Andrew Myers

Security, programming languages, and computer systems

The OPM disaster and computer security


The theft of data from the Office of Personnel Management is a disaster with long-lasting consequences. It is hard to imagine what event —without causing broad, immediate physical damage— could give the government a stronger incentive to support work on improving computer security. I’m worried the opportunity will be missed anyway.

Current computing systems are not at all secure, but almost all work on computer security focuses on “patching” inherently broken systems rather than on developing methods for building systems to be secure in the first place. Decades of experience has shown us that patching is inadequate, especially against a nation-state adversary.

My fear is that the theft of OPM will now cause research funding to go toward work on detecting intrusion, since the attack was found by a company demoing a tool for security diagnosis. That would be exactly the wrong response—the damage was already done by the time the attack was discovered. Let’s not work on better methods for closing the stable door after the horse has bolted.


Author: Andrew Myers

I am a professor of computer science at Cornell University. It is too hard to build trustworthy software systems using conventional systems APIs. I work on higher-level, language-based abstractions for programming that better address important cross-cutting concerns: security, extensibility, persistence, distribution.

3 thoughts on “The OPM disaster and computer security

  1. Hi Andrew Myers, I broadly agree with your sentiment. However, it should also be noted that “developing methods for building systems to be secure in the first place” and *deploying them* comes with significant upfront costs. Without providing a solution to the upfront cost, my fear is that the government will do exactly what you suggest, namely, invest primarily in intrusion detection.

    Is there a series of small meaningful steps, each of which is not very expensive to deploy and provides meaningful/measurable improvements in security, when added up over time provides the same effect as “deploying secure in the first place” systems? I suspect you must have thought about this quite a bit.

  2. To carry the analogy too far… I agree with you that we should fund people to research how to build stronger barns. But I also think that horses will be bolting for a long time to come, both in the near future and after we build and deploy better barns—so I don’t agree that we should stop funding research in barn repair altogether.