Computer Security, The Next 50 Years 234
bariswheel writes "Alan Cox, fellow at Red Hat Linux, gives a short-and-sweet talk at the European OSCON on the The Next 50 Years of Computer Security. Implementations of modularity, Trusted Computing hardware, 'separation of secrets,' and overcoming the challenge of users not reading dialog boxes, will be crucial milestones as we head on to the future. He states: "As security improves, we need to keep building things which are usable, which are turned on by default, which means understanding users is the target for the next 50 years. You don't buy a car with optional bumpers. You can have a steering wheel fitted if you like, but it comes with a spike by default." All of this has to be shipped in a way that doesn't stop the user from doing things."
Haskell. (Score:2, Informative)
There are, of course, some security issues that are independent of the language used. Some are inherent to protocols, for instance. However, buffer overflows and so forth are a thing of the past when using a language with proper memory management.
Security glitches caused by basic concurrency errors are also avoided when using a language such as Haskell, that can automatically parallelize computations.
Re:Not really an expert (Score:5, Informative)
Re:Haskell. (Score:5, Informative)
At the moment it looks like micrkernel architectures (real ones, none of this hybrid stuff) coupled with capability based security systems, should be able to provide real, formally verifiable security. As with most things there are a handful of practical barriers to overcome (primarily performance related), but another 5-10 years and those problems should be sorted out.
For a more in-depth discussion of capability systems, see the wiki page [wikipedia.org], and this essay by Dr. Jonathan Shapiro [eros-os.org]. (And to be perfectly honest, he's a professor of mine and my views are colored as such.)
Re:Are you joking? (Score:2, Informative)
Now, funnily enough I just saw a report on tv last night that will be presented to my government today concerning the steps we need to take in order to become self-sufficient in terms of energy within a 50 year timespan. Solar, wind, planetary heat, biogas, you name it, we're doing it. The way I see it, those countries that find the right solutions for durable energy are going to have a very prosperous future indeed, and the way things are looking right now, those countries will located in Western Europe. Sweden already has cars driving around on 85% ethanol. Germany has so many wind turbines that when there's too much wind the power grid gets more than it can handle. Cow shit is being used to generate electricity, with the remainder being chemically converted into fertilizer.
All the tech's right there for the taking. All it takes is a government with enough balls and a sufficient amount of long term vision to go for it.
Re:Maybe the author doesn't (Score:2, Informative)
Security and Usability (Score:3, Informative)
If you design user interfaces to secure applications, I highly recommend the O'Reilly book Security and Usability. It's a collection of classic and new papers on the topic. Simson Garfinkel's thesis [simson.net] is also a good reference on usability and security.