I followed this suggestion in our lab, as you can see in Figure 1, entering xinput test 8 After entering xinput with no parameters, you see a list of the available input devices. As a simple demonstration, she proposed a small test with the standard xinput tool and two terminal windows. One of Rutkowska’s main criticisms of existing security solutions is the lack of security in X11: Because of the biblical age of the X window system, applications are not sufficiently isolated from one other. The current version of Qubes is the Beta 2 from February 2013 a third beta release is still under construction and was actually due for release three months ago. Rutkowska is currently working on Qubes OS, which is available under GPLv2 a final Version 2.0 Release 2 (or R2) will probably appear in early or mid 2014. Rutkowska is best known for her work on Blue Pill, which is a rootkit that attacks the guest system from within the hypervisor. She also considers artificial enhancements, such as SELinux, ineffective. All of the retrofitted security features, such as address space layout randomization, are reactive, meaning that they do not resolve the underlying programming error.Įven the highly successful approaches that have been taken by OpenBSD still do not go far enough, according to Polish security researcher Joanna Rutkowska. As a basic rule, prevention is better than a cure. In addition to these measures, OpenBSD incorporates a number of additional obstacles, which greatly complicate attacks if a security-related bug should happen to crop up.Įven Microsoft has copied this part of the strategy for Windows. According to most experts, checking the code is essential for any secure system, because the majority of all serious security issues are attributable to well-known programming errors.īreak-ins occur because of buffer overflows, format string vulnerