Slashdot Mirror
The Future of Security
Kvorgette writes "Scott Berinato in The Future of Security presents a very dark future of security in the years around 2010. Several computer security experts expect that a major security-related problem (a 'digital Pearl Harbour') will change software development procedures and remove the freedom in computer use we are striving for. The worst part is, most experts apparently think removal of software tools and access to information from the majority of computer and Internet users would be a good thing."
As is commonly the case in modern society, people focus on success at the expense of principle.
Certainly, the average joe not having access to the internet would make the internet secure, so that would appear to be successful.
The only issue is that this would be in violation of principles about freedom, principles which many people may not care about.
It's the same reason that having a corporate systems with owners removed from responsibility is problematic: only successfulness is considered, not right and wrong.
Relying on OS patches is useless because the true dark-side hackers won't publicise any holes they've found until they've used them.
What could be useful is - dare I suggest it - holding essential OS kernel files in ROM. Slightly awkward if you want an upgrade, but not insurmountable with socketed chips. If you use UV-erasable ROM chips, you can still burn upgrades at home but remote hacking is impossible. And your PC would start up in the blink of an eye!
When I am king, you will be first against the wall.
The very fact that we can forecast and predict which supposedly invunerable arms of the internet will fall first according to this article is disturbing enough, a digital Pearl Harbour, perhaps a lackey term, is inevitable but will come sooner, think of how much PC hardware costs have fell proportionally to consumer selling prices, broadband+ connections are down to an all time low (same as 56k five years ago) and the growth of the internet has not went hand in hand with updates to it's infrastructure, a policing system for the net can only be a good thing, not to check into whether Joe Bloggs is downloading the 30th anniversary Metallica SACD but to ensure that the near fragmented "backbone" of the net is not exploited by next decades bugs and programming errors which the article preaches rather well
Remember, and this is just a term off my head, an ant can support it's body mass on tiny tiny legs, enlarge the ant to human size, its legs are no thicker than a pencil, it cannot support itself
The net has became an unchecked, unpoliced medium, growing every day, there will be more than half a billion new users by 2008, the digital Pearl Harbour may come sooner than we think
I use it for Slashdot, other than that... nada
the internet is still a relatively infantile concept; rules are not rigid, and everyone's feeling their way around - with standards being reviewed and re-written everyday. The future may as well be as how the author claims it to be; the net surfers of today, the slashdotters will be looked upon in the future as we do at the hippies - they had their sex and drugs - we have/had any data/information we wanted. This DOES NOT mean that I disapprove of today's internet; after all who has the right to decide on our behalf - what we can know and what we can not. But with mega-organizations like RIAA pushing harder for stringent rules(yes,though they can claim to have a valid concern), I won't be surprised if our grandkids point fingers at us and say "hey - in your days, couldn't you look up how to make bombs and hack and even look at naked women?"
|/________
|\A|ALYS|
It should be simple to write secure software. Most current operating systems (in their default configuration), assume that applications run by the current user should have all the powers and privileges of the current user. This is obviously wrong.
If I install a text editor, I probably don't want it to be able to access the Internet. It should be possible to say, "for this app here, don't let it do anything network related". That way, no matter how badly the text editor is written, it can't do any harm beyond the data it is allowed to work with. If I then want to use the text editor to print to a network print, I should be able to tweak a few options to make that possible (without enabling anything else).
Ideally, all of this would happen when an application is installed. If there were some UI that said, "This here program is asking for the following rights, is that OK?", I would immediately know what I was letting myself in for.
I know there are various ways of doing this kind of thing at the moment (virtual machines, using permissions more effectively or using different accounts for software) but none of them are particularly easy to get going.
With all of this implemented correctly, it should be possible to run any application (no matter where it came from) with out risking all the data on a PC and connected resources and to deal with security in a way that any normal user would understand.
In 6 years probably Windows will be vanishing. And there will be more Linux or other OS OSes based desktops than Windows.
Enforcing laws stopping users from using some services won't give anything. It's like using robots.txt to stop people from mass downloading. I can easily get wget sources and modify them not to use robots.txt file. In open source world such restrictions does not apply.
