Computer Security, The Next 50 Years

bariswheel writes "Alan Cox, fellow at Red Hat Linux, gives a short-and-sweet talk at the European OSCON on the The Next 50 Years of Computer Security. Implementations of modularity, Trusted Computing hardware, 'separation of secrets,' and overcoming the challenge of users not reading dialog boxes, will be crucial milestones as we head on to the future. He states: "As security improves, we need to keep building things which are usable, which are turned on by default, which means understanding users is the target for the next 50 years. You don't buy a car with optional bumpers. You can have a steering wheel fitted if you like, but it comes with a spike by default." All of this has to be shipped in a way that doesn't stop the user from doing things."

Two generatrions of safety engineering

[Beryllium+Sphere(tm)]

Aviation went through this phase a long time ago. Accidents were called "pilot error" unless the airplane broke up in midair.

The field of "human factors" recognized that controls and displays need to be designed so that it's possible for a well trained human to get things right even in a hurry. Controls with opposite effects should not be right next to each other. Controls should give meaningful feedback. Important controls should be out in the open where someone can see them.

The aviation world fixed up the cockpit and many "pilot errors" disappeared.

You can't apply these lessons too directly to computer security because bad guys are actively trying to trick computer users. Nobody sends pilots email in flight saying "You must pull the red lever immediately to avoid running out of fuel!". But at least it should be easy enough to secure a computer that an employee from a security firm can do it. We're not there yet -- a recent security conference had vendors running open WiFi access points without firewalls.