Living In an Unsecured World

GhostX9 writes "Charlie Miller, Accuvant Principal Research Consultant and keynote speaker at NATO's recent International Conference on Cyber Conflict, speaks with Alan Dang of Tom's Hardware about living in an unsecured world. He goes over his recent MacBook battery exploit and the challenges of computing security in the upcoming future. Quoting: '[W]hat we can do (and this is the approach the industry is sort of taking) is make it so hard and expensive to pull off attacks that it becomes economically infeasible for most attackers. ... The way we make it more difficult is to reduce the number of vulnerabilities and ensure users' software is up to date and "secure by default." Also, make the OS resilient to attack with things like stack canaries, ASLR, DEP, and sandbox applications so that multiple exploits are needed. We also need to better control the software loaded on our devices (i.e. Apple's App Store model). So, instead of having to write a single exploit, it takes three or four in order to perform an attack. This means most attackers won't be able to pull it off, and those who can will have to spend much more time working it out.'"

... like Apple's App Store model

[E+IS+mC(Square)]

No Thanks.

Very well.

[Microlith]

So long as said security doesn't inhibit my ability to use my machine entirely as I wish, and doesn't treat me as an enemy as well.

Like The Old Joke

[SchMoops]

This reminds me of the old joke:

Alice and Bob are camping when they get attacked by a hungry lion. Running away at top speed, Alice begins to overtake Bob. "We'll never be able to outrun it!" says Bob. Alice replies, "I don't need to outrun the lion - I only need to outrun YOU!"

In that sense, all the security any given person needs is just not to be low-hanging fruit.