Regards
I'm sorry, I couldn't finish the article, it was just pissing me off too much.
This guy is utterly clueless, I mean look at this:
Five factors distinguish the digital Pearl Harbor from the virus attacks we've suffered to date.
First, it disrupts backup systems. Fragile networks heretofore have been mitigated largely with backup. Disrupt that and badness follows.
Second, it leads to cascading failures. All of those massively inconvenient attacks people previously referred to as Pearl Harbors pile up. Due to the loss of backup, corporate earnings data is irretrievably lost. This panics Wall Street and destabilizes the financial sector.
OK, a couple of things. First, "it disrupts backup systems". Riiiight. So this Flaw in 'the internet infrastructure' can also get to tape backups in safes? OH NOS!!!1!
Second, "it leads to cascading failures. All of those massively inconvenient attacks people previously referred to as Pearl Harbors pile up."
"it attacks the Internet infrastructure--such as domain name servers and routers--and industrial systems connected to the Internet, like utility control systems.". I'm sorry but if someone connects utility control systems to the net then they are the ones who should be strung up.
The point is that bugs aren't a risk to 'national security', they are a big problem, and will be very costly to business I'm sure, but an attack or accident that has a serious detrimental effect on peoples lives, caused by security holes just shouldn't be possible.
This important infrastructure should not be connected to a fundamentally insecure network, and if you're looking for scapegoats, they should be those who allow that sort of level of insecurity. Look at that power station that got Blaster...
"Authentication doesn't scale. But surveillance does. "The costs to observe are virtually zero, so it's not a question of will it exist, but what will we do with it?" Geer asks."
The AMOUNT of information you collect can scale, but the UNDERSTANDING of that information is limited by the processing capability of the organization collecting it. Not to mention its power and ethical use are in the hands of one organization.
I'm hoping by 2010 we will have remembered not to trust the government too much. Power corrupts, and post Sept. 11 is no different than pre as far as that goes. Nor is post digital Perl Harbor different from pre.
Bad things can happen - we have to accept that or do our society great damage. Any fixed target is a soft target, and computers and the internet are no different from anything else that way. The biggest liability right now on the net is unpatched Windows machines. Fixing the problems isn't enough - the fixes must be put into action. How do we solve that problem? Dunno, unless we do it right the first time (www.eros-os.org). But a free society has to be worth any price, or it will collapse. I won't accept government oversight as the price of keeping my computer safe - that price is too high. Particularly when it won't solve anything.
"I object to doing things that computers can do." -- Olin Shivers, lispers.org
I am a Computer Engineering graduate from a one of the best CE schools in Canada.
At this time I am 2 years into a software developer's career. I work at bankS (multiple). At every stage I realise how horribly lacking my education was in security. I realise that as a "professional" I cannot tell how secure a system is. I make fundamental sercurity errors in my code.
In Skule, the only course that mentioned security was a mostly theoretic Software Engineering course. THe security it mentioned was a fault tolerance kind of security that should be required of fuctions I write. No word about unhackability.
Any real security education I have is self taught, and any I will have is going to be self taught and taught through experience. From now 'till the rest of my miserable career (I hope I never have to be responsible for software, because it is going to be hell in the next decade) is the internship I never had. The problem is, that some of these systems are made by interns who never bothered to find out how to do it right.
This article is dead on. It's scary... banks.
I think it's suprising that you posted that on Martin Luther King day.
I think it's surprising that a guy who calls himself "mental telepathy" would be surprised by anything at all.
That said...
The America MLK faced is a very different beast than what we're facing today. Nor is Ghandi's experience particularly relevant today either.
Power corrupts; and absolute power corrupts absolutely. Our masters will not cede such power by choice. And it seems to me the longer we wait to confront them, the harder it's going to be to prevail.
They're talking about taking away our compilers and our documentation. What's next? Electricity and books? Fire and language? The same rationale put forward in this sinister report applies equally to all technologies; to all human abilities, great and small.
It's about taking away power from the masses and conferring it onto the elite instead.
