A ZDNet article has figured out what to do with all that extra processing power that Moore’s Law keeps giving us: use brute force to make our computers secure. Encrypting everything, between machines, and also between processes might do the trick. Of course, you can’t keep your keys in software, so that’s where hardware tricks like “Trusted Computing” come in. So let me get this straight, because we’re all afraid of viruses and hackers now, we’re going to get back on the processor upgrade treadmill and give up ultimate control over what’s on our PC to our motherboard and OS vendors?
Proper Security Will Take Horsepower
2003-09-19 Privacy, Security 16 Comments
“The man who trades freedom for security does not deserve nor will he ever receive either.”
>> Proper Security Will Take Horsepower
sure..OpenBSD really sucks my hardware dry..
after reading the article I can’t really understand what they are on about. Sure you can encrypt every process in your computer, but if your doing it in a user (or worse programmer) transparent way then it really isn’t going to make any difference.
People would still click on attachments which would still be able to mass mail themselves to hundreds of victims within seconds. Yes they might not get access to read from other programs files for neffarious purposes (such as sending off your passwords to the worm author) but they could still spread.
However a good firewall and virus checker would stop this. A much better solution would be to have a proper *nix like security policy, which requires basically no more processor power than is used now.
As a matter of fact, the OpenBSD SMP project is considering (or at least, they were considering) making the “additional CPUs” work entirely on encrypting “everything”, pretty much the way the article describes.
Like this article:
“Here’s a salient lesson for those system security personnel who spend their time fretting over the theoretical crack-ability of their 1024 bit encryption keys. Australian Customs have recently suffered a rather unfortunate set back in their “War Against Terror” with the admission that two of their secure mainframe servers have been wheeled out of the building by persons unknown. I’ll bet my $2 that the root password on those boxes was ‘trustno1’.”
That’s right, some unknown people disguised as repair men walked in and wheeled out two secure mainframes, without anybody asking for ID’s or whatever.
The article is vauge. I thought the Pallidium(sp?) chip was suppose to allow us to do that with out bogging down the CPU, btw before the flames start AMD was already working on the chip before Microsoft discovered it.
Hopefully this won’t turn into something like Zonealarm.
Crypto: “Do you wish to grant application Winword.exe to access svchost.exe?”
Buttons: Default Yes to All | Yes | No | Default No to All
Click: Default No to All
Prog: Error Winword.exe created a general error and will be terminated.
User: I can’t open any programs.
Man….like this isn’t going on already, in a more-or-less similar vein, on Windows machines……
…in fact, I had a Windows 98 machine that hummed along very nicely, with little or no trouble, until I installed an anto-virus package. Then it started needing to be rebooted on a regular basis, and all the other associated sort of trouble.
Everyone here knows the solution to the security problem. How many of you have the guts to go to your governments, state and local and whatever, and tell them you want it done?
…not to mention the old yard-stick, for your own kids, when you catch them abusing their right to use the computer.
Nothing else will work.
If you can’t design your way out of a paper bag, there is always the brute force method!
MS has a lot of smart theoretical people. Why don’t they allow those guys to have some say in their products?
i cant imagine all that many computer users really care about security ( to a certain extent) im using os x but not for security.
id much rather put that proccessing power into performance than security.
Someone needs to read Bruce Schneier’s book “Secrets and Lies” from a couple of years back. He blows holes in all these magic bullet commentators’ ideas.
Is anyone being spammed with emails with the swen virus?? (nice little one, it disguises itself as an update from microsoft)
I’m getting dozens of emails per hour :'(
“Is anyone being spammed with emails with the swen virus?? (nice little one, it disguises itself as an update from microsoft)
I’m getting dozens of emails per hour :'(”
Little rocks out of big ones. Enough of those, and the viruses and spamming will stop cold.
If it’s illegal to send viruses, what about spamming them?
How do you think those virus writers and spammers would feel if they had to make license plates for, say, 20 years?
“Software-based storage of the keys that are used for encrypted communications are not impregnable,”
Obviously, this guy doesn’t know that with a soldering iron and appropriate tools, one can bypass hardware security too.
The whole article was a long marketing trick telling customers to buy hyperthreading processors, aka Intel’s latest product. But these market droids forget one thing : a 3 GHz processor isn’t necessary for encryption and that is demonstrated by free operating systems (on low end hardware) and by Sun with their Crypto Accelerator 4000 PCI board (available even on entry level workstations.
Maybe Intel and AMD should stop using Windows in their benchmarks : it needs too much resources for no reason.
What people need is not 100% encryption/security or 0%.
What is needed is enough common sense to know when something could be dangerous (ie. clicking on attachements, not patching OS) and knowing when more security is needed (in such cases, PGP or GnuPG are all you need).
So that’s what that is. It’s a pretty good forgery, except that Microsoft woudl never send out updates by email. I hope anyway. I’ll never use one.
“Microsoft woudl never send out updates by email.”
…and out of the 100 million users who have Microsoft Windows, the number of users who will know the above fact is?….
I reiterate: Neither should the virus writer have sent out that forgery in the first place, and as far as I’m concerned, the people who do this ought to be scared shitless at the thought of what would happen if they got caught.
I’m starting to realize that these are probably immature people (maybe kids or teenagers, or disgruntled programmers.) When the RIAA woke up and started doing what they should have done in the first place (go after the people who were putting copyrighted music out in public for distribution,) a lot of the lawsuit targets got very much into pleading ignorance (I didn’t know it was illegal, I didn’t know I was making so much trouble.)
I frankly would like to see something like this placed on the shoulders of the people who write these viruses, and send out the spam, and combine them together.
Besides, those “virus updates” don’t have to be clicked on if you have an un-patched version of IE. The stupid gutter-snipe was at least shrewd enough to pull that off.