September 5, 2006
I must admit that I don’t know what computer security actually means. I skimmed several intro to computer security pages at various universities and CERT, plus other material around the web. First, all of these articles admit that computer security is a nebulous catch-all term for any unexpected use of a computer system. Second, most security problems are clever exploits of poorly designed systems. Buffer overflow is ridiculous and is easily fixed with array bounds checking (even in C). Third, security solutions tend to be band-aids over poorly designed systems. Denial of service(DoS) attacks are a clever exploit of a silly flaw: the kernel holds a reservation for every TCP/SYN packet. A clever hack is to send back a SYN Cookie rather than a TCP/ACK packet. The reservation is encoded in the cookie rather than held by the kernel. Cool idea, but perhaps TCP shouldn’t assume cooperative end-users in the first place. Finally, the biggest security holes are dumb users, which can’t be solved by nagging security questions. My parents have no idea what those Norton Security pop-up windows mean. So what is the big deal about real-world security problems? A safe programming language and appropriate crypto tools should solve most problems.
[edit: The first thing I thought of to prevent DoS attacks is to require the client to solve cryptographic puzzles. Of course, everyone else has already thought of it.]