So What Should A Secure OS Look Like?

This is a post series on cyber crime. For more posts click here or the cybercrime tag below.

Last week, I posted Karl Denninger’s rant on how MS and Apple had dropped the ball on computer security.  The fact is that the current ransomware epidemic is the result of a four decade denial to understand that this problem even existed.  Having had Windows 10 installed on the computer and using it for the last couple of months now I don’t see much effort to take things in the direction I think that the way things are going are going to force them to go.

Frankly this should have been considered a long time ago. We’ve all been spoiled and it’s not as if Hacking and computer security hasn’t been an issue. Yet none of the OS providers, including Linux seem to have invested much effort into creating the tools that make it easy to partition and protect drives and partitions from open access.  That needs to change.  There need to be tools installed and easily accessible to allow users to partition and separate data from the network access.  These days computers are storing immense amounts of irreplaceable personal and corporate data that can be read or destroyed by any Tom Dick or Harry that gets access to the machine. It wasn’t that way before the PC, there’s no true reason, other than “we’ve always done it that way” to set up a system so that it’s not secure.

How might this be done?  Well the old Unix system was set up so that individual spaces could be secured. If people want to know what can be done to partition and fence data so that it can be secured, that’s where I would start.  Get a 1990’s vintage copy of BSD UNIX and play with how it works.

https://en.wikipedia.org/wiki/Berkeley_Software_Distribution

The fact is that unless resource access control becomes THE issue in the next round of OS updates, we will ALL be held for ransom.  There’s no way the security firms can keep up with the infiltration efforts that the cybercriminals come up with and without being able to fence data, the users are going to be helpless.

This week in ransomware:
http://www.bleepingcomputer.com/news/security/the-week-in-ransomware-september-16-2016-stampado-locky-atom-and-more/

 

Advertisements

4 comments

  1. Frank Green · September 18

    What could BSD do then that Linux can’t do today?

    Like

  2. spindlitis · September 20

    I’m not sure of the difference in how BSD handles security vs Linux. I worked with a unix admin that insisted BSD was more secure. I can research for more information on secure systems, but are there any resources that you’d recommend as a starting point on security? (I’m running Linux Mint, but like to experiment with other distros.)

    Like

    • jccarlton · September 20

      The way it was done was each user could only use the files and software that they had permission to use. Back in the 1980’s and early 1990’s the idea of an individual computer was still fairly new and that’s how things networked. The problem is that MS came along in the 1980’s with DOS and because DOS boxes were separated or shortly thereafter were on small networks security wasn’t that big an issue. Nowadays that has changed. The way the old BSD did it was that each drive, folder or file for that matter could have it’s read write privileges set . We need a way to get that utility back so that users can put stuff in “safety deposit boxes” so people can’t just poke in and wreck all there stuff.

      Liked by 1 person

      • spindlitis · September 20

        But isn’t that the same way that any UNIX based system would work? I understand the difference between BSD and Linux as an OS now but thought the file systems had a similar structure of user directories.

        Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s