Results 1 to 8 of 8

Thread: Blueprint for more-secure servers released

  1. #1
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171

    Blueprint for more-secure servers released

    Servers that are built following the group's specifications will be less prone to attack, Brian Berger, chairman of the TCG's marketing working group, said in an interview. Critical data can be protected by hardware-based security, not by often-attacked and vulnerable software, he said.
    http://news.com.com/Blueprint+for+mo...0744&subj=news
    Blueprint for more-secure servers released | CNET News.com

  2. #2
    Banned
    Join Date
    May 2003
    Posts
    1,004
    While it is true that some good may come from the TCG's efforts, I really think that Tom Perrine was really on the ball back in 2002 when he effectively asked the question "Why are we here, again? (And why does no one remember the last time we were here, again?)" here:

    http://www.usenix.org/publications/l...fs/perrine.pdf

    Here are some highlights:

    in 1973, the seminal report on computer security – the “Anderson Report” – had been published for the US Air Force. This report called for better software design practices, better programming languages, and something new called a “security kernel.” It also suggested using formal mathematical models to prove that the kernel would operate correctly. This paper also, almost as an afterthought, described what we now call “automated intrusion detection” and noted that a primary way to compromise an operating system was to exploit “insufficient argument validation.”
    Yes, the Anderson Report described buffer overflows as a proven penetration method and ways to avoid them 30 years ago.We’ve obviously come a long way since then. So far that we need Palladium and TCPA.
    (Palladium and TCPA are of course related to the TCG's current hardware-based security ideals)

    People started to design and develop “security kernels.” These were small, well-defined cores upon which an OS could be written that would be small and “verifiable” using formal methods. This gets around the problem that verification methods and human minds weren’t ready to deal with analyzing very complex systems. The idea was to concentrate all the security features, and only the security features, into a small kernel that would provide the base upon which a secure OS could be layered. This was imposing “least privilege” on the operating system itself, allowing the operating system to have bugs and yet not be able to compromise security.
    (Hmm so software-based security might work to prevent every little flaw from being an security issue, who knew?!)

    Although KSOS (and SCOMP and Multics) made significant advances in computer security and software design methodologies and helped us to understand the problem of software quality and assurance, they have been mostly forgotten. These OSes, and their contemporaries, provided many features and services that are continually rediscovered or even “invented” every few years for new operating systems. Palladium and TCPA are just the most recent efforts to cover the same ground. In Orange Book terms, they are trying to go “beyond A1” into “trusted hardware,” without first getting to B-level software architecture.
    Skipping steps... now there is the way to a secure system.

    cheers,

    catch

  3. #3
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171
    Hi catch,

    Hopefully TCG is aware of the problems that were encountered in the past and have taken them into account in the process of their product
    The first servers built according to the specification should be available by year's end, according to the TCG.
    I suppose we will find out then whether or not they learned from the mistakes of others or just repeated them.
    Hopefully, the former, as I think it might be a step forward in providing a more secure environment and may lead to future improvements in this area.

    Eg

  4. #4
    Banned
    Join Date
    May 2003
    Posts
    1,004
    Unfortunately they have not.

    Companies involved (like Microsoft) are picturing this hardware-based security as a silver bullet for all their security woes as it will save them from... in their own words "fixing millions of lines of code." (Linux isn't a lot better with its nearly 300 system calls)

    All TCG will do is provide some externally managed change control and simple mandatory access controlling (though no one is using that term, cause then it might be very apparent exactly how not new this all is).

    Again I think the TCG has some good ideas, but unfortunately the negatives of these mandatory controls, obnoxious versioning, and expiration controls currently outweigh the benefits of a slight increase in security which could easily be achieved via other, better, tried and true means.

    cheers,

    catch

  5. #5
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Catch,
    I 'm not so sure that Microsoft see TCPA as a silver bullet for any of thier woes, security or other. More of a way to lock users into there money tree??
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  6. #6
    Banned
    Join Date
    May 2003
    Posts
    1,004
    You are right... Microsoft sees it as a silver bullet for its marketing problems regarding their products' security.

    I used to really love MS products, but they have just lost their mind with all the new licensing BS, and at the end of the day... the whole of the TCG will not focus their efforts where they will actually be helpful, but merely as a vast anti-piracy scheme.

    I have a question... the point of fighting piracy to increase developer sales and consequently reduce customer costs. Why are legitimate customers seeing no reduction in costs, no advantages at all despite being saddled with new high potential technology as exiting high potential technology (proper OS security) goes unrealized?

    Again, the Open Source community isn't a lot better, but they pissed me off years ago so that anger isn't as fresh.

    cheers,

    catch

  7. #7
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Microsoft has yet to get a large majority of its customers to upgrade too XP or the latest Office suite. As little as two years ago a company that I worked for was still using Win 95, with know intentions to upgrade.

    The way I see TCG, is an attempt to eradicate piracy and by using legislation, forcing TCPA on the industry, will effectivly kill all Microsfts competition, and force users to upgrade, both software and hardware. Nevermind the development problems of Longhorn, Microsoft know there is not a market for it at this time, hence all the delays< That of course is just my opinion< If there was a market i'm farely sure Longhorn would would have been released on shedule.

    TCPA, from all I have read (ok a lot af paranioa) Is a set of standards, that will benifit, Microsoft, some approved hardware manufacturers and the content industries and that is pretty much it. Basicaly an attempt to create a legal cartel. In much the same way as the DVD hardware manufacturing group.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  8. #8
    Banned
    Join Date
    May 2003
    Posts
    1,004
    A lot of what people are saying on the subject is very doom and gloom, mostly with little actual understanding of what the TCG is doing.

    There will be security benefits, and there will be no locking in with regards to any OS or software. You can even run pirated software and media still... you just won't reap the benefits of TCG if you do this. The benefits are of course access to new media with TCG based controls (until a hack comes out, and I see no compelling reason to think a hack for this should be long in the making) and the increased security through the MAC like controls and versoning controls.

    Remember, all these hardware approaches do is divide the system up into three levels. Trusted, Assured, Untrusted. Untrusted is still completely at the users discretion as far what software and media is used.

    cheers,

    catch

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •