Friday, July 12, 2013

A radical idea about ending lives with dignity for Indiana.

I think that the State of Indiana should open up a new facility for those who wish to end their lives in a dignified manner. Someone wishing to die, would travel to this facility, get interviewed by doctors, psychiatrists, and a sitting judge rotated for a short term from their regular bench assignments. Those would serve to filter out people who really don't belong there for other reasons.

Once you passed admission criteria, you'd have a waiting period of at least 3 days, maybe a week or a month... whatever isn't entirely cruel... to stay in a hospice type atmosphere. During this time, you're free to leave for any reason, with no repercussions. 

After your waiting period, you'd then be eligible for euthanasia, and burial in accordance with your wishes.

Tuesday, July 02, 2013

Persistently Insecure Endpoints

Our biggest "cyber security" problem is one of persistently insecure endpoints. The reason we have persistently insecure endpoints is that they can't be made secure, no matter who writes them, checks programs for virii, etc
All of them run a program within the context of a users permissions, leading to the possibility of privilege escalation. SELinux tries to fight this by locking down each program, but even that approach has some strong limitations
To be able to securely run a program on any operating system, you need to be able to specify the side-effects you're willing to allow, before running the program. This is the reason that Functional Programming is getting so much attention and the application level.
The IBM VM system was among the first to provide such an environment, back in 1972. (I'm sure someone will dig up an earlier system). The reason that VM systems can be secure is that when you set up a virtual machine, you specify all the things it's allowed to use, and to change. It can only affect it's own disk space, etc.
Modern systems such as VMware also offer the possibility of real security, but at such a gross level of granularity that it's unlikely to be used in this manner. The only system on the horizon that offers a way out (as far as I can see) is the Genode project which is a full on capabilities based system, built upon your choice of secure kernel.
This whole cyber-war mess can be shut down, if folks wake up, and start acting in a manner to fix things... otherwise prepare to be serfs to our corporate lords and masters.