Marcus J Ranum discusses The Six Dumbest Ideas in Computer Security with Ryn on this edition of The Guardian Podcast with Ryn Melberg. cyber security / The Guardian Podcast

On this edition of The Guardian Podcast with Ryn Melberg, we return to a favorite topic of the podcast and it is that of cyber security. Our guest is Marcus J Ranum who is a well known consultant in the field. Marcus is an expert in cyber security with a very impressive background that goes way back to the early 1990’s. He came to Ryn’s attention when she read an article he wrote entitled “The Six Dumbest Ideas in Computer Security.”

Marcus J. Ranum (from Wikipedia) born November 5, 1962 in New York City, New York, United States) is a computer and network security researcher. He is credited with a number of innovations in firewalls, including building the first Internet email server for the domain,[1] and intrusion detection systems. He has held technical and leadership positions with a number of computer security companies, and is a Faculty member of the Institute for Applied Network Security.

Marcus J Ranum discusses The Six Dumbest Ideas in Computer Security with Ryn on this edition of The Guardian Podcast with Ryn Melberg.

Marcus J Ranum discusses The Six Dumbest Ideas in Computer Security with Ryn on this edition of The Guardian Podcast with Ryn Melberg.

Ranum helped design and implement Digital Equipment Corporation‘s Secure External Access Link (SEAL) (later AltaVista firewall),[3] regarded as the first commercial bastion host firewall,[4] in 1990. He left DEC to work for Trusted Information Systems (TIS) as chief scientist and development manager for Internet security products. It was at TIS that Ranum became responsible for the Internet email site. Once charged with that responsibility, Ranum advocated that the domain be registered as well.[5] Despite his advice, it was not registered by the government, but was later registered for an adult entertainment provider.[6] At TIS, he developed the TIS Internet Firewall Toolkit (fwtk) under a grant from DARPA. After TIS, he worked for V-One as chief scientist, and was extensively involved in that company’s IPO. Three months after that IPO, Ranum formed his own company, Network Flight Recorder (NFR), and served as CEO for three years before stepping into a CTO role.[7] Ranum later left NFR to consult for TruSecure,[8] before joining Tenable Network Security as CSO.[9]

In addition to his various full-time positions, Ranum has also held board or advisory positions at NFR Security,[10] Protego Networks,[11] and Fortify Software.[12]

Ranum has spoken to USENIX audiences at LISA 1997,[13] 1999 (tutorial)[14] LISA 2000 (keynote),[15] 2002,[16] and 2003 (tutorial).[17] He spoke out against full disclosure at the Black Hat Security Briefings in 2000.[18] More recently, Ranum has spoken at Interop in 2005[19] and 2007,[20] CanSecWest in 2010, and Secure360 in 2011.[21]

He previously taught courses for the SANS Institute.[22]

Ranum’s work has been cited in at least 15 published U.S. patents,[23] as well as numerous other computer and network security articles and books.

Ranum is cited [24] [25] as the author of an eponymous law, “You can’t solve social problems with software.”

  • TISC “clue” award, 2000.[26]
  • Inducted into the ISSA hall of fame, 2000[27] or 2001.[28]
  • Techno-Security Professional of the Year, 2005.[29

Marcus has co-authored a series of “Face Off” articles with Bruce Schneier, which have appeared approximately bi-monthly in Information Security Magazine since July, 2006.[30]

Ranum is one of a number of editors of the SANS Newsbites semiweekly email newsletter.[31]

  • Ranum, Marcus (1999-11-01). “;Login: Special Issue on Security”. USENIX. |contribution= ignored (help)
  • Ranum, Marcus (2000-02-01). “;Login: Vol 25., No. 1”. USENIX. |contribution= ignored (help)
  • Ranum, Marcus (2000-04-01). “;Login: Vol 25., No. 2”. USENIX. |contribution= ignored (help)
  • Ranum, Marcus (2000-06-01). “;Login: Vol 25., No. 3”. USENIX. |contribution= ignored (help)
  • Ranum, Marcus (2000-10-01). “;Login: Vol 25., No. 6”. USENIX. |contribution= ignored (help)
  • Ranum, Marcus (2000-12-01). “;Login: Vol 25., No. 8”. USENIX. |contribution= ignored (help)
  • The Myth of Homeland Security ISBN 978-0-471-45879-1
  • Host Intrusion Monitoring Using Osiris and Samhain with Brian Wotring and Bruce Potter. ISBN 978-1-59749-018-4
  • Web Security Sourcebook with Aviel D. Rubin and Dan Geer. ISBN 978-0-471-18148-4

Currently, Ranum lives in Morrisdale, Pennsylvania. His hobbies include photography and firearms. He maintains an active stock photography account on DeviantArt, and he wrote an essay for Oleg Volk’s pro-firearms site.[32] Marcus Ranum was also interviewed by digital artist Brandon Pence for the NWFLAA which can be read in 2 parts: Part 1 and Part 2. He is an atheist[33], maintaining a blog on the Freethought Blogs network[34].

  1. Jump up ^ “Who’s Who in Infosec: Marcus Ranum”. Information Security Magazine. 2003-06-17. Retrieved 2008-06-07.
  2. Jump up ^ ZDNet – Security Q&A: the father of firewall
  3. Jump up ^ “Comments: Interview with Marcus Ranum”. 2005-06-28. Archived from the original on 2013-11-30. Retrieved 2008-06-07.
  4. Jump up ^ Avolio, Frederic (1999-06-01). “Firewalls and Internet Security, the Second Hundred (Internet) Years”. The Internet Protocol Journal. Cisco Systems. Retrieved 2008-06-07.
  5. Jump up ^ Miller, Sandra Kay (2006-12-01). “A Contrarian’s Viewpoint”. Retrieved 2008-06-11.
  6. Jump up ^ “December letter from a White House counsel to the operator of the “” adult site”. CNet. 1997-12-08. Retrieved 2008-06-11.
  7. Jump up ^ “NFR Intrusion Detection Appliance Version 4.0 Released”. Business Wire. 1999-10-14. Retrieved 2008-06-08.
  8. Jump up ^ “Cisco and Sourcefire Achieve Enterprise-Level NIDS Certification from ICSA Labs”. Business Wire. 2003-04-21. Retrieved 2008-06-08.
  9. Jump up ^ “Marcus J. Ranum Joins Tenable Network Security as Chief Security Officer”. Business Wire. 2004-10-04. Retrieved 2008-06-08.
  10. Jump up ^ “NFR Security Adds Leading Security Industry Experts to Technology Advisory Board”. Business Wireaccessdate=2008-06-08. 2004-02-02.
  11. Jump up ^ “Protego Networks 2.5; Industry Icon Marcus Ranum Joins Protego Networks’ Advisory Board”. Business Wire. 2004-06-01. Retrieved 2008-06-08.
  12. Jump up ^ “Technical Advisory Board”. Fortify. Retrieved 2008-06-08.
  13. Jump up ^ “USENIX Summaries: Eleventh Systems Administration Conference (LISA ’97)”. USENIX. Retrieved 2008-06-07.
  14. Jump up ^ “Tutorial Instructors”. USENIX. Retrieved 2008-06-07.
  15. Jump up ^ “USENIX LISA-NT 2000”. USENIX. Retrieved 2008-06-07.
  16. Jump up ^ “2002 USENIX Technical Conference” (PDF). USENIX. Retrieved 2008-06-07.
  17. Jump up ^ “USENIX — Security ’03 Tutorials”. USENIX. Retrieved 2008-06-07.
  18. Jump up ^ Lemos, Robert (2000-10-09). “CERT to disclose software flaws”. Retrieved 2008-06-07.
  19. Jump up ^ Avolio, Fred (2005-05-23). “The Same Old Drum Beat”. Retrieved 2008-06-08.
  20. Jump up ^ “Tenable CISO Workshops during Interop 2007 New York Now Open for Registration” (PDF). Archived from the original (PDF) on 2008-06-26. Retrieved 2008-06-08.
  21. Jump up ^ “Falling on the sword of ‘Need to Publish'”. Secure360. Retrieved 2011-05-12.
  22. Jump up ^ “SANS Institute — Certified Instructors”. Retrieved 2008-06-07.
  23. Jump up ^ 5,606,668, 5,623,601, 5,826,029, 5,870,562, 6,173,407, 6,601,233, 6,704,873, 6,834,310, 6,950,868, 7,016,951, 7,100,195, 7,224,778, 7,290,288, 7,313,812, and 7,360,244
  24. Jump up ^ William R. Cheswick; Steven M. Bellovin; Aviel D. Rubin (2003). Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley Professional. pp. 202–. ISBN 978-0-201-63466-2.
  25. Jump up ^ Muffett, Alec (October 2016). “Digital Economy Bill Written Evidence Submitted by Alec Muffett (DEB 39)”. UK Parliament. Retrieved March 12, 2018.
  26. Jump up ^ “TISC to honor Marcus Ranum, Internet security pioneer”. Business Wire. 2000-04-17. Retrieved 2008-06-07.
  27. Jump up ^ “Award Honorees”. ISSA. Retrieved 2008-06-07.
  28. Jump up ^ “NFR Security Founder Selected for International Security Association Hall of Fame”. Business Wire. 2006-06-12. Retrieved 2008-06-08.
  29. Jump up ^ “Tenable Network Security Executive Named 2005 Techno-Security Professional of the Year”. Business Wire. 2005-06-07. Retrieved 2008-06-07.
  30. Jump up ^ “Articles by Author: Bruce Schneier and Marcus Ranum”. Information Security Magazine. Retrieved 2008-06-07.
  31. Jump up ^ “SANS NewsBites”. Retrieved 2008-06-07.
  32. Jump up ^ Ranum, Marcus. “The Aesthetics of the Gun Debate”. Retrieved 2008-06-07.
  33. Jump up ^ Ranum, Marcus. “Ranum’s supports Dawkins’s “out campaign” for atheists.”. Retrieved 12 April 2012. Generally, I do not get a lot of satisfaction out of being identified with causes or logos. But – a couple of years ago, when Richard Dawkins started his “out campaign” for atheists, I thought that showing my support was not a bad idea.
  34. Jump up ^

Leave a Reply

Your email address will not be published. Required fields are marked *