Who do you think is going to line up in support of legislation controlling access to computer technology? All kinds of candidates come to mind, all seeking to better their opportunity by denying us ours. The RIAA. The MPAA. Microsoft. Law enforcement. Almost any major news organization. The list goes on and on.
This is simply a different facet of the same threat that's been building now for a long time in this country.
As another poster here so deftly points out in his sig, the answer to 1984 is 1776.
Is this truly the only Earth I can live on?
... what the article proposes is something near a monoculture of software... and thats is exactly what can cause the problem... "ok, now all follow that way of program" is a good recipe for a future disaster. Heh, maybe a better solution is to close down microsoft, or open code windows, or whatever that neutralizes that single point of failure.
With software diversity an unified attack will be at least harder, and with freedom on discussing the problems (thing that goes a bit against what is proposed in the article) certainly helps to avoid or minimize their effects.
Those that sacrifice freedom for security deserves to lose both, and that could be particulary true in the digital world.
The problem with the idea of a "digital pearl harbor" is the question of whether anyone would notice it. The metaphor suggests a peaceful world where computers and computer users are free to play in the wild with no fear until black Sunday finally comes and takes away all our innocence. The problem is that we don't have that innocence.
Try to bring up a Windows2000 workstation, freshly installed with no patches, and connect it to the Internet. In minutes it will be infected by a virus. Any one of the major security stories of the past five years would far exceed Pearl Harbor in terms of actual impact upon the information world. In fact, problems such as SQL slammer are more like the invasion of the Mongols, and the spam problem is global thermonuclear war.
who are those slashdot people? they swept over like Mongol-Tartars.
2)
in 2010 nobody will be using windows3)
This just does not and cannot happen in a heterogeneous IT environment such as the one we have today, and the one that we will have to an even greater extent in 5-10 years. A virus that destroys a win2000 installation is not going to have much effect on a Solaris system, or the other way round. Additionally, important backups are kept in a non-networked environment, for this very reason. The only way that these can (possibly) be taken out is to launch a gradual attack over a long period of time, but such an attack would not go unnoticed over the entire globe without the alarm being raised. Besides the author talks specifically of an instantaneous attack.4)
The authorities have proved startlingly ineffective when it comes to locating the point of origin of attacks in recent years. In the cases where a perpetrator has been (correctly) identified, this has generally been at the perps wishes (confession, inclusion of email address, registered server, IP address etc).5)
Again recent history has shown a remarkable lack of international cooperation when it comes to identifying and extraditing "hackers" (lets not pick up on the misuse of this word here). Additionally, where are you going to apportion for flaws in the open source software that the backbone of the internet mostly runs on today, and will do so almost entirely in the future?6)
There will be a surge in the corporate purchase of such software, but it will be extremely easy to circumnavigateI remember reading about an old computer system, I believe it was a Burroughs computer, that used software to enforce security policy. Executable programs would only be loaded and run if they had a magic attribute set. Users could not set the attribute. Only a limited number of trusted programs, like the system's compiler, could set the attribute. The compiler contained and enforced security policy. It would not allow the user to compile a program that violated the system's security policy. This allowed the system to have enforceable security checks that were implemented in software instead of special purpose hardware.
I believe that current popular operating systems are fatally flawed at the architectural level. Fixing the thousands of implementation bugs will not solve the architectural problems.
Mea navis aericumbens anguillis abundat
IIS is trying to access the internet. Malicous or not?
IE is trying to access the internet. Malicious or not?
For many programs, malicious depends on the context, something you aren't going to get from a database.
if someone created a Knoppix-like bootable "secure" distro
That's exactly what we are doing here! Askemos is a (gpl'ed) P2P layer, distributed on Knoppix-booted CD. It has a permission system as widely applicable as set theory can get you. And set theory is the means we use to proof that you can't abuse the administrative account.
"Never attribute to malevolence what you can explain by simple stupidity."
OK, so it's a stupid plot coming out of Redmond. Monoculture is a vast sort of stupidity. Including monoculture applied to signing.
My other car is a 1984 Nark Avenger.