A couple of days ago, I wandered into the lounge where my wife was watching “The One Show” on the BBC and, looking at the screen, thought “I know that bloke.”
Well, “know” is perhaps a bit of an overstatement. Sir Paul Nurse, Nobel Prizewinner and the new President of the Royal Society, was for a while my ultimate boss at the Imperial Cancer Research Fund, which went on to become Cancer Research UK. (Glad to see that my leaving to join the National Health Service didn’t hold them back. :))
Well, I was a humble IT support hewer of wood and drawer of water in the mid 1990s at ICRF (actually, I was their one and only security analyst when I moved on to manage the NHS Threat Assessment Centre, but you get the idea), so the only time I actually met Sir Paul was when I was called across to the main building to clean a few hundred macro virus-infected files on his laptop. Which was an Apple Powerbook: that’s the rather tenuous connection to this blog… Once that was done, he thanked me politely enough, even if he did refer to me as “The Virus Man” and expressed a hope that he wouldn’t have to avail himself of my services again, and indeed he didn’t. So it’s actually something of a relief to find that despite my advanced age and encroaching senility, I still recognized him.
Well, this is a security blog, so I suppose there ought to be a moral apart from “I once met the President of the Royal Society”. If there is, I suppose it’s something like this.
In the mid-90s, there was a strong current of opinion that believed that there was no security problem and especially no virus problem that affected Mac users. And indeed, hardly any of the many Mac users I encountered at the time who had infected Word files had any trouble working with those files. It really became a problem when they had to exchange files with PC users, because at that point, PC users had pretty good antivirus protection (naturally: that was my responsibility!) whereas Mac users weren’t required to use AV, so that document exchange became a problem. So here are nno less than three morals:
- Security breaches don’t always come from the direction you expect them to, and the damage they cause doesn’t always take the form you expect.
- It’s amazing how funding for security becomes available when a breach affects someone high up in the organization
- Being internationally recognized in the field of microbiology doesn’t make you impervious to the deleterious effects of computer virology. Or, given the cough and cold I have at this moment, the other way round. 🙂
And if you ever need your Macbook scanning, Sir Paul, I’m afraid I don’t do user support any more. But I can recommend a good OS X AV product. 🙂
David Harley CITP FBCS CISSP