The kernel of the argument - Torvalds on Securty - Washington Post

Great article

If you want to watch the video you have to disable adblocker.

I think Linus is right, if you’re not taking a holistic approach and viewing your system and it’s security as a whole you’re doing something majorly wrong. I’ve noticed how people tend to get far far too fixated on single issues or details and forget all the other issues that are connected to them. Oh no the kernal has a bug or a security issue! But does that get covered by the operating system or something we could do with our behavior or some other software? Same goes for any system.

2 Likes

It boils down to something the article never mentioned and that is exactly what are some of the security concerns?

Some take the view that you can never have a 100% secure system, so then where does one draw the line.

I do not agree with the portrayed attitude of Linus given by the article. But is that reality? The holistic approach + assuming that any system may be hacked will ensure that procedures are in place to minimise the effect or consequences.

But a certain amount of security is essential, otherwise the OS would be hacked constantly.

Remember that in the physical world security has measurements/ratings. For instance doors are rated for effort/how long it takes to get past it. Safe’s have a # minutes rating. Most commercial safes are in terms of a few minutes. The world has long recognised that security is never absolute, and to try and obtain such requires tradeoffs in usability, expense etc.

2 Likes

Well it’s Linus. All he does is trashtalk. Nothing that I have problem with, just amused by his personality. I’m just saying that he’s not very good at providing reasons of why certain things does not work, or reasons it is not secured enough.

1 Like

I’m with Linus on this one

3 Likes

I agree with Linus. The kernel should be focused on interpreting commands from the OS to the hardware. Any bugs there will surely be a security vulnerability. If you had to input a password every time you needed an operation performed though, forgeddabouddit. Security comes in many different forms. Some people just don’t have the frame of reference to view them all.

3 Likes

This isn’t necessarily a bad thing so long as this leads to improvements in security. Kind of like how an immune system would adapt to constant invasions of pathogens. Being invaded or attacked isn’t bad so long as you can adapt and improve.

Typical example is Web servers with SSL cert. The security is not lacking: you start service and then you enter cert password.
How many people actually do that? Noone. I bet this forum doesn’t do it either. (I don’t do it on my SSL-enabled sites, of course).

Also, knowing about all the ways that State actors with essentially and comparably unlimited funding can pwn any OS, the illusion that security could be considerably improved without completely ruining usability is laughable.

Security of any OS can be considerably improved by making 10-20 minutes worth of modifications in settings. Most people don’t want to invest 30 minutes in checking security how-to’s and implementing them (and even if they do, they’re only secure from unsophisticated attacks). I said it here, resistance is almost futile. Yesterday I read how with IoT State actors are planning to spray the world with “hacking sonds”, so to speak, to gain almost perfect visibility and reach anywhere in the world (regardless of what your bespectacled EU commissioner, who’s never installed Windows in his life, told you).

And on this forum we’ve seen the usual attitude toward security dozens of times: everyone wants to have a perfectly secure OS or h/w device, they don’t want to pay for it, and if there was a give-away they’d prefer the device to also have 2FA and password recovery so that they don’t get inconvenienced by the too-tight security.
All in all, it’s not that dissimilar from the pathetic state of democracy in the Western world: 99% of voters expect to get something for nothing and are willing to endure zero inconvenience to protect their freedoms. Linux is not nearly as bad - at least you get a choice to harden it or use FreeBSD or whatever.

1 Like

It’s like using anyone else’s creation/toy. You inherit the inherant compromises that they made coming up with it.

An example of good vs bad security is between linux(unix) and (prior versions of) windows.

Linux implemented the correct onion scheme for OS -> apps where app cannot perform functions directly in the lower privilege layers and relies on the interface between each layer. But Windows allowed IE to “tunnel” into the kernel layer to perform some things (similar for drivers until the latest versions)

This what you might call natural security where a higher layer has to “ask” the next lower layer to perform an operation that requires greater privileges.

That is one example of where linux has good security model and is built into the design rather than added. Windows just kept adding security in a patch work manner and why IE for over a decade was one of the biggest security flaws, it was allowed direct access to kernel layer privileges/functions.

From this you can imagine plenty of other areas security can be automatic by design (eg drivers)

What I have never investigated is how Linus approaches this and what security is designed in and what security he feels should be left out to keep speed etc. So the article fails. It failed to illustrate any of these, it adds fear to the reader without giving the reasons.

3 Likes

I wouldn’t be surprised if this was just a FUD campaign against Linus perpetrated by SJWs.

6 Likes

sigh all too likely.

Though, they could’ve chosen a more seductive title picture…I mean, ESR isn’t even looking at the camera in that one!

Linus:

Imagine, Torvalds said, that terrorists exploited a flaw in the Linux kernel to cause a meltdown at a nuclear power plant, killing millions of people.

“There is no way in hell the problem there is the kernel,” Torvalds said. “If you run a nuclear power plant that can kill millions of people, you don’t connect it to the Internet.”

Or if you do, he continued, you build robust defenses such as firewalls and other protections beyond the operating system so that a bug in the Linux kernel is not enough to create a catastrophe.

Yes, paying too little attention to security is far more about idiots putting Wi-Fi interfaces and USB ports on safety critical systems like Nuclear Power Plants and car engine management systems. Or, we suspect, aeroplane control systems.

Not to mention creating centralised databases of highly valuable information about millions of citizens.

Linus knows more about creating secure systems than anyone who ever thought those were anything but dangerous things to do.

1 Like

“The market for that is pretty small in the end,” he later said of Spengler’s project. “Most people don’t want the Grsecurity system.”

I say this, and the massive success of both windows and linux dispute their respective security concerns (seemingly a lot less in Linux’s case), puts the idea of focusing the marketing of Safenet on it’s security in a pretty damning light.

Well, it isn’t be best motivator out there, but remember, when we’re talking security we’re talking two things:

  • Security from hackers
  • Security from data loss

One of those may be much more convincing than the other.

I agree that people would be interested in their data being backed up/protected from loss, though that’s one unusual use of the term “security” that your using.

Have you seen the first season of “Mr Robot”?

Yeah, it’s security alright. Tape drives can be erased, hard drives wiped. All accidentally or on purpose. The data security that the SAFE Network implements mitigates those risks.

One of the early virus’ on PCs asked the person to insert backups into the backup drives.

Many office staff did just that, the computer told them didn’t it.

The old saying still applies: No one ever got fired for listening to a computer :slight_smile:

1 Like

Let me fix again

“Celebrity programmer Eric S. Raymond has aired a CONSPIRACY theory that feminist activists are trying to find a way to lay false sexual assault claims against male leaders of the open source community”

reading the article you linked I start questioning the health of mind of whoever thinks this is some kind of journalism and not just some weired “he said, she said and I BELIEVE IT” stuff. Get a grip, really.