Discussion on:
Just
In
In
Its worst than that....
Posted by ksweere
31st Jan 2011
Show:
0
Votes
RE: In cybercrime war, military projects can be game changers
So, if you keep thinking along the line of the body's self-defense mechanisms... witness cell reproduction: it's the ultimate way to keep an poorly protected network of components from virus spread/corruption by allowing it to continuously duplicate and replace aging/sick/dead parts based on an master DNA. QED = if you constantly wipe and reinject random OS or App code during idle time (and do the same to always on system files during restarts) then you're on to something! My local library wipes and reformats the pubilc PCs via a network image every night, which forces users to work from data on a removable drive if they want it to persist. Wouldn't it be better to implement this sequentially on a microsecond frequency instead?
Posted by sspirall
7th Jan 2011
0
Votes
RE: In cybercrime war, military projects can be game changers
Great story, makes sense, looking forward to no longer spending every moment battling all the hazards of the Web. Thanks DARPA!
Posted by dlaurie
7th Jan 2011
0
Votes
Its worst than that....
Hardware is indeed pretty much alike, but nowhere the same-same as the Windows operating system across the Govt.
Why would a bad guy go for the tougher-to-reach hardware when a complex, low-security OS is sitting right there running wel-known applicaitions (IE browser, Adobe, etc.) ready to exploit? Bruce Schneier writes of Software Monoculture (http://www.schneier.com/blog/archives/2010/12/software_monocu.html). In the near term, a better thing to do would be deploy a few flavors of locked-down OS's (say Windows + Red Hat Linux + Mac) so only a third or so of the network could crash at once.
DARPA seeks the far future (Go DARP!)... but we in the closer-to-now, practical world should pick these lower fruits.
Secondly, adding hardware diversity could be as simple using the widely deployed Trusted Platform Module (TPM) and add-on 'unique' encrypted hardware that are locked to specific applications.
Why would a bad guy go for the tougher-to-reach hardware when a complex, low-security OS is sitting right there running wel-known applicaitions (IE browser, Adobe, etc.) ready to exploit? Bruce Schneier writes of Software Monoculture (http://www.schneier.com/blog/archives/2010/12/software_monocu.html). In the near term, a better thing to do would be deploy a few flavors of locked-down OS's (say Windows + Red Hat Linux + Mac) so only a third or so of the network could crash at once.
DARPA seeks the far future (Go DARP!)... but we in the closer-to-now, practical world should pick these lower fruits.
Secondly, adding hardware diversity could be as simple using the widely deployed Trusted Platform Module (TPM) and add-on 'unique' encrypted hardware that are locked to specific applications.
Posted by ksweere
31st Jan 2011