Bugtraq mailing list archives

RE: [ISN] How To Save The Internet

From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 22 Mar 2005 08:45:49 -0800

Jason Coombs [mailto:jasonc () science org] writes:

<snip>

... the core problem with computer 
security is that our CPUs make no effort to restrict the execution of 
machine code to that very small subset of all possible machine code 
which constitutes the code that the owner of the CPU desires 
it to run.


<snip>

If anyone really cared about solving this core security problem with 
computing today, it would be solved in just a few months.


  Just one of the myriad of security issues that we're grappling with 
are the various rights of the owner of the CPU, the *operator* of the
CPU, and the owner of the *data*, each of whom may have a more or less
legitimate say in what code actually gets executed.  Far too many folks 
have already "solved" this problem incorrectly for me to believe that 
the "just a few months" solution you envisage will actually be correct.

David Gillett

Current thread:

Re: [ISN] How To Save The Internet Jason Coombs (Mar 21)
- RE: [ISN] How To Save The Internet David Gillett (Mar 22)
- <Possible follow-ups>
- Re: [ISN] How To Save The Internet Jason Coombs (Mar 22)
  - Re: [ISN] How To Save The Internet Thor (Hammer of God) (Mar 23)
- RE: [ISN] How To Save The Internet Arndt . WA (Mar 23)
  - Re: [ISN] How To Save The Internet Derek Martin (Mar 23)