[trustable-software] A problem with Open Sftware

Paul Sherwood paul.sherwood at codethink.co.uk
Thu Sep 29 15:06:15 UTC 2016


On 2016-09-29 15:13, John Lewis wrote:
> See the comments about 2/3 down
>
> https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet [1]
>
> Quite frightening isn’t it?

Ouch! Yes, this is scary.

> It has been there for 2 years and during that time a lot of exploits
> could have been developed. Because exploits have not been seen,
> doesn’t mean they have not been produced and are not sitting there
> waiting to be activated.

The same is undoubtably true of many other projects, both open and 
proprietary.

> BTW, another problem with MC software is that
> if it is compromised, how to you clean it - you cannot just do a 
> clean
> install.

Agreed.

> Standards are all well and good and people can argue about them till
> the cows come home (they do - I used to sit on an ECMA Committee) but
> the reality is that many commercial companies like Redhat do not have
> sufficient incentive - the market pressures are too great - to 
> produce
> Mission-Critical Software. I regard OS software as being MC.

Yup.

> No, we need a different approach to producing and protecting MC
> software. I think it is going to come from AI/machine
> learning/automated V&V rather than trying to define and enforce
> standards (a 1980s approach).

That's an interesting angle, also echoed by Jen-Hsun Huang in his 
NVIDIA keynotes recently - AI software writing software. While that 
sounds exciting and plausible, but

- as Niall mentioned a while back [1] AI is itself hackable
- we'll no longer be able to understand the algorithms in the code 
itself
- what if the underlying substrate for the AI is compromised

> The core though has to be something like SeL4, or better, a 
> capability
> architecture like Capsicum.

I assume you mean [2], but it's completely new to me - I'm adding it to 
my research list.

br
paul

[1] 
https://lists.veristac.io/pipermail/trustable-software/2016-July/000005.html
[2] https://www.cl.cam.ac.uk/research/security/capsicum/



More information about the trustable-software mailing list