From: Robert J. Bradbury (bradbury@aeiveos.com)
Date: Tue Sep 17 2002 - 07:07:04 MDT
On Mon, 16 Sep 2002, Wei Dai wrote:
> I wonder if anyone is as disturbed as I am with the recent news of remote
> exploitable holes in OpenSSH and OpenSSL that allow attackers to run
> arbitrary code.
Yes, I am quite disturbed.
> When open-source software whose only purpose is to improve
> computer security actually make it worse, I have to wonder if security is
> possible at all. Has anyone thought about what causes this seeming
> inability of human beings to write secure software, and what its
> implications are for the future?
I think Anders recent note about the necessity of multi-ringed security
systems sums it up (with mathematics included). It seems unlikely
that any single system (even open source) will be completely secure.
The best that we can hope for is that they become more secure over time.
Open source may reduce the initial vulnerability level and accelerate
closure towards a secure system with respect to closed source.
With regard to what creates this situation -- secure software
(and "security" itself) are entirely artificial human inventions.
The best analogy one might come up with in nature is immune systems.
Immune systems are not perfect -- they sometimes fail. Natural
selection presumably leads to better immune systems. That may
be the best we can hope for when considering secure software systems.
Robert
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:17:06 MST