There’s an interesting audio file about the next 50 years of computer security, it’s from a talk Alan Coxa a fellow at Red Hat Linux gave recently at the European OSCON.
It talks about the implementations of modularity, trusted computing hardware (we are already seing this in part, hardware anti-virus implementations and DRM to be built into CPUs), ‘separation of secrets,’ and overcoming the challenge of users not reading dialog boxes, will be crucial milestones as we head on to the future. He states: “As security improves, we need to keep building things which are usable, which are turned on by default, which means understanding users is the target for the next 50 years. You don’t buy a car with optional bumpers. You can have a steering wheel fitted if you like, but it comes with a spike by default.” All of this has to be shipped in a way that doesn’t stop the user from doing things.
Security and validation are critical issues in computing, and the next fifty years will be harder than the last. There are a number of proven programming techniques and design approaches which are already helping to harden our modern systems, but each of these must be carefully balanced with usability in order to be effective. In this talk, Alan Cox, fellow at Red Hat Linux, explores the future of what may be the biggest threat facing software engineers, the unverified user.
Of course security is always a balance between usability and actual security, the more secure something is, generally the less usable it becomes and vice versa, imminently usable…totally unsecure.
What else do you think is going to happen? For better or worse..
Source: IT Conversations