Monday, January 05, 2015

Hand over your purse or wallet to continue this transaction

Imagine if you had to surrender your wallet or purse in order to buy a pack of gum at the local store... so the clerk could remove the appropriate amount of money, then hand it back to you at the end of the transaction.

This is obviously an unacceptable and odd way of doing things, the clerk could do all sorts of unacceptable things to your possessions, and you would have no way of stopping them. In technical terms: The side effects in this situation are unlimited in scope.

Back in the real world, we have a much simpler way of dealing with it, we hand over a small amount of cash, and expect change. This limits both the amount of risk, and the side effects that are possible. In technical terms: There are hard, a-priori limits to the scope of the transaction.

When you run a program, browse a web page, open a PDF file, your computer's antivirus attempts to guess if the action is safe... and most of the time gets it right. But there is no way to limit the damage that can be caused by a wrong guess... which in 2015 is just plain stupid.

This is the gist of why I've decided to start this campaign to bring security to our modern PC operating systems... we need to be able to be at least as safe as we were in 1983 when we had dual-floppy IBM PCs.... the A: disk was write protected, and the worst you could do was corrupt the floppy in the B: drive if you had a bad day.   You could make backups in less than 5 minutes, and they always worked.

Things can get better...awareness of the problem is the first step

No comments: