[1] https://www.cl.cam.ac.uk/~rja14/musicfiles/mp3s/ukca.mp3
Made more so by the music that has been combined with the recording!
His dry sense of wit and humour, his uncompromising pursuit of injustice and his loathing of foolhardy decisions made by the political or moneyed elites were evident in all he did and said. Misunderstood by some, I came to respect most his tenacity; at fighting the big guy – and, more often than not, prevailing with his typical grit, logic and determination. His work continues to inspire, especially since three decades after he founded the field he would go on to be recognised for internationally, in many business and industrial circles we are still making the same basic security mistakes, driven by the same flawed economic models as Ross predicted. His work is timeless.
When he spoke, I listened, and on those rare occasions he complimented my work, I did not take that for granted. It is a regret that I did not take the opportunity to do a PhD with him. Rest in peace.
All the examples of bright people having made systems which turned out to be more brittle than the designers assumed really drove home the point that even 'simple' tasks are HARD.
Both the positive and negative comments would make him smile, He knew and we often discussed late in to the night over a glass of red wine or two, his and others work, always interesting and always on point.
He was especially pleased if something he had written or commented on made someone else react. His view was 'well there talking about it now!'
My favourite moments were when he'd ask me over to stay and we'd sit late into the night discussing anything and everything.
I miss you already old friend.
My love and thoughts tonight are with his wife Shireen, his daughter Bavarni and his grandchildren.
Mark Foster
After that, he was /the/ key figure in fighting restrictions on cryptography in the UK, putting together a coalition of CS experts in founding the Foundation for Information Policy Research, and then becoming one of the key (informal) advisors to the Labour party. As a gruff, Scottish socialist, Ross was tailormade to act as a counterbalance to the United States' heavy lobbying of the Blair administration to tow the line on making usable crypto illegal outside of the United States.
That had a global effect: opposition in the UK, at the time the US's strongest ally in many policies, limited the ability for the crypto restriction regime to spread. (After many years, it's notable that the main countries passing crypto restrictions during this period were those /furthest/ away from US support, rather than closest -- France, Russia, etc.).
FIPR and its successes spawned a strong, and experienced digital rights community in the UK early on. It was Ross and Caspar Bowden (who also sadly passed away far too early) who were crucial in encouraging this group to work with others in Europe to form EDRi, which remains the core of digital rights advocacy in Brussels. If you've ever wondered why the EU occasionally comes up with good cyberlegislation, it's because of the influence of EDRi -- and that coordination came from Ross and Caspar recognising that the real decisions were being made not in the UK or the US, but in the growing work of the European Union.
But at the same time as doing this political work, Ross was also building the foundations of a serious cybersecurity approach. He applied political, economic and social aspects to computer security models: his early writing on /where/ to put the liability for computer security flaws are still influencing approaches to legal liability now. He drew deeply from the actual use of technology: my favourite memory of him is him explaining how the Irish Republican Army actually passed around secrets under the nose of the British Army to a somewhat amazed BBC journalist.
Ross' high reputation allowed Cambridge University to lure Microsoft funding for their infosec department. The results of that collaboration indirectly led to CHERI, a capability-based security system designed by some of the brightest minds in the UK and beyond, and still for many of us the great hope for truly robust digital security.
Recently, Ross was still working on the cutting edge: the other week, Cory Doctorow pointed me to a paper he co-authored recently on how ML models might collapse in the face of ingested ML-generated content. When I devoted a chunk of a lightning talk to him at EthDenver, a prominent Filecoin ecosystem participant came up to me afterwards to thank me for highlighting Ross' work, as he had been instrumental in supporting her early career.
Ross was grumpy, unforgiving, a blistering writer of flaming emails, and sometimes oblivious of the effect his disapproval could have on others. But he pursued and achieved singularly useful advances in the field of information security, and in the wider, messier world of digital rights and global politics. He was mad at Cambridge for forcing him to retire at 67, and he was right -- not just from a political point of view, but from the truth that he still had so much to give. He died too soon.
He was also a gifted communicator - both his lectures and books were not just filled with insight, but compelling to watch or read, in stark contrast to much academic work.
Fact is that his seminar felt like it was being held in a prison.
I agree that he was a great scientist, as well as political activist (you could say) - a teacher and a pedagogical person he definitely was not.
Also discovered subsequently his fondness for traditional pipe music and that he busked in his younger years.
A great person - may others bear the light that he brought.
Incredibly sad news, a great loss.
RIP.
We got a lot more than a simple reply. We got his focused feedback, constructive criticisms, pointers to other work he thought was relevant, general support, some key follow up conversations on the phone, followed by introductions to folks he knew in industry who he thought could help (who would have never entertained us at that stage otherwise). While the startup eventually didn't make it, many of the ideas we worked on did. Of the folks that we met through that whole adventure, Ross was one of the standouts. Yup, he was very good people indeed and will be sadly missed!
