September 2005


I am The Cyberwolfe and these are my ramblings. All original content is protected under a Creative Commons license - always ask first.
Creative Commons License

Archive for September 11th, 2005

The Six Dumbest Ideas in Computer Security

Posted in Geekery on September 11th, 2005

This article needs to be required reading for every programmer and developer in the world. It is a bit long winded, but I think I can actually combine two things into one. Here’s a shorter version:

#1 Default Permit and #2) Enumerating Badness really point in the same direction.

The idea here is that computers today either do everything unless told not to or let everything in unless told not to. This means you have to spend your time looking for all the things in the world they shouldn’t be playing with. Exhausting to even think about!

What they should be doing is only what we tell them to and allowing in the same. Brilliant concept, no? Here’s an example: a Blacklist vs. a Whitelist.

A blacklist is, of course, a list of all the things you shouldn’t do or people you shouldn’t talk to. Your Anti-virus client has a list over 75,000 items long of things not to do, that has to be updated weekly, if not daily.

A whitelist, on the other hand, is a list of things you should do or people you should talk to. How many programs do you use daily? Three? Maybe up to seven? That list just got orders of magnitude shorter. And how often do you install something new? Maybe once a month?

Obviously, implementing a whitelist-type security policy would benefit a corporate environment the most, where computers are used more as tools rather than entertainment consoles, but the home user would still see some benefits – like an end to spyware.

Here’s something that made his list only peripherally: Ease-Of-Use. In the early days, computers could only be used by people who had specific training. To generate a greater demand for computers and thus bolster the profit margin, they had to make them easier to use so more people could do so and grow dependant on them in their daily lives.

This has unfortunately led us to a situation where the average computer user knows nothing about how the computer actually works – which in turn means that to get anything done, the software needs to be designed to function on a single click of a mouse. That one click can now have the effect of executing millions of lines of malicious code, with the user none the wiser.

Me, I think we should ease up on the user-friendly bit and force the user to gain a little education and think about what they are doing. Yes, I realize that this would end up alienating a chunk of the userbase, but the ones who don’t want to learn are the ones that make it bad for everyone.

-Begin Rant- Read the rest of this entry »

As if two weren’t bad enough

Posted in Geekery on September 11th, 2005

This post tells us that there will be 6 (count ’em, six!) versions of Microsoft’s new Vista Operating System to contend with.

Good frelling Gods of Computing!

This is the definition of Bad Software Design, and the elimination of upgrade-ability. The distinctions between these six versions aren’t really all that clear yet (MS is splitting some hairs pretty fine), but my take is that the consumer isn’t going to know one way or the other what they really need or want, and are going to end up paying the premium to get extra functionality they don’t need, just on the off chance that they may need it eventually. Why will they do that? Because MS sure as shit won’t make those extra functions as something you can add later – you’ll have to do a whole-hog upgrade re-install.

They have now taken their approach of wraping everything into the OS to it’s utter extreme of idiocy, and the world will suffer for this.

On the other hand, since Linux doesn’t bend you over a barrel like this, it may just end up being better press for us. This should be fun to watch.