to date on that aircraft, I'd be particularly worried about the safety critical stuff). And so on.
In fact I'd be quite interested if someone (anyone) would have a look at the software and system safety in a typical modern vehicle, where increasing numbers of controls are drive-by-wire, with increasingly complex software in the middle.