Small codebase as a prerequisite for security
Sean Lynch
seanl at literati.org
Fri Feb 12 13:40:53 PST 2016
On Thu, Feb 11, 2016 at 8:20 PM Peter Gutmann <pgut001 at cs.auckland.ac.nz>
wrote:
> Sean Lynch <seanl at literati.org> writes:
>
> >I'm not talking about raw size or complexity here; obviously having lots
> of
> >features and support for lots of devices means high complexity, but it
> doesn't
> >require that all that complexity run with full system privileges.
>
> XKCD is, as usual, most apropos here:
>
> https://www.xkcd.com/1200/
>
> A huge amount of embedded stuff doesn't even have a kernel mode, because
> its
> irrelevant (or, if the hardware does actually support two different modes,
> everything is run in the highest-priv'd mode). Either the system is
> robust/secure/reliable or it isn't, whether there's a kernel/user split is
> irrelevant.
>
Obviously on a device with no MMU or supervisor mode everything running on
it is your trusted computing base.
Security is not binary.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1382 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20160212/91b1e969/attachment-0002.txt>
More information about the cypherpunks
mailing list