[cap-talk] Confessions of a C programmer
James A. Donald
jamesd at echeque.com
Fri Sep 25 17:48:28 PDT 2009
--
John R. Strohm wrote:
> Yes, we know how to eliminate the common
> vulnerabilities, and we have known how to do it for
> quite literally DECADES. (Plessey 250, anyone?
> Burroughs B5000 series? Gypsy? Ada?)
>
> Once you admit that we have the technology, and have
> had it for a long time, you have to ask the next
> question: Why isn't it being used?
Systems that get widely used are produced by people
whose number one priority is producing systems that are
widely used. Since attacks do not ensue until *after*
the system is widely used, security is not architected
in at the beginning, but shimmed on at the end, leading
to a multitude of dialogs of the form:
Danger, Danger, some issue that even expert
cryptographers have trouble understanding, let
alone explaining.
Do you want to continue doing what you are
trying to do, or just give up in despair?
* continue
fail
The one commonly used exception to this principle is
SSH, where security was designed in first, and everything
else built around security, and as a result the above
dialog is somewhat less frequent, and not quite as
useless.
More information about the cap-talk
mailing list