Slashdot Mirror
Computer Security, The Next 50 Years
bariswheel writes "Alan Cox, fellow at Red Hat Linux, gives a short-and-sweet talk at the European OSCON on the The Next 50 Years of Computer Security. Implementations of modularity, Trusted Computing hardware, 'separation of secrets,' and overcoming the challenge of users not reading dialog boxes, will be crucial milestones as we head on to the future. He states: "As security improves, we need to keep building things which are usable, which are turned on by default, which means understanding users is the target for the next 50 years. You don't buy a car with optional bumpers. You can have a steering wheel fitted if you like, but it comes with a spike by default." All of this has to be shipped in a way that doesn't stop the user from doing things."
You don't buy a car with optional bumpers.
Speak for yourself!
We will likely see software security improve once languages like Haskell and Erlang are more often used.
There are, of course, some security issues that are independent of the language used. Some are inherent to protocols, for instance. However, buffer overflows and so forth are a thing of the past when using a language with proper memory management.
Security glitches caused by basic concurrency errors are also avoided when using a language such as Haskell, that can automatically parallelize computations.
I wouldn't consider Alan an expert on security, so I don't understand why this is posted on /. ... well, I do understand, most "news" are just as corny.
What the article is basically saying is that we have to teach people how to use their computers. >85% of all the computer problems I encounter are PEBKAC (Problem Exists Between Keyboard And Chair). It's like the old saying goes, make something idiot proof and the world will make a better idiot. If people just learn how to use their computers (you shouldn't download exe's from people you don't know, a firewall is a good thing to have, ActiveX controls aren't safe and your default response shouldn't be to install them no matter what IE says) a huge number of problems would be eliminated. Like it or not, users are the biggest computer problem today. The problem shouldn't be usability, it should be user-ability.
I've always pictured the color of OS zealotry as a sort of bright flamingo pinkish hue
Oh, but we know that Microsoft will be on top of the game. For sure. Absolutely. Windows 2050 will be THE safest, THE most secure version of Windows yet.
It's either on the beat or off the beat, it's that easy.
I moderate therefore I rule!
--
Lusers - always the biggest security hole! Social engineering is the first fallback option.
The 'Net is a waste of time, and that's exactly what's right about it. - William Gibson
and overcoming the challenge of users not reading dialog boxes,
/etc once, do you wanna do it again?"
That's true. So true. Tons of times I just clicked yes without reading or reading fully and then later on down the road...oops.
I updated outlook express for my mom the one time and it autmatically blocked attachments, confusing her. And me, until I found where to uncheck that.
The computer can be taught to enforce security policies that the users themselves are unlikely to uphold, given their propensity to ignore advisories and software dialog boxes. Software engineers must build in security that is active by default, and they must understand the user so that security tools are actually used.
But also keep in mind who the user will be. Some advanced users would probaly not need/want the security by default. New users or non-advanced ones would need it. We would need to find security to be adaptable.
In a comical way maybe the system can say "well you hosed
That which does not kill me only postpones the inevitable.
This article seems to focus more on security by design, which is of course important. However security also can be implemented at the language level, for example Java's sandbox. I predict that over the next 50 years languages will improve to prevent programmer from making "stupid" mistakes such as copying user input directly into a buffer that will be become an html document. Tainting already solves some of these problems, but there is still work to be done. (for example to discourage programmers from creating empty "de-tainting" routines when they don't have time to do it properly, de-tainting should really be done by libraries and by the language alone, but I digress)
Philosophy.
I don't even really know what this means. Thanks for playing.
Am I alone in finding this kind of topic - "The state of X in the year 2050" - really, incredibly pointless?
Given that no-one has been able to make accurate predictions about computer technology over a 5-year horizon, what possible basis is there for thinking that anyone can predict what the state of technology will be in 50 years time? By then we may be keeping our data secure by storing it in a hidden pocket of space-time in a parallel universe 10,000,000 years back in time and retrieving it through a wormhole when required. Or civilization may have collapsed, leaving us with the 'pointy rock tied to a stick' device as our best form of security.
My point is: no-one knows. It's pointless to predict this far into the future.
I would prefer people stick to making these kinds of predictions about large, relatively predictable fields (e.g.: the climate; oil supplies; population; tectonic plate movement) and leave their prognostications about ridiculous things like 'computer security' to something like a 2-10 year window.
Or we could, you know, read some *news* instead of some random predictions.
Read Pynchon.
....and overcoming the challenge of users not reading dialog boxes....
I have to agree that this is a serious concern and as a tech, I often want to blame the stupid user since I deal with them frequently but on the other hand, can you really blame them? In any given day, an end user sees an unmeasurable amount of dialog boxes and our minds are designed to filter out things that are annoying. Instead of "Hey your email wasnt sent" you get 3 dialog boxes first that have no meaning. Of course, there is the next-next-finish epidemic as well. Does anyone really ready any options anymore? We all just go for the next button until it turns into a finish button. There are 2 huge problems with this. The first is that mixed in with all these stupid notices, there are important messages that go unnoticed. The second issue is that this is something that spyware companies thrive on for legalities.... in the middle of those next-next-finish games is the little line that signs your computer over to the dark side.
J.M.Keynes
"Academicians are more likely to share each other's toothbrush than each other's nomenclature."
Cohen
Wonder how many of those will become obsolete in 10 years only, not because the problem stopped to exist, just because terms of the problem changed giving little meaning for that to normal people. Today computing security is a tangible problem, even normal users have to worry about virus, trojans, worms, spyware, not having trivial keys, etc, but how much of that problems could remain for users in 20-50 years from here, or how they will be perceived?
We can be here discussing war strategy with sticks and stones while in 50 years (to be a bit exaggerated :) they use rayguns, but some of the things discussed now could remain valid then, some could work if some fallback must be done to something similar to stick and stones, and other things could had no meaning anymore.
As a responsible parent, you don't give your kids alcohol. As a responsible driver, you don't drive 100mph near a school. And there are actually laws that, if you happen to be careless and negligant, you get fined or worse.
Only when it comes to computers and the 'net, you can be as irresponsible as you want and you won't get any negative feedback from the feds. You may click on every "please click here to become a spambot" message. You may install every kind of adware, while at the same time ignoring or even blocking updates for your system (and thus becoming the primary target for exploits like the recent WMF desaster). Nobody will hold you accountable for it. Even if you manage to fall for some cheap "please insert all your personal, bank and credit card info, and send us a copy of your passport" scam, more often than not your bank will cover for you.
Why is ignorance and irresponsibility an excuse when it comes to computers and the 'net? Because judges and legislators can't make sense outta it? At least, given some laws I'd get that impression.
Security starts with teaching the users, and most of all teaching them responsibility. Not better tech. You can have the best high secuirity door if you falls for the cheapest con job and let anyone in, you'll still have some things missing after every visit.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
As we all probably have noticed, turning things on by default actually tends to make work more complicated for IT staff. Already now you have to do a number of little tweaks to have your computer run smoothly without all these annoying animated toys flying around.
Security is of course a different matter than these so called eye candy toys but I wish to have effective control over what is running in my computer and what isn't. For example there are performance-critical applications in which a workstation is running without a network connection. That's a far better protection against worms than any firewall, so I want to be able to switch all unnecessary software off from using the workstation's resources.
I just hope that the future developers will not forget about experienced users and support people while trying to meet the newbies' needs. Other than that, security's all good of course.
I always found the term "dialog" box to be an amusing misnomer. If they were really dialogs, I suspect the user would rarely have constructive things to say to their computer. On the other hand, monologue boxes would be far too dramatic, with the spotlight and all.
Limina.Log
Yeah, why not introduce the Alan Cox to us?
It's not like geeks are reading this shitty FUD and 08/15-user site anymore.
No Digg! (Got it?)
Aviation went through this phase a long time ago. Accidents were called "pilot error" unless the airplane broke up in midair.
The field of "human factors" recognized that controls and displays need to be designed so that it's possible for a well trained human to get things right even in a hurry. Controls with opposite effects should not be right next to each other. Controls should give meaningful feedback. Important controls should be out in the open where someone can see them.
The aviation world fixed up the cockpit and many "pilot errors" disappeared.
You can't apply these lessons too directly to computer security because bad guys are actively trying to trick computer users. Nobody sends pilots email in flight saying "You must pull the red lever immediately to avoid running out of fuel!". But at least it should be easy enough to secure a computer that an employee from a security firm can do it. We're not there yet -- a recent security conference had vendors running open WiFi access points without firewalls.
50 years... The world has enough viable hydrocarbon energy left for only 5 or 10 more years. It's amazing but true, the Internet was, indeed, just a passing fad... as were computers themselves, and electricity, and the horseless carriage, etc.
On a side note, here's something that tickled my brain the other day:
What I find fascinating is that in 150 years time, from as far back as Jules Verne, science fiction writers have explored almost every imaginable type of high technology, computer, robot, and space ship, as well as every concievable plot and story...
...except the one which has become our eventuality - a world who put every ounce of faith in its almighty petroleum god and woke up one morning to find it expended with a vital infrastructure which couldn't exist without it. Now THAT'S a plot!
You can run but you can't hide, except, apparently, along the Afghan-Pakistani border.
Remember - if you are going to extend the analogy:
1) You can't drive a car unless you have proven that you posess a minimum level of competency.
2) The car has to meet certain standards to be roadworthy
3) People by and large don't expect others to maintain their car for free
4) You have to pay the governmnet ragularly to be allowed to drive it on the road
I's either a bad analogy, or a very good one - you pick.
Did anybody click on the article (yeah, yeah, I know) and actually look at that guy? I respect him, really I do - and the first thing I thought was, "Buddy, you really need to shave."
He's got to do something about the scrag before someone misidentifies him and his hoary mug ends up on Coast-to-Coast AM's web site. Or worse, someone mistakes him for Saint IGNUcious.
I got my Linux laptop at System76.
...scientists have discovered that Alan Cox is the missing evolutionary link more commonly referred to as "Big Foot".
And it should also be easy to use.
Making security easy to use CAN be done.
Email encryption for example, when you install the mail client, it could generate a public/private keypair automatically and submit the public key to public key servers automatically.
Then when you send an email, it can automatically look up the public key of the person you are emailing and encrypt the email (unless you tell it not to).
When explaining it all to the user, dont call it "Encryption", just tell them that if they use this feature, it will mean that only the person you are sending the email to can read it and it cant be read by .
Facilities could be there so that businesses could configure it (via group policy) so that email encryption is active but keypairs are created by corporate mailservers and the mailserver (or the mail admin or whoever) has the keys and can look at the mail to look for whatever it is that email admins want to monitor email for. Or it could be disabled completly (or completly except for email going out of the company).
If email encryption was easy to use, everyone would start using it and the world would be a better place.
Ditto with other security features such as IM security (I would love to see a new feature in MSN messenger/AOL messenger/etc such that IMs were encrypted and only readable by the intended recipiant)
I HATE dialog boxes. Get rid of them I say - find a different standard way to present the information.
Like yourself, I mindlessly click through dialog boxes, occasionally missing important information because 90% of the time, Windows dialog boxes offer me nothing important or new so I automatically "Ok" them.
I got one of those Mac Mini's when they first came out - my first experience with a Mac and it was only 3 months later that I realised the main reason I found it much friendlier to use was that it seldom popped up dialog boxes or other useless / unimportant information.
"Who says nothing is impossible? Some people do it every day!" - Alfred E. Neuman
Would the lisp dialect of languages be include too? It seems closer to Haskell in many respects that to the C family of languages.
I think a less complex interface would do wonders for the PEBKAC angle of computer security. It seems to me that computers try to do much more than the average user wants or needs, which just creates more opportunities to screw up, and also makes the computer seem a lot more intimidating.
If we were to hide most of what the computer can do, then users could focus on what they really need it to do. As it is, non-technical folk just learn to tune stuff out, which isn't exactly good when we want them to pay attention to security (like just where that attachment came from, and whether that wonderful program they see is going to screw their computer). A normal user doesn't hope to comprehend everything that their computer is doing, so they don't think about the effects of their actions so hard. The computer is a wily and unpredictable beast. How will they know if it was something that they did that messed the computer up, or whether it did it on its own. Users need to be able to get comfortable with the machine before they'll really worry about it. User interfaces these days are just too much for anyone without an affinity for machines (like many of us here) to come to grips with. They just learn the tasks they need to do and hope the thing doesn't break.
Most users need to be able to use a word processor, a web browser, and maybe an IM client and music player. Why do computers give them lengthy lists of programs which can be run, windows that can obscure each other and take on funny proportions (I hate those things), zillions of little icons in the tray and even more on the desktop, and why do they sprinkle system settings in with all that? That's a lot of stuff to tune out.
If I were designing an interface for noobs, I'd get rid of all that stuff.
I'd have just one menu bar, which would contain at minimum the four essential applications that I mentioned. There would probably also be a couple of popup menus for less frequently used programs (less commonly used office apps, games). Programs would be sorted by function, and the guys writing installers would absolutely not get to create a new submenu for their company, to prevent the mess that any Start Menu will turn itself in to after a while.
Programs would always run full screen. I know there are plenty of slashdotters here who are very upset by that, but this interface wouldn't be aimed at you. You can do whatever you like with your giant monitors. On a screen only a thousand pixels across, overlapping resizable windows are just a complicated waste of time. Most any program will require all the screen real-estate to be useful, so it makes sense to just let them have it.
My four main apps would not only be launched by clicking their icons; the same icons would also give them focus. There's no reason do duplicate them (I realize that this means those four would have to be MDI apps. Tabs seem like a good solution.). When users want a web browsers they'll be able to always click in the same place. Additional apps launched from the menu would just hop into the bar next to them. (This sounds a little like OS X's dock, but I'm not too familiar with it, so I'm not sure how close it is.)
I might also put in a file manager. It wouldn't display system files, or even hint to the user that they exist. I think it would be search based, but it's way too late at night for me to put serious thought into it. A file manager might not be the best idea any way. If users can just start up their apps and let them handle the file types they know about, then the old "porn.jpg.exe" attack gets pretty much foiled.
That's about it, really. I think that would accomplish most everything that needs doing for most users. Naturally an admin mode of some kind would be required. I envision a simple one that would allow users to tweak the OS's look and install software from repositories (either online or from CD). Real admins could go yet further. Maybe just a CLI. It doesn't matter much. Anyone with the will and the know-how to muck around with the system's guts will figure out whatever you throw at them.
Oh, and mouse cursors would be big, because I like them.
The problem with IT security, historically, has been a "Default Allow" approach. This is getting better, but still has a LOOOONG ways to go. Things should not be automatically allowed, they hsould have to be turned on.
Consider Windows 98/98SE. File sharing is off. And the OS itself was more or less a fairly secure (for it's time) OS on a DEFAULT install. Compare to Win2k/WinXP. Default admin shares open, often in upgrade cases we have Administrative accounts with NO password, which (with the exception of XP) could log on remotely. XP at least was intelligent enough in it's design so as not to allow remote logins with blank passwords for Administrative accounts (UNLESS ENABLED). THAT, my friends, is the correct approach to security. Default = NO!
Once this has been accomplished, and the general mindset of programmers when considering security (and Admins, etc.) is to assume the user knows NOTHING, and that things just should NOT be permitted without full warning of the consequences (this is where figuring out how to get users to read dialogue boxes comes in handy) security will be much tighter. And lets not forget about vendors and programmers just ignoring security glitches. It's sad to see a Buffer Overflow attack remain a vulnerability in a program beyond a single patch release, once identified. Even sadder, is when further program releases STILL have not addressed the issue (see, Medal of Honor Voting)). The 'solution' is disabling a bonafide FEATURE. This type of nonchalant approach to security will always land the general populaec in the grips of security vulnerabilities, with no clearn end in sight.
My thoughts.
More crap, more crapware, and fewer rights. WHERE DO I SIGN UP?!?!?! :D
I'm with you here. My sibling post (correct term?) and you make nice points about lazy programmers, so I'm going to go and bash some bad designers, too.
I've found that Windows and its applications are really, really stupid with the way they handle dialog boxes. Kind of off-topic, I know, but since most security issues are luser error, I can guess that most of those are caused by blind click-click-clicking Yes to dialog boxes.
I get a dialog box when I try to delete a file. I get several dialog boxes whenever a program crashes - something about an error report. At my school, they've managed to set up Word so you get three dialog boxes when you open it: one asking you to disable macros (to which the average user goes What?), another telling you that macros have been disabled (yes, that's why I clicked that button) and another telling you that there's a window open.
With so many dialog boxes around, most of them unnecessary, I don't blame the average user for ignoring the important ones. If you press Yes, the nasty evil dialog box will go away. Sooner or later the times comes when you install some spyware trying to get rid of the dialog box.
And what has Vista done? Put even more of them in. Quoth even Paul Thurrott: The problem with UAP is that it throws up an unbelievable number of warning dialogs for even the simplest of tasks. That these dialogs pop up repeatedly for the same action would be comical if it weren't so amazingly frustrating. It would be hilarious if it weren't going to affect hundreds of millions of people in a few short months. It is, in fact, almost criminal in its insidiousness. Gah, showering the user with more dialog boxes is useless, as they ignore them all anyway!
I'm on a roll here. What else?
When I want to Save a document, I go to the button marked Save. At least, I do on Gnome and OS X: Windows likes to have buttons called "Yes", "No" and "Cancel" instead. So instead of doing what I want (Saving), I have to read the dialog to find out which button Saves my document. And most people wouldn't even try to read it; they'd just click Yes and hope it was the right one. Oh, and the dialog text is often in a small font with no discernable main point about what it does.
Windows dialog boxes are obtrusive enough that people would rather make them go away (think: click Yes) than working out what they do. Here's an example of a Mac one - I can tell what each button does before reading, and even if I have to read, there's some nice bold text so I don't have to read it all. Here's the worst example of a Windows one I could find. Note none of the above things that the Mac does right. This isn't the best example, I know, but it points out where Windows fails best.
I reckon you could've eliminated a fair few spyware installs if the "Yes" button was labelled "Install Software", or the "Next" button was lebelled "Accept this Licence", or whatever it is. No more "Let's click Yes to make the nasty evil dialog box go away", but some people will think "Do I really want to install this software?" or "Do I really want to run this program?". It makes people think, and thinking is good when you're trying to make decisions.
Oh, and:
"How dare you try to type at another window when I am here, infidel scum!"
"And Vista dyes the rest of the screen black, just in case you didn't notice me the first time. See?"
Where was I? Oh yes, computer security. I don't think it's fair to blame any and all spyware installations on user error. Windows places you on a path above a crevasse with a bicycle, and expects you to pedal to the other side. Sure, you might get blown off by wind (read: security holes in the OS). Many people
Guy asked me for a quarter for a cup of coffee. So I bit him.
It's not users that are the problem, it is inferior technology. Executables from unknown people would be harmless if they were executed under a properly privileged environment; firewalls would not be needed if network resources had a proper security system just like other resources; ActiveX controls are executables, so the properly privileged execution environment is also valid for ActiveX...etc.
The reasons for security problems are:
1) inferior programming languages: C and C++ more specifically. The open nature of those languages is a double-edged sword, which usually results in deep cuts that cost millions of dollars.
2) inferior operating systems that do not provide a proper level of abstractions while they provide a very complicated security model. Unix is on the right track and better than Windows, but until the user's privileges are separated from programs' privileges, we are not going to solve anything security-wise.
3) inferior protocols that do not provide any sort of automatic verification of their content; the e-mail protocol is simple but unsecure, for example, as it is easy to fake information. Same goes for the web.
The only time users are responsible are when they fall victims of social hacking; but that kind of gullible people are not found very often.
Although I agree that Windows provide a security model which offers very fine-grained control, the complexity of the system is what drives programmers away from it. Even Microsoft falls victim to its own complexity most of the time.
What I would like to see from operating systems is the concept of 'ring protection' as in CPUs: each executable shall belong to a specific privilege ring, and the higher the ring number, the less privileges the executable shall have. Most problems would go away with this mechanism, since it would not be possible for programs of higher rings to affect data of lower rings in any way, and 'dangerous' programs like e-mail clients, web applications, chat programs etc could be set by default to be on a higher ring than the user's shell.
I think the above is a good compromise between the most complex security models (ACLs/authentication tokens/inheritable privileges) and flat open access to anyone.
Give me one thing in the next 50 years and it'll be the death of the password. Security through obscurity at its finest.
The problem is that most of that does not apply if you stay off public roads. At what point does a computer present a hazard to the public?
Mea navis aericumbens anguillis abundat
I agree with you. The real problem with computers is that they are not information management systems, but binary data processors. Computers should be elevated above binary data processors, at least from the common user's perspective.
I will take the filesystem as an example: a user sees millions of files in his computer, with 99% of files having a funny name and icon that tells the users nothing about it use...that is because users are exposed to the details of the computer file system.
What should the user see as file information? the user should see the files he created, categorized by the user's preferences.
The same goes for all other computer-related details.
Others when subsequently looking at future security challenges noted the approach of the Kurzweil(AI)ian singularity, eg Burnham thrice in his keynote at the Usenix Computer Security Symposium back in 2000.
Ray currently suggests that "by the 2040s our civilization will be billions of times more intelligent".
The Summit for the Future last week was focused on risks; upcoming SSS is wait listing ... your mileage may vary ;-)
2) Wasted CPU cycles and how you can prevent them.
3) Proper punch card disposal protocols.
The point? We have *no clue* what the computer will look fifty years from now, to say nothing of the security environment. Todays threats will be laughable in light of the technology and practices of tomorrow (many of the threats we spend a lot of time worrying about, such as spyware, are features not of all computing, not even of a particular application class, but that plague one particular implementation of an application which just happens to have a majority share of the market today -- who can say whether a security researcher in 2056 will even remember the words "Internet Explorer" from his history class or whether browsing any analogue to the Internet will be a common activity?). Prognosticating the threat environment that far out is a waste of time. Look to the near term (next 5 years: spam, viruses, malware) and address the perinneals (dumb users, men on the inside, etc) rather than trying to prognosticate what year we'll have the computer equivalent of flying cars.
Help poke pirates in the eyepatch, arr.
Others when subsequently looking at future security challenges noted the approach of the Kurzweil(AI)ian singularity, eg Burnham thrice in his keynote at the Usenix Computer Security Symposium back in 2000.
Ray currently suggests that "by the 2040s our civilization will be billions of times more intelligent".
The Summit for the Future last week was focused on risks; upcoming SSS is wait listing ... your mileage may vary ;-)
There is more than one OS.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
Remember kids, Guns don't kill people, people kill people.
Its seems that the entire process of software creation through to use is often flawed. not that that applies to all software. If you use windows regularly you will know what I mean, to cite a few examples:
ZoneAlarm - How many times have you come across a computer with zonealarm on it that has been thoroughly ransacked by malware / spyware etc..? The user has tried to follow the rules and install a firewall (not suggesting ZoneAlarm is a good way to go but its an example) only to click yes every time an application wants to access the net or the PC, (warezmonster.exe wants to access the internet is that OK Yes[X] No[ ])
Or Outlook - Some poor user gets an email containing a zip or a selfdecrypting archive gets prompted that this attachment is unsafe ("But I know what it is so I'll turn off blocking safe attachments and leave it that way") and then gets stung with something nasty.
Active Directory - Group Policy, As an admin you really had to be on the ball with 2k server, (and I assume with 2k3) when presented with statements like, "Interactive logon: Do not require CTRL+ALT+DEL" Allow [ ] Deny [ ] (I cant find my favourite one...)
These are all things that could be improves, and yes it would be good if the designers put function over form, (but retained enough 'form' to make things usable), I guess its a major balancing act.
Final point is that a fairly simple way of improving security would be for MS and I guess Apple to sour out their kernel / Userland topologies and their permissions structures. but thats just a thought.
Without RTFA, this is completely stupid. If someone in the 50s had thought to lecture me about computer security, in a world even without networking, it would be totally irrelevant to todays environment. I would think we can extrapolate maybe the next twenty years. At most. Already WebOSs are coming out, as are apps for those.
I could be wrong, without reading the article and all, but 50 years is a little long to be speaking authoratively. After all, my much respected pedagogue, Mr Tanenbaum, said Linux would never make it...
As soon as you connect it somehow to the (public) Internet.
A virus-infected computer is a danger to other connected computers as a drunken driver is for other users of the road.
Markus
Yes, let's hope someone will actually invent some in that period. For I am afraid my graveyard identity could be stolen...
There you are, staring at me again.
...and tell me that you could've predicted where computer security was going for the next 50 years then.
DDoS attacks? Botnets? Spam zombies? "Old school" viruses (and by old school, I mean it seems like these kind of viruses have become less-common than they were in the early-mid 1990s) that wipe your whole HDD? Mail clients that auto-execute a scripting language that a maliciously-minded high schooler can understand? Exploit-discovery tools like Metasploit? (or heck, even the very concept of an "exploit"?)
These things weren't conceived-of then. Not on anybody's radar at all. Remember, this was a time when IBM was selling computers to the 5 people in the world they said might have a use for them...
Yet Alan Cox has the nuts to come to us, saying "listen to me! I hack on Linux's kernel, and now I have an MBA, so I can predict the future now!"? He may be as close to a good predictor of the future of computer security as we have, but my point is that there are FAR too many variables -- far too much emergent behavior and unpredictable events -- between now and 50 years from now for he or anybody else to make a competent projection out that far.
For all Cox knows, the human race could be exterminated in 2015 by a nuclear war with the >Russians and the Islamic world, fueled by rising inflation or even a currency meltdown somewhere (possibly even the U.S.).
Is Capitalism Good for the Poor?
Except for some inevitable contrived circumstances, a spambot can't physically hurt or kill you.
(1.21 gigawatts) / (88 miles per hour) = 30 757 874 newtons
Minimum level is right! 40,000+ deaths/year in the US.
Similar 'licensing' for computers would start with 'This is the mouse', and end with 'Here's how to save a document in MS Word.'
2) The car has to meet certain standards to be roadworthy
Ok...you only get your virus updates once a year at inspection time...:)
3) People by and large don't expect others to maintain their car for free
I take it you don't have any mechanics in your circle of friends? I get almost as many 'my car is making a funny noise' as I do 'I think my computer has a virus'.
Cars, however, take a LOT more equipment to fix, which is why not so much happens in the driveway anymore.
4) You have to pay the governmnet ragularly to be allowed to drive it on the road
You have to pay 'someone'. In the case of public roads, the govt is the owner and charges a fee (at gunpoint) for construction and maintenance. In the case of the online world, private companies do that and charge a fee. Of course, a car driven only on private roads is not subject to payment to anyone.
A badly driven/poorly maintained car can often cause death and injury. A badly maintained home PC rarely causes someone to die in a fire.
Yup, there will be no physical harm. However, even most road accidents cause only financial damage too.
For Joe consumer it makes little difference if he pays $500 to fix his car after an accident or $500 to clean/reinstall his PC after a virus infection.
The biggest difference is that the culprit in a car accident is relatively easy to identify (the guy/gal sitting in the drivers seat of the vehicle running into you), where there will be hundreds of people sending you nasty stuff without even beeing aware of it.
Prosecuting the single individual who just caused $2k of damage to your car is relaitively simple and straightforward. Prosecuting everybody who sends you a virus causing $50 (1/2 hours) is not practical, so nobody gets punished.
Markus
Hopefully, identity theft for biometrics won't be too gruesome.
Except for ending slavery, the Nazis, communism, & securing American independence, war has never solved anything.
He cites this as if it is common knowledge. It isn't. All of the CS Theory and Math I've seen from the crypto world doesn't really inspire confidence. My wife is a crypto researcher and as a result she doesn't really trust anything. (She's typically right. I was fawning over GPG and she was extremely skeptical and said she'd never use it for anything important. Weeks later, there is a major security bug -- not in the crypto algorithms, but in the implementation.)
I'd be interested to see what he means by a mathematically provably secure system... even one that works in theory. I personally think he's just making stuff up.
Also, he says that OpenBSD's memory randomization causes esoteric debugging errors since no two programs run in the same way. I also think this is BS. Where is the proof? Has anyone else heard of this?
In 50 years, we will finally reach the goals that the Jetsons set out for us ... but the sad thing is, even then Microsoft will have a monopoly over the robotic maids, flying cars, and everything else.
I'd put Theodore T'so before Alan Cox, but Alan Cox ranks highly.
2500 years ago some greeks invented an attack for which there is no defence. It's called the "Trojan Horse". It goes like this: Make something that looks to be very atractive to your enemy but is actually anything but that. Normal defences and security can't work when the user really _wants_ some program he found to run. The only thing that can work 100% is to take control of the computr away from the user.
If you design user interfaces to secure applications, I highly recommend the O'Reilly book Security and Usability. It's a collection of classic and new papers on the topic. Simson Garfinkel's thesis is also a good reference on usability and security.
1) You can't drive a car unless you have proven that you posess a minimum level of competency.
I like parts of your analogy but I have an issue with the wording of this point. One can drive a car if they can physically operate it. The legality of the action is only in question if the driver and car are not properly licensed by a state via certification (and in some states proof of insurance) which is the core of your point. However my distinction is an important one for your critical thinking skills and perhaps also your point: governments cannot grant rights, they can only take them away.
Speak truth to power.
How about 50 months? Not to diss anybody, but anyone who's talking 50 years out on computer platforms sounds like an old philosopher combing his beard. And if he can do it, so can I.
50 years out: The biggest technology security issue will be kidnap and forced slavery. People with expensive cybermods will regularly have their arms ripped off during drive-by "arm snatches". And those with neuralmods will regularly lose their heads to thieves working out of chopshops, or be bodily kidnapped, removed to remote locations, and hooked into local nets to provide undocumented processing power to organized crime syndicates who, due to NSA backdooring of mainstream commercial platforms, need to set up "bloodmarket" wetware computers to run their illegal casinos and submarket financial networks/scams. Those with really valuable information in their brains will have their very souls stripped out one memory at a time, a process than can take months, until they are completely downloaded and left an emaciated corpse. Meanwhile, most communitcations, including voice transmission in air, will be actively tapped either by governments or corporations and often both, and regulary edited on-the-fly to alter it's meaning in subtle ways before arrival. Thus there will be companies who offer communications services where the amount of such editing can be reduced to as little as 5% of meaning by multi-path transmission and quantum encryption. Likewise, electronic paper will be found to have a bug/feature where anyone nearby can get an exact copy of what you are writing, while you write it, just by tuning into the nanovoltage molecular transition events during the raster scanning process, a la TEMPEST of old.
So there you go. It's all totally wrong of course and the reality of 50 years out is sure to be stranger still. One thing is for certain, we've come a long way from "Moth in Panel F relay #70".
=^..^= all your rodent are belong to us
governments cannot grant rights, they can only take them away.
That's a naive way of looking at rights. Without society, rights do not exist. If I was the only person on earth, would it be sensible to talk about my "right" to free speach? If I lived in a barbarous anarchy, would my whining about my "property rights" stop some local warlord from taking them from me? Obviously not. Rights exist because a group of people get together and decide what they will protect each other from. If I don't have a group willing to stand up for my free speach, I don't have free speach. What might we call such a group of people who decide amongst themselves upon a course of collective action and mutual protection? Oh, I don't know, a government?
Only governments grant rights. Without governments all there is is force.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
For awhile in the late 80's in California (not sure about other states), light trucks were sold without back bumpers. This was allowed because of some exception in the law that applied to "work vehicles". Dealers would take advantage of this and sell all of their light trucks without a back bumpers and offer them as add-on options at insanely high prices. I think the law was changed because I don't see them sold without bumpers anymore.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
I choose bad.
Thanks.
* ducks *
If you mod me down, I shall become more powerful than you could possibly imagine.