I liked the article a lot! It prompted me to buy "How Linux Works: What Every Superuser Should Know" by Brian Ward and it is a great read. I recommend it.
My point is I disagree a little with Linus' goal of rejecting all security patches if they slow down user space. Moore's Law is still in effect ( http://www.techradar.com/us/news/computing/moore-s-law-how-long-will-it-last--1226772), so the speed of computer hardware is still increasing faster than the drag produced by software. I think some kernel security patches could be implemented and in two years user space will not be affected (more or less). As it says in the article, it is much easier to say no impact on user space than a little impact is OK. How much is "a little" and who decides (probably Linus)? Perhaps it is time to rethink this golden rule of kernel development in this very aggressive game of global cyber attacks, which are funded by foreign governments. (Although, on a side point, I wonder how much the NSA has mapped the power grids of other nations and installed sleeping exploits...) A second point that Linus made, although not that well, is that if kernel security becomes the focus of development, then we are making a big mistake. IMO, the goal should be to have many layers of strong security that continually evolves based on the assumption that the attacker is just as smart as the security experts. Just relying in security in the kernel is like building a fortified castle, but not adding a moat or rings of stout walls around the inner keep. Also, all these security experts would love to be able to lay the blame for exploits at the feet of the kernel, which they do not control/maintain/develop, instead of accepting that the world of security is ever changing and every now an then the bad guys may get through. Just my 2 cents....thanks for the article!! Mark On Sat, Nov 7, 2015 at 7:23 AM, Rich Shepard <rshep...@appl-ecosys.com> wrote: > On Fri, 6 Nov 2015, Patrick J. Timlick wrote: > > > An interesting account of the controversy surrounding Linux security. > > Where does PLUG weigh in on security vs speed and ease of use? Is our > > friend and neighbor Linus right or should we go with less famous > "security > > experts"? > > From my position as a non-computer professional end user of linux since > 1997 I think they're both correct ... from deterrent points of view. > > The two recent vulnerabilities/exploitations of 'Net back-office tools > (heartbleed and the other mentioned) were, if I recall correctly, related > to > bind. Bind is an essential utility but not part of the kernel. Part of GNU > Linux (and similar systems, I'm sure), but not in the kernel. This, > perhaps, > gives one point to Linus. > > From everything I read the greatest vulnerabilities and exploitations > come > from the carbonware portion of the computing corpus: > > - Weak passwords. > > - Accounts payable clerks who accept e-mails seeming to come from their > bosses to wire transfer thousands of dollars to off-shore accounts without > verifying that the request is real. > > - Outdated, not upgraded applications such as PCAnywhere on parking lot > and car wash POS systems that are compromised because the POS system > providers do not upgrade the remote access tools and the folks who run the > parking lots and car washes are ignorant and not expected to manage the POS > systems they use. > > - ATM and other POS exploitations based on insufficient security and > (if I > correctly interpret the reports) Windows vulnerabilities across almost > every > retailer chain. > > Give Linus a second point. > > On the other side, there are known potential weaknesses in the kernel > and > the argument that adding security at the cost of some slowness in response > is unacceptable is equivalent to claiming that putting kids in secure car > seats and the driver using a seat belt is unacceptable because it delays > going to the grocery store. While it seems that for too many people instant > gratification is no longer quick enough (see Amazon's promise to deliver > what you order as soon as you pay for it), as a society we need to accept > the cost of added security on the Internet just as we accept a delay by > locking the doors to our houses and apartments (a major production > involving > multiple locks in cities such as New York.) Score a point for the 'crazy' > security experts. > > Ideally, we'd work on both aspects. Train humans to be more security > conscious in their use of computers (similar to pushing water uphill) while > adding two-factor authentication more broadly and adding additional kernel > and utility security even at the cost of slower response time. > > Rich > > _______________________________________________ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
