Tuesday, December 17, 2013

The lost opportunity of computer security.

I have lost faith in the future. I know that we've lost a key opportunity to build a better future. It's very tempting to look back and point the finger at 4 key men: Gates, Jobs, Torvalds and Stallman, but that wouldn't be fair to them. They had their own battles and fog of war to overcome.

Nobody seems to really understand how truly fucked up things now stand. We could have computers on our desks, and in our hands which are honestly secure. No virus scanners, no constant need to live in fear of something taking them out at random just because you looked at the wrong document, email, or web page.

We don't have that... instead we have layers of scanners trying to quantify evil before it gets executed. We're locked into a future of having devices we can never trust. Devices which will always be a possible tool of oppression.

There is only a narrow window left, while there are still enough desktops and developers to use them to develop something new. An honestly secure operating system, which can be the foundation of honest and trustworthy computing for the masses.

I've explained capability based security so many times, and so many places... your first instinct is to say I'm calling for a silver bullet... but it's not magic, it is just common sense when you think about the really big picture. It's also not a bullet, as it's going to take epic amounts of work to get everything ported to it, years of work.

But... if we can turn this ship, just a bit, we can have computers we can trust. Computers that could then be trusted to talk to other systems. We can end the persistently insecure end-node issue, and start building an internet we can control and govern ourselves.

I hope this makes sense, and catches hold in your psyche... the stakes are huge, and I think you, dear reader, are the only hope left.

Thank you for your time and attention.

No comments: