A more fundamental issue..
From: Jeroen van Drie (jeroen_at_3va.net)
Date: 11/06/03
- Previous message: Kenneth R. van Wyk: "Re: bill gates' claim about security vulnerabilities per LOC inUnix versus Windows"
- Next in thread: Marius Huse Jacobsen: "Re: A more fundamental issue.."
- Reply: Marius Huse Jacobsen: "Re: A more fundamental issue.."
- Maybe reply: Jeroen van Drie: "Re: A more fundamental issue.."
- Maybe reply: Jeroen van Drie: "Re: A more fundamental issue.."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <secprog@securityfocus.com> Date: Thu, 6 Nov 2003 00:20:33 +0100
A more fundamental issue...
As computing become ever more powerful and oop scripting languages ever more
prevalent and simple, more and more programmers will know less about OS &
library component fundamentals. As computing becomes ever more pervasive,
the security of code in the OS & library components will over the years only
become more important while becoming the domain of an ever more exclusive
club (because their members are mainly highly experienced C/C++ programmers).
While it seems that we'll be stuck with fairly primitive interfaces (keyboard,
mouse and two dimensional screen) for at least another decade, more intimate
interfacing such as 3d displays and tacile feedback are on the horizon; the
sensors and feedback devices some scientists have implanted into living
tissue are on the radar. These new interfaces have the potential of
revolutionizing our computing experience. If at this point we were to add the
convergence of the computing and bio/genetic sciences that seems imminent
over the next few decades to the mix, the result will most likely be a
computing experience that is almost as if not more intimate as any level of
human social intercourse. This century will most likely see advanced,
intimate human interface technologies introduced, and once they are available
their benefits will most likely mandate their use. These technologies will
most likely aim to wire us directly into the computer.
And so we program in ever higher scripting abstractions, we interface ever
closer to and into our skins and minds, we integrate systems ever closer to
rely on and reuse of each other. All this is built on increasingly complex
layers in the OS and in library toolkits.
As computing becomes ever more pervasive, even intimate, exploits can lead to
increasing disaster.
Our mode of thinking about security may have kept up to date with the
requirements but isn't yet really taking the foreseeable evolution and
convergence of computing and other sciences into account. Computing security
is becoming a political concern but that concern is still too shallow and
mainly has to do with issues such as 'bundling', 'sharing' and 'digital
rights'. The OS and library components are becoming open, public
infrastructure but the trend is at risk from the current political focus on
private instead of public ownership protection.
Security socially is about accountability and transparency. Programmers and
the politicians now are setting the mold for other sciences to follow.
Especially the science of genetic and bioengineering requires a much more
accountable mold before its products can become as ubiquitous as our
handywork. If we are to see the same lack of security professionalism and a
similar level of expediency in bioindustries as we see in the software
industry we have a lot more to fear from vulnerabilities and exploits and
lack of patches there. Hopefully in the nearby future we have enough OS &
library knowhow of our own internals so that we can patch something like Sars
quickly. The need for that knowhow to be "open source" is evident otherwise
we as a species could be ransom to profiteering.
ps: I've gone through a couple of drafts, don't mean to cry wolf, but we are
on the eve of our development model spilling over into other sciences that
increasingly use computing in development and manufacturing. It's a fairly
alarming trend considering that we as a society seem to spend more media time
on security issues within our computers than in our biosphere. It's also
alarming that after so much public scrutiny and debate we are still on the
religious discourse of good and evil.
- Previous message: Kenneth R. van Wyk: "Re: bill gates' claim about security vulnerabilities per LOC inUnix versus Windows"
- Next in thread: Marius Huse Jacobsen: "Re: A more fundamental issue.."
- Reply: Marius Huse Jacobsen: "Re: A more fundamental issue.."
- Maybe reply: Jeroen van Drie: "Re: A more fundamental issue.."
- Maybe reply: Jeroen van Drie: "Re: A more fundamental issue.."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
