|University Offices > University Newsletter > April/May|
It is now some weeks since the sad and untimely death of Professor Roger Needham, a man who played a leading role in the development of computer science as a discipline and who helped to build the University's Computer Laboratory into a leader in the field.
Those who knew him well will miss him greatly, he was both well respected and much loved. Below some of his closest colleagues pay tribute to Roger.
The legacy that he leaves behind - a vibrant research community enjoying strong links with industry - is illustrated by two reports on the following page: the opening of a new Intel Laboratory and groundbreaking research in the area of computer security.
Roger's leadership went much further than simply bringing his analytical skills to bear on management. While he was on one of his breaks at Xerox PARC, a nervous research student from the Laboratory was travelling alone to California to present a paper at a conference. Roger duly appeared at the airport to meet her and take her on a sight-seeing trip, naturally wearing his denim shirt, red tie and tweed jacket while driving through the foothills in the Summer sun. Roger cared about people.
Roger was no stranger to the commercial world, having been innovative in transferring technology from the Laboratory into business. He knew that speed was of the essence, so we didn't bother with complex licence agreements and payments were left to the discretion of the beneficiaries. When the Laboratory found itself short of money for supporting innovations in teaching, Roger only had to write a circular round the local companies mentioning the problem and they contributed not only the cost of an extra member of staff but also enough over to support several research students.
The legacy of Roger's leadership will bring benefits for many years. Cambridge has two world class laboratories undertaking research in Computer Science together with local companies, large and small. The University, the international academic world and the local community all profited from his wisdom and straightforward common sense. It has been an interesting journey and it was a privilege to enjoy his company for some of it. We will miss him.
45 years ago I was a Diploma Student in the Mathematical Laboratory with Roger Needham, then a research student, as supervisor. I in turn became a research student, and Roger moved into temporary employment in the Laboratory. We played a game of 'job tag' for ten years, with me following him up the ladder.
During the 1960s, we were absorbed by the Titan project. This involved substantial research, building an innovative but practical system that progressed the state of the computing art while providing a computing service without equal in a university environment. It was then that we discovered we were engineers and not scientists. No one ever appointed Roger as the leader of the Titan operating system project. As so often, his position just emerged naturally.
After 1970, our job paths diverged but we remained close colleagues. Roger became a research leader and then Head of the Laboratory, while I directed the Computing Service. For 15 years we jointly ran a hybrid department, which was successful because of the principles we shared. Thereafter we kept in touch, seeking each other's advice as our careers developed. It was a privilege to have shared all those years with Roger.
Dr David Hartley
With the death of Roger Needham, I have lost a long term colleague and a close personal friend. When he succeeded me in September 1980 as head of the Computer Laboratory, he was already closely in touch with all that was going on and the transition was a very smooth one. I moved to the United States, but we kept closely in touch and on my periodic return visits he would bring me up to date on what was happening. I had feared that he would have a thin time financially, but this was not so, and he was able to branch out in various directions. He had already begun to make a name for himself in encryption and computer security. This was an area in which he owed nothing to me, and as time went on he became one of its leading figures. He had counted on having many years ahead of him to pursue this interest, but sadly that was not to be.
Professor Maurice Wilkes
The Vice-Chancellor, a former director with IBM (arch rival to Intel), opened the lab by saying: "We are pleased to welcome the decision of Intel, probably one of the greatest companies in the world, to work with the best university in the world!" David Tennenhouse, Vice-President of Intel, commented on the excitement of Cambridge and the young and dynamic team, headed up by Derek McAuley, which will specialise in new applications and uses for software. Professor McAuley, or Mac as he prefers to be known, said: "The energy is phenomenal in Cambridge - and that's one of the key reasons I think Intel have come here. We have great students who keep the old fogeys on their toes, who continually ask why, and better still, why not."
The opening was only a week after the death of Professor Roger Needham, who had established the Microsoft Lab, and been former head of Computing. Ian Leslie paid him warm tribute and discussed the importance of his influence on Cambridge research: "It's just impossible to say how much he will be missed."
New attacks reveal weakness of ATM infrastructure
Cambridge researchers have discovered new weaknesses in the computer systems which protect bank ATM transactions that may explain the many unsolved cases of "phantom withdrawals". While the population of customers engaged in lengthy disputes grows, banks both deny responsibility and refuse to provide details about their security, so these customers have no way to prove otherwise.
However, researchers Michael Bond and Ross Anderson at the University of Cambridge have discovered some straightfoward attacks which they say could explain the growing number of disputes. In November 2001, the Cambridge security group demonstrated a sophisticated attack on an IBM 'hardware security module' (HSM): the computers which banks use to keep customer PINs secret. But these new attacks are simple, and work across the board, on modules from all the biggest HSM manufacturers: Thales, Atalla and IBM.
Bond's 'decimalisation table attack' allows a corrupt bank employee to extract around 300 customer PINs per minute - quick enough to make a small theft go unnoticed, or to go for a £3.1 million jackpot with only a lunch-break's worth of access. This attack is just one of a set of new 'API Attacks' discovered independently by Mike Bond and Jolyon Clulow.
"These new attacks are so significant that a co-ordinated effort is needed to get the standards updated, and to ensure that the solution actually gets implemented by banks." says Bond.