Firewall Wizards mailing list archives
Re: How to Save The World
From: Crispin Cowan <crispin () immunix com>
Date: Sun, 12 Dec 2004 19:25:59 -0800
Marcus J. Ranum wrote:
If you drink a couple of shots of tequila to clear your mind of preconceptions and really think about this Internet Security stuff, there's a couple of glaringly obvious alternatives that we, as an industry, have chosen to not explore. What is the cost of enumerating viruses and malware and running antivirus software ($19/year/desktop...) versus the cost of telling the system exactly what code you want to allow to run. (Hmmm, let's see - I could define my desktop computer's "allow" list in 3 seconds: Eudora, Opera, Photoshop, Powerpoint, Word, and directory toolkit)
Put down the tequila :)Immunix's SubDomain product does pretty much exactly that. While the security benefits are intuitively obvious, and you would /think/ that it would be that simple, it is not. The hard part of this approach is:
* Making it actually be simple to enumerate the "allowed" operations that your computer should do. The direct/obvious approach can a long time to write out. Immunix makes it fast and simple. * Making the enumeration flexible enough so that it doesn't break next Tuesday when you add something. Immunix does that, too.
I think it is pretty hard to make the case that custom software is often going to be cheaper than commodity software. The reality distortion field here is brought to you by the much more silly notion of standardizing on software from a particular vendor in Redmond. There are two things wrong with that:For a very long time, now, the industry has been moving away from "custom code" based on the premise that software is a commodity and should be treated as such. But that is obviously an inaccurate premise. If you question the premise that software is a commodity, you need to question all the "facts" that follow from it.
* the support costs of patching their particularly atrocious software are much higher than they need to be * it is not a "commodity" any more if you give one vendor monopoly control on the supply, and thus total control of the priceSo lets not throw the baby out with the bath water. "Commodity" good. "Single source commodity" bad :)
Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ CTO, Immunix http://immunix.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: How to Save The World, (continued)
- Re: How to Save The World Frank Knobbe (Dec 13)
- Re: How to Save The World Devdas Bhagat (Dec 13)
- Re: How to Save The World Jian Zhen (Dec 13)
- Re: How to Save The World Marcus J. Ranum (Dec 13)
- Re: How to Save The World Jian Zhen (Dec 13)
- Re: How to Save The World Devdas Bhagat (Dec 13)
- Re: How to Save The World Crispin Cowan (Dec 13)
- Re: How to Save The World Devdas Bhagat (Dec 13)
- Re: How to Save The World Bruce B. Platt (Dec 13)
- Re: How to Save The World (was: Antivirus vendor conspiracy theories) Marcus J. Ranum (Dec 12)
- Re: How to Save The World Crispin Cowan (Dec 13)
- Re: How to Save The World (was: Antivirus vendor conspiracy theories) ucxfoe (Dec 15)
- Re: Re: How to Save The World (was: Antivirus vendor conspiracy theories) Devdas Bhagat (Dec 15)
- Re: Re: How to Save The World (was: Antivirus vendor conspiracy theories) Marcus J. Ranum (Dec 16)
- Re: Re: How to Save The World (was: Antivirus vendor conspiracy theories) Adam Shostack (Dec 19)
- Re: How to Save The World (was: Antivirus vendor conspiracy theories) Harry Tabak (Dec 15)
- Re: How to Save The World (was: Antivirus vendor conspiracy theories) ucxfoe (Dec 15)
- Re: How to Save The World (was: Antivirus vendor conspiracy theories) Marcus J. Ranum (Dec 11)
- Re: How to Save The World (was: Antivirus vendor conspiracy theories) Paul D. Robertson (Dec 12)
- Re: How to Save The World (was: Antivirus vendor conspiracy theories) Jim Seymour (Dec 12)
- Re: How to Save The World (was: Antivirus vendor conspiracy theories) Chris Pugrud (Dec 13)