Wednesday, May 10, 2006

Still clueless about security

The /. community still hasn't figured out that they all live inside a box... if you want proof, just look at this recent discussion about security. Everyone pointing blame at the vendors, the users, and the criminals. The blame game can go on forever, and it'll never solve the problem.

  • Blame the vendors - assumes that they can build a system worthy of trust
  • Blame the users - assumes an paranoid user can be safe
  • Blame the criminals - admit the problem is un-solveable
Anyone who engages in any of these arguments loses, and is screwed long term.

The assumption built into almost everyone's world view is so well embedded it's almost impossible to see. Everyone assumes that there is a way to build a trustworthy computing system with today's OS models. It's patently absurd in my world view.

It's impossible to write code without bugs. Requiring the code to be perfect as a layer of security is insane. We should almost NEVER trust the code.

There should be one, and only one, piece of code on the planet that gets trusted... the kernel responsible for handling virtualization inside an OS. This code is irreplacable, all of the rest of it shouldn't be trusted.

Once we move past the blame game (if ever) and stop trusting the code, we'll be able to run anything from anywhere without fear.

No comments: