Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
impossiblefork 2 days ago

But why you hire consultants to solve core security problems?

Furthermore, surely it would just be one guy who knows OS and FPGA stuff and another guy to check it?

What I'm arguing for is that a sensible solution to security problems is to avoid complexity, so that things can be obviously secure.

Carefully defined interfaces designed to be clear, impossible to misinterpret and which are designed to be parsed and implemented without doing anything requiring some kind of fiddly parsing that can lead difficulties, and small enough that someone can implement them in an afternoon; and then you combine that with a machine inherently robust to things like buffer overflows such as Harvard architecture type things, and it's easy even for a single engineer to program something like that up on an FPGA.

Spooky23 2 days ago | parent [-]

You don’t.

You hire them for other lower priority roles, but they are inside the firewall. Most large organizations have an immature zero trust environment.

Look at the Microsoft PKI breach. The adversary was able to compromise certificate services in a corporate dev environment and parlay that in accessing US government mailboxes in a supposedly isolated cloud tenant. Microsoft has a world class security practice. The average Fortune 1000 is toast.

stackskipton 2 days ago | parent | next [-]

Microsoft PKI was because they were not doing world class security practice. For some reason, consumer environment could sign corporate environment logins. Also, they acquired some company and instead of issuing them new hardware to ensure it wasn't compromised, they just let them onto their network.

When you read the report, it was very clear that Microsoft wasn't doing "World Class Security Practice", they were taking shortcuts like everyone else does.

Spooky23 2 days ago | parent [-]

Yup. They fucked up pretty bad. How many places do you think are worse than them?

stackskipton 2 days ago | parent [-]

Probably all of them because no one loses money for bad InfoSec practices.

impossiblefork a day ago | parent | prev [-]

But Microsoft doesn't take this approach at all.

Their software is huge, with all sorts of things integrated into it and no focus at all on keeping the software small enough that one person can read it through with such care that it can be assured to be secure.

They probably run their cloud stuff on processors that can reorder instructions and all sorts of things, whereas what I'm arguing for is simple computers, things that can run a text-only search engine and where the text editor is substantially simpler than nano.

Where you decide exactly what your requirements are and make a system which solves that problem and nothing else.