Slashdot Mirror

← Back to Stories (view on slashdot.org)

Living In an Unsecured World

Posted by Soulskill on from the trying-to-bail-the-ocean dept.

GhostX9 writes "Charlie Miller, Accuvant Principal Research Consultant and keynote speaker at NATO's recent International Conference on Cyber Conflict, speaks with Alan Dang of Tom's Hardware about living in an unsecured world. He goes over his recent MacBook battery exploit and the challenges of computing security in the upcoming future. Quoting: '[W]hat we can do (and this is the approach the industry is sort of taking) is make it so hard and expensive to pull off attacks that it becomes economically infeasible for most attackers. ... The way we make it more difficult is to reduce the number of vulnerabilities and ensure users' software is up to date and "secure by default." Also, make the OS resilient to attack with things like stack canaries, ASLR, DEP, and sandbox applications so that multiple exploits are needed. We also need to better control the software loaded on our devices (i.e. Apple's App Store model). So, instead of having to write a single exploit, it takes three or four in order to perform an attack. This means most attackers won't be able to pull it off, and those who can will have to spend much more time working it out.'"

3 of 112 comments (clear)

  1. Unsecured world? by Archangel+Michael · · Score: 4, Interesting

    When, if ever, has the world been secure?

    Mankind is flawed, you cannot patch this flaw. You can only mitigate the flaws.

    --
    Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
  2. One word: Chromebook! by kurt555gs · · Score: 4, Funny

    I love mine and know it is secure by the simple reason that no one has sold enough to make it a worthwhile target.

    --
    * Carthago Delenda Est *
  3. Very well. by Microlith · · Score: 4, Insightful

    So long as said security doesn't inhibit my ability to use my machine entirely as I wish, and doesn't treat me as an enemy as well.