I was saddened to read today of the death of Robert Morris. I had a great deal of respect and admiration for him, and learned a great deal from him, especially about doing security in the real world. He stressed the cost of an attack, as opposed to its mere conceputal feasibility. My favorite encounter with him was a question he asked of a speaker who was touting his new, secure OS: "How do you back up and restore the disk?" The speaker was flummoxed; he’d never thought about that issue. But to Morris, a system had to be not just secure but useful.
He will be missed.