Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
chgs 10 months ago

Until state attackers pick up your developers kids and bring them home from school, and then nicely ask him to put in a back door.

impossiblefork 10 months ago | parent [-]

But how would they know how the developer is? This is the neat part of not putting things where people can find them out.

Also, if you really keep it short, you can always check that he hasn't by reading it. You could also just never update it, and it let become ancient and well-tested.

Spooky23 10 months ago | parent [-]

Lots of espionage and surveillance within government and contractors.

Lots of body shop contractors are fake people anyway. Pretty easy to imagine placing a compromised person in a low sensitivity area, then moving laterally.

impossiblefork 10 months ago | parent [-]

But why you hire consultants to solve core security problems?

Furthermore, surely it would just be one guy who knows OS and FPGA stuff and another guy to check it?

What I'm arguing for is that a sensible solution to security problems is to avoid complexity, so that things can be obviously secure.

Carefully defined interfaces designed to be clear, impossible to misinterpret and which are designed to be parsed and implemented without doing anything requiring some kind of fiddly parsing that can lead difficulties, and small enough that someone can implement them in an afternoon; and then you combine that with a machine inherently robust to things like buffer overflows such as Harvard architecture type things, and it's easy even for a single engineer to program something like that up on an FPGA.

Spooky23 10 months ago | parent [-]

You don’t.

You hire them for other lower priority roles, but they are inside the firewall. Most large organizations have an immature zero trust environment.

Look at the Microsoft PKI breach. The adversary was able to compromise certificate services in a corporate dev environment and parlay that in accessing US government mailboxes in a supposedly isolated cloud tenant. Microsoft has a world class security practice. The average Fortune 1000 is toast.

stackskipton 10 months ago | parent | next [-]

Microsoft PKI was because they were not doing world class security practice. For some reason, consumer environment could sign corporate environment logins. Also, they acquired some company and instead of issuing them new hardware to ensure it wasn't compromised, they just let them onto their network.

When you read the report, it was very clear that Microsoft wasn't doing "World Class Security Practice", they were taking shortcuts like everyone else does.

Spooky23 10 months ago | parent [-]

Yup. They fucked up pretty bad. How many places do you think are worse than them?

stackskipton 10 months ago | parent [-]

Probably all of them because no one loses money for bad InfoSec practices.

impossiblefork 10 months ago | parent | prev [-]

But Microsoft doesn't take this approach at all.

Their software is huge, with all sorts of things integrated into it and no focus at all on keeping the software small enough that one person can read it through with such care that it can be assured to be secure.

They probably run their cloud stuff on processors that can reorder instructions and all sorts of things, whereas what I'm arguing for is simple computers, things that can run a text-only search engine and where the text editor is substantially simpler than nano.

Where you decide exactly what your requirements are and make a system which solves that problem and nothing else.