The Rainbow Books Connection

Hello Protocols, Packets, and Programs,

40 years ago in August 1983 the DoD published the Orange Book.

So called for its orange cover, its official title was “Trusted Computer System Evaluation Criteria” and, quite unsurprisingly, was about security controls.

It was part of the Rainbow Series of computer security publications in the 80s and 90s, with each one having a uniquely colored cover.

The series always made me think of the song, “Rainbow Connection”, that opens The Muppet Movie.

Because there’s one line that feels apt for appsec –

“Rainbows are visions, but only illusions”

And where Kermit the Frog longs for the Rainbow Connection, we in appsec have been longing for 40 years or more to understand secure systems.

We last talked with Josh in episode 233.


Check out this episode's show notes for links to the articles we covered. And please take a moment to subscribe.