Re: Automatic Exploitation Paper Peer Review

[Konrads Smelkovs <konrads () smelkovs com>]

> I am not sure I agree with that.  One of the saddest moments in my academic
> > life was realising that the choice of PhD is dictated for the majority of
> > non-brilliant students (of which, sadly, I was part) not by the advancement
> > of science but by the fastest route to achieve a thesis which will pass
> > muster.  You therefore look for problems which are obscure, hidden somewhere
> > and with next to no chance of having any importance except to close a border
> > case.  The impression I have is: lots of border cases in academia when it
> > comes to security.
>
>
> This sounds very sad. If PhD's in security are valued so low, then imagine
the amount of waste put into producing masters' thesises and even
bachelors'. If this list thinks it knows enough about real world problems
that need researching, then how about producing a list of Dailydave approved
research topics in form of thesis titles and maybe few pointers in the right
direction?

> --
Konrads Smelkovs
Applied IT sorcery.

> On Sat, Dec 11, 2010 at 10:18 PM, Arrigo Triulzi <arrigo () alchemistowl org>wrote:
>
> > On 11 Dec 2010, at 16:47 , Jon Solworth wrote:
> > >       Are you comparing two classes of academics, those working
> > > or hard problems and those working on today's problems?
> >
> > Not really, I'm comparing those working on hard problems and those working
> > on sufficiently small subsets that they become almost irrelevant.
> >
> > >       If so, I'm not sure that they are working on different problems,
> > > it seems to me that they are looking at different ways of attacking
> > > the same tough problem.  But the second class has so many more
> > > constraints than the first class that it is very difficult to obtain
> > full solutions.
> > > Thus, solutions are partial.
> >
> >
> >
> > Is there a lack of smart researchers willing to tackle security in
> > universities or are they all being poached by industry and money?
> >
> > >       Now the question is whether these partial solutions extend to
> > > useful solutions?  Maybe.  But the history in security is not good.
> >
> > No, it is not.
> >
> > >       Because the constraints are reduced (and because complexity
> > > matters so much in security), it seems to me that the first class has
> > > a much better chance of solving these problems than the second.
> >
> > Yes, and no.  Are we sure the complexity we see is not comparable to the
> > Ptolemaic model? Are we trying to keep saving a model which is flawed from
> > day one but since it still produces papers (and funding) in both academia
> > and industry then nobody really has an interest in throwing it away
> > (including myself no doubt)?
> >
> > Arrigo
> >
> > _______________________________________________
> > Dailydave mailing list
> > Dailydave () lists immunityinc com
> > https://lists.immunityinc.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave