Remembering Peter Neumann
Peter Neumann helped define the field, and my career. He'll be missed terribly.
Peter G. Neumann has passed, and we are all poorer for it. John Markoff wrote his obituary for the New York Times, and Gene Spafford and Simson Garfinkel have an In Memoriam: Peter G. Neumann (1932-2026) in Communications of the ACM. Peter’s professional page is at SRI.
Spaf and Simson have done a good job with Peter’s contributions to computer security and public policy, and I’d like to add that beyond cryptography and wiretaps, Peter had a dramatic influence on how we think about election security as a systems problem. I remember him telling me in the late 90s or early 2000s about being an advisor to Rebecca Mercuri, who wrote the first computer science PhD on election safety. He explained exactly how knotty the problem was and told me I needed to read her thesis. Since then, I’ve been frustrated whenever someone brings in a narrow view of election security, because, as he explained to me, it’s all about the requirements, which drive the system design, and how you can’t possibly satisfy all the requirements.
Peter shaped my professional career since the start. This isn’t an exaggeration. I went back and checked. My first contribution to the RISKS digest was in May, 1994, and I was probably reading it for a few years before I contributed. Peter was there for my first-ever academic presentation, and when I went back and checked the volume, realized he was in fact an editor of the DIMACS Network Threats workshop. I can’t find a formal list of a program committee, so it was probably him and Rebecca Wright choosing papers, and they took a bet on me.
Peter epitomized and modeled the idea that a computer scientist should not “stay in a lane,” but rather be engaged with the impacts of our work, and he did so so effortlessly that to this day I’m surprised when I hear someone say dismiss impacts of their work by saying “that’s not a computer science problem.”
He was somehow everywhere, cheerfully commenting or punning through it all. While I was at Zero-Knowledge Systems, Peter was on our advisory board and I have fond memories of many dinners, and less fond memories of him critiquing our system design. Those memories are unhappy not because he was wrong, but because once he made his points, they were so obviously right that it was embarrassing to have missed them.
In retrospect, it’s ... complicated to say exactly where Peter influenced
me, because his influence was so pervasive by the time I became
aware of computer security as a discipline. In his Memoriam, Steve Bellovin writes
about how Peter championed a systems view, and while I’m sure my
views have evolved, the idea that a systems view was
something that
The very morning the news came out, I was working on something, and spent a few sentences making sure that a point he made a dozen years ago was properly addressed. I thought about sending him a "I remember this fondly" message before I saw the news. As I remember it, that same conversation included lots of back and forth about Microsoft's SDL. Peter argued that it wouldn't matter until we solved memory protection at the hardware layer, I argued that we had to ship on what the market provided, and I'm not going to claim credit: the point was obvious to both of us, but his ongoing involvement with the CHERI project relates to his desire to solve important systems problems.
I expect to be engaging with the technology he built, and the arguments he made for a very long time.
There is a memorial planned at SRI in Menlo Park, Saturday, June 13, 10am - 12pm. The registration form has the address.