Linked by Thom Holwerda on Tue 30th Aug 2011 17:29 UTC, submitted by Dale Smoker
OSNews, Generic OSes "What would an operating system look like it if were redesigned with security in mind? Joanna Rutkowska thinks she has the answer with the development of Qubes OS. We sit down for an interview with Joanna to discuss the way Qubes OS augments security."
Permalink for comment 487953
To read all comments associated with this story, please click here.
RE[3]: Secure OS?
by sakeniwefu on Thu 1st Sep 2011 15:20 UTC in reply to "RE[2]: Secure OS?"
sakeniwefu
Member since:
2008-02-26

There is no language safer than C in a Unix-like environment, because their shortcomings are well understood by anyone who has taken the time to learn about them.

Saying that C isn't secure because of buffer overflows is a bit silly nowadays.

Memory corruption attacks are going the way of the dodo. The few still working, rely on lazy implementations of exploit prevention technologies or evil designs such as self-modifying-code and custom memory management. All high level management decisions which can be fixed, or not far away from C level.

Most security bugs being talked about in OpenBSD misc@ and tech@ lists nowadays are logic bugs. Most actual exploits for other systems in the wild, exploit logic bugs.

Your hash function drops every other bit because of some logic error and anyone can login as root in about ten attempts? Your web server code uploads any file to a user-specified path, and has permissions for everything? A race condition in your file locks?
No problem, just use Haskell. Oh, wait...

Please tell me how your safe languages will help me.

About proofs, Donald Knuth had this to say.

"Beware of bugs in the above code; I have only proved it correct, not tried it."


It's easy to make something work as designed. It's harder to design something right, especially if you think you don't need to worry about security.

Edited 2011-09-01 15:22 UTC

Reply Parent Score: 3