As Long as Humans are in the mix ...
there will be problems with security.
A few thoughts:
In an ideal world (yeah right!) every computer user would be security conscious. If we all thought the same it would be a dull world! ;) Communisim, generally, doesn't work. The majority of the world is capitalist for a reason. People like their individuality / ego.
We can only educate people who want to learn. That's the problem, not all computer users are motivated to learn about security.
Most people only learn from their own mistakes. It is a wise person that learns from the mistakes of others! This, to my mind, is what slows the evolution of computer security.
Operating System manufacturers are predominantly in the business to make a profit. Unfortunately this is the way of the commercial world and it is the core driver of their business.
Good security is inconvenient, however, we generally live in a convenience orientated world. See the conflict there? lol
Take cars as an example:
The car industry has been around for some considerable time. Cars still break down and get stolen or vandalised.
There is legislation in most parts of the world that means a driver has to pass a / several tests before they can obtain a license to drive one. Drivers still crash or have / cause accidents. Some drivers still drive without a license!
The world is not perfect, the human race is not perfect, computers are not perfect, and computer security is not perfect. Nirvana, therefore, is unobtainable. Well, whilst alive at least! ;)
Finally:
On the plus side, we've all still got employment opportunities within the computer industry whilst this imperfection exists.
Quote:
By rapier57
Vigilance and dedication. Mitigating and accepting risk. Late nights and weekends. That's what we're all about.
This is very good! I would amend it slightly to
Mitigating and reducing risk to acceptable levels. Vigilance and dedication - that's what we're all about.
Re: Re: Operating systems, the security silver bullet
Quote:
Originally posted here by R0n1n
Been thinking about this since a chat a while back, and it occurs to me that anti virus, IDS, IPS, firewalls et al...are really just band aids for the fact that the majority of operating systems do not really afford any great deal of security.
I disagree, the operating systems themselves afford as much security as is reasonable to allow people to make use of their systems.
Quote:
Kernels have grown larger, everything but the kicthen sink is now in them, systems seem to require more and more services to run, and switching of a few of these will often result in one app or another worker.
See, I have an issue with how you began this. You indicated you didn't want a Windows vs Unix argument, but what you're saying here applies really only to Windows, not to Linux (or many Unixes). A Linux kernel has the same types of features in it that it did five years ago.
Quote:
Originally posted here by Vorlin
1) We can harden the technology, making it do whatever we want, and hence making it safer to use and more secure. We need to get off the bandwagon of backwards-compatibility, which opens all kinds of problems, and aim more for future expansion.
Aiming for future expansion has time and again been proven utterly useless. It is nearly impossible to predict trends in the tech field. I remember about 7-8 years ago when HTML 1.2 was being standardized, there was this new thing called VRML that was going to revolutionize the web. Have you ever heard of it more than in passing? Where is it now? Likewise many industry analysts (not just Microsoft) predicted that this whole Internet thing was going to be nothing more than a passing fad.
Backwards compatibility is a necessary evil of computing. How far back to go is up for debate, but if you look at the major industry successes, they are all built around maintaining backwards compatibility (look at how the K8 architecture is working out huge for AMD as one example).
