[AusNOG] (bad) cyber security and ideas coming out of thewoodwork?!
phil colbourn
philcolbourn at gmail.com
Thu Jun 24 19:47:35 EST 2010
I have been following Google's Chrome OS. It seems to me that they have
decided to tackle the problem in a different way: by eliminating the problem
of malware, vulnerabilities and buggy code.
The key points as I see it:
1. No app gets installed. The OS is a minimal image that has many ways to
verify that it is sound. All other software is downloaded and cached. The OS
itself is probably a native client app itself running on a small VM manager.
2. Strictly allow only native x86/ARM code that can be verified safe.
3. Run native code in a sandbox with limited access to system resources -
basically none.
These and other measures seem to solve the hardware/software security
issues. To reduce the risk of social attacks they
5. Actively monitor sites for malware activity and highlight in searches.
6. Increasingly encourage SSL services.
This does not solve the server issue, so they
7. Push Software as a Service and Platform as a Service to eliminate poorly
secured servers and OSs.
I think this sort of approach is the future of computers and servers. It is
notable that their approach does not rely on trusted compiler tool chains,
signed code (except for the boot loader I think) and malware scanners.
--
Phil
http://philatwarrimoo.blogspot.com
http://code.google.com/p/snmp2xml
"Someone has solved it and uploaded it for free."
"If I have nothing to hide, you have no reason to look."
"Any sufficiently advanced technology is indistinguishable from magic."
Arthur C. Clarke - Who does magic today?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100624/badaea98/attachment.html>
More information about the AusNOG
mailing list