Comment Re:Its due to the courts' zeal for punishment (Score 1) 246
He's no Tony Blair or even a Mitnick or a Zimmermann. He might make $10k if he's lucky.
He's no Tony Blair or even a Mitnick or a Zimmermann. He might make $10k if he's lucky.
...particularly for punishing small fries who get in the way of large corporate interests and other big shots.
Along the same lines, we can ask why 'Bidder 70' went to jail for stopping the illegal sale of public land.
Read more of their site (and Joanna's blog). DMA is isolated with an IOMMU; You must have an Intel i5 or better with the VT-d feature and a chipset + BIOS that supports it. AMD also has some processors with IOMMU capability under their own trade name.
PCIe devices are assigned to VMs as needed (you can even configure it in the GUI).
x86 virtualization is not about security,
Uh, x86 virt "wasn't" about security. Intel has already responded to bugs reported by the ITL team and others, so its changing for the better. Stick with Ivy Bridge or later.
The addition of the IOMMU feature alone is evidence the focus has shifted toward VM security.
As for legacy, it turns out that those PS/2 interfaces that have hung around in a lot of laptops (built-in keyboards) and towers are what keeps the USB miasma from negating the security architecture.
The whole mess has a lynchpin (perhaps the only one?)....
Modern computers are vast amalgamations of logic (of varying quality), and we can see only the iceberg tip of the iceberg tip of that content at any given time. Even the experts are left constantly guessing about the doings of all the invisible things inside.
And no, I have no idea how to improve that situation. No matter what you change, you're not going to get any better results.
Start by creating a creating a desktop OS with a hypervisor ingrained into it (all the risky stuff, even graphics and IP stacks are isolated) to reduce the attack surface to a very small area. Then, hopefully, more and more eyeballs and minds will concentrate their attention on the really crucial parts instead of getting PTSD over the whole expanding theatre of apps and services.
Next, turn attention to system firmware (CoreBoot BIOS, and Shuttleworth's initiative to replace ACPI). We're almost half way there now...
Finally, open hardware: CPUs, GPUs and such (we may see mobile devices benefit from this first).
TL;DR: Make the whole logic stack inspect-able and open, and tightly link the security context provided by those components to the privileged part of the GUI.
The explosion of "brogrammers" et al is a reflection of increasing amounts of code and complexity. Maybe this site closure is a just a symptom of that trend going too far... the surface area to be protected, audited and patched has just become to large and the security culture is caving under that weight.
I think I've mentioned Qubes to you before... I can stuff all sorts of apps and functionality into it without impacting my attack surface and overall risk much. I just have to think about the 'who' and 'what' of the app and the task before I assign it to a domain-- a little reflection buys me great peace of mind (instead of making me more worried, the way other architectures do).
This is based on a particular kind of Security By Isolation. The upshot is that the area of security focus for the community is reduced to the bare essentials, and that could have a positive effect in terms of available skills with more eyeballs looking at a given piece of sensitive code.
Also, there are ways to impose strong security on a wide array of existing consumer software. It requires a certain level of hardware features (like IOMMU), but its possible to do even in a somewhat elegant manner.
Audits are not formal verification. Give me a system that reduces the attack surface *without* shutting down most of a system's functionality, and which doesn't diminish its security profile when adding/enabling features.
OpenBSD is an anachronism in a world that has demoted OS kernel-based security to the sidelines, in favor of hypervisors. Qubes continues this trend by working VMs into the grain of the desktop architecture itself; this allows a profusion of apps and features to be added while affecting the attack surface minimally or not at all.
Its a good reflection of Finance sector dealings and the "controversy" about global warming trumpeted by the media (it was a large component of the media's product-output at the time, needlessly fuelling a pattern of denial and argument for its own sake).
In fact Qubes assumes they are hostile to a great extent already.
As long as one trusts the BIOS and other critical boot-time elements (i.e. ACPI), you have a very good shot at maintaining security with a system like Qubes and this is why Qubes users are expessing a lot of interest in Coreboot (open BIOS).
(Of course, one must also trust the CPU and chipset, but these are often provided by the same vendor which reduces the trust issue down to one party. And we're not even talking firmware or software here: Its hardware, which is further down the open source horizon, but someday.....)
Escaping proprietary firmware.... http://www.coreboot.org/Welcom...
Interesting, though I've been using DoNotTrackMe which is faster than Ghostery and isn't joined at the hip to the ad industry.
I do my browsing in an untrusted or disposable Qubes domain, which is about as strong security as you can get for a functional desktop system. Still, it would be awesome if pwn2own made it one of their target OS's... now for *that* I would get out the popcorn!
Maybe he thinks MS joining NSA PRISM was a heroic act.
Modeling paged and segmented memories is tricky business. -- P.J. Denning