Peter G. Neumann, relentless critic of unsafe code

2026-05-18

Computer insecurity, not innovation, defined Peter G. Neumann’s public mission. From his post at SRI International, the computer scientist spent decades warning that mainstream systems were structurally unsafe, riddled with buffer overflows, race conditions and brittle authentication schemes that no patch cycle could truly cure.

Unfashionable was his insistence that security had to be engineered from first principles, not bolted on as middleware. He championed formal verification and capability-based architectures, arguing that only mathematically specified designs could resist both criminal intrusion and state surveillance at scale, and he treated casual data collection as a civil-liberties problem, not a marketing issue.

Central to that campaign was his long-running Risks Forum newsletter, which stitched together software failures, infrastructure outages and privacy breaches into a running case file against industry complacency. He did not just catalog disaster; he pushed safer programming languages, end-to-end encryption and rigorous threat modeling, insisting that convenience-driven design would keep producing the same harms.

Out of step with commercial optimism he often seemed, yet his warnings now read less like pessimism than like a design brief the industry chose to ignore.

Recommendations