Dutch log

Much ink has been spilt about the new security measures in the upcoming Windows Vista. Whether you love them or loathe them, they’ll almost certainly result in a more secure operating system, fewer malware and hopefully less spam from infected boxes. What you won’t hear much about is trusted computing, which was set to be the next big thing in security. Trusted computing is a scheme to create a secure, protected zone within computers which they can then use check the security of the rest of the system. In principal the scheme by the trusted computing group is a great idea but many people foresee problems. The early plans for Vista included extensive use of trusted computing, but as time has gone on, these have been whittled away and only one service in Vista uses it, the so-call BitLocker Why? Well, unlike many of the security features that will ship with Vista, Trusted Computing is going to be very hard to bolt-on to existing programs. Much of the software that may eventually use Trusted Computing will have to be re-written from the ground up. The cynic in me says that the most likely software to be released first is going to be Digital Rights Management and other software that prevents users from making full use of their computers. Personally I’m not sure that even Trusted Computing is going to work for securing Windows-class operating systems. I’m personally a fan of the UNIX-style layered security, where you have multiple layers of security, each separated from each other and each robust should the others fail. Steps such as: ensuring that every user and demon (service in windows-lingo) runs as a separate identity with minimal rights; enforced file permissions; firewalls; the X11 security model; ssh remote connections; gpg-signing of software and binary releases; PAM; SE Linux; etc. Taken separately, none of these are stronger than Vista security is going to be, but taken together they represent a formidable defence against malware and malcontents alike. cheers, stuart…more