Security quotes of the week
Posted Jun 1, 2012 13:54 UTC (Fri) by malor
In reply to: Security quotes of the week
Parent article: Security quotes of the week
Only on Linux, and it is utter, absolute bullshit that it always needs to be that way.
These guys spit in the face of the security community, and now they've dug themselves in so deep that they no longer can offer secure shared access to hardware. Their kernel is so rickety that they're scared to even try to offer shared access themselves. They won't eat their own dog food, because they have fatally compromised one of the two fundamental layers of Unix-style security. It used to require two exploits to own a box, a user-level exploit and then a root-level exploit, but now it only really takes one. To get any kind of reasonable security at all, we have to turn to extremely inefficient virtualization instead. We have to haul around a whole separate kernel for each user, because these assholes have been trivializing and laughing about security for a decade now.
Security is hard, but it can absolutely be done, with the right focus. Sneering at the security community, and then actively lying about patches that fix security problems, is not the way to go about doing that. They're starting to figure out, finally, that their security is SHIT. Now the question becomes, are they willing to step up and fix their mess, or do people die because of security compromises, where people were foolish enough to trust Linux with data that could get them killed?
This stuff matters. It matters desperately for a substantial fraction of the world's population. And if they trust Linux with their data, they may end up dead. If the kernel hackers don't have blood on their hands already, they eventually will.
to post comments)