Friday 18 September 2015

Unhackable? I Guess it's Possible...

Stories have been doing the rounds this week of an "unhackable" computer. Of course, these are not strictly true. More credible media reports an "unhackable" kernel - here in New Scientist. The kernel is the complicated bit of software that lets other stuff (so called "userspace") not have to worry about directly fiddling with the hardware, and makes sure all of userspace plays nice together. Here's the page with the FAQ from the folk who built it.

Of course, making an unhackable kernel is an incredible feat - though calling it "unhackable" is a bit more fluff in my view (totally forgivable, given the achievement, mind!). I remember looking at formal proofs in my student days. This stuff is hard. To prove a whole kernel does what it says on the tin. Wow. To do it without needing to trust your compiler? Even better.

Don't think though that this is going put AV vendors out of business any time soon. The overwhelming majority of security break-ins have been due to userspace software - think heartbleed for example - or due to errors at "layer 8" (those foolish bags of meat that drive computers). As such, just having a secure kernel is only going to get you so far - which is why this is useful in things like military drones: you can start to write formally proven drone software, and no-one is going to install adobe flash on a predator drone (please, FFS tell me they aren't!).

What this should do, though is inspire confidence in "the Internet of Things" - well, at least a bit. If my door locks are going to be on the Interwebs, I damn sure want them running a kernel like this that's formally proven and open source. Sadly, we will probably end up with a load of never-updated proprietary hoo-ha that's got more holes than a hedgehog's pillow.

I used to Write a Blog you Know...

So, this week, I changed jobs. The last 12 years, I spent with Smoothwall, which was a lot of fun. All good things, as they say, must come to an end, so here I am.

Anyway, I used to write news articles for the website, back before this newfangled "blog" idea was born ;) and in latter years, I wrote more than a handful of articles for the blog. Now, it was always a bit of a chore coming up with articles, but then I was rather constrained in my topics, so hopefully, this blog will prove easier to write. Not sure. My brother, Will, has a blog, he says its a real pain in the backside coming up with content. He's usually right. This is probably a dreadful idea. And his template is more stylish than mine.

Ah well.. I should give it a shot, shouldn't I?