Secure Coding mailing list archives
Microsoft's message at RSA
From: steingra at gmail.com (Andy Steingruebl)
Date: Fri, 9 May 2008 16:43:58 -0700
On Fri, May 9, 2008 at 3:42 PM, Gary McGraw <gem at cigital.com> wrote:
Hi andy (and everybody), Indeed. I vote for personal computer liberty over guaranteed iron clad security any day. For amusing and shocking rants on this subject google up some classic Ross Anderson. Or heck, I'll do it for you: http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
I've heard this point for years, and yet when we actually look at ways of solving the consistent problems of software security, we always come back to tamper-proof/restricted-rights as a pretty reasonable starting point. I don't know whether this mailing list is really the place for me to advocate about this, but every time we get into a situation where we talk about high reliability (electronic voting for example) people are all up in arms that we haven't followed pretty strict practices to make sure the machines don't get hacked, aren't hackable by even experts, etc. hardened hardware, trusted computing bases, etc. But, if you want to try and apply the same engineering principles to protecting an individual's assets such as their home computer, bank account credentials, etc. then you're trampling on their freedom. I don't really see how we can viably have both. Sure we're looking at all sorts of things like sandboxing and whatnot, but given multi-purpose computing and the conflicting goals of absolute freedom and defense against highly motivated attackers, we're going to have to make some choices aren't we? I don't disagree that all of these technologies can be misused. Most can. We've all read the Risks columns for years about ways to screw things up. At the same time individual computers don't exist in isolation. They are generally part of an ecosystem (the internet) and as such your polluting car causes my acid rain and lung cancer. Strict liability isn't the right solution to this sort of public policy problem, regulation is. That regulation and control can take many forms, some good, some bad. I don't see the problem getting fixed though without some substantial reworking of the ecosystem. Some degree of freedom may well be a casualty. Please don't think I'm actually supporting the general decrease in liberty overall. At the same time I'm pretty sure that traffic laws are a good idea, speed limits are a good idea, even though they restrict individual freedoms. In the computing space I'm ok allowing people to opt-out but only if in doing to they don't pose a manifest danger to others. Balancing the freedom vs. the restriction isn't easy of course, and I'm not suggesting it is. I'm merely suggesting that all of the research we've ever done in the area doesn't point to our current model (relying on users to make choices about what software to use) promising. How to make this happen without it turning into a debacle is of course the tricky part. -- Andy Steingruebl steingra at gmail.com
Current thread:
- Microsoft's message at RSA Gary McGraw (May 05)
- Microsoft's message at RSA Gunnar Peterson (May 05)
- Microsoft's message at RSA Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (May 05)
- Microsoft's message at RSA Andy Steingruebl (May 09)
- Microsoft's message at RSA Gary McGraw (May 09)
- Microsoft's message at RSA Andy Steingruebl (May 09)
- Microsoft's message at RSA Gunnar Peterson (May 09)
- Microsoft's message at RSA Gary McGraw (May 09)
- Microsoft's message at RSA Gunnar Peterson (May 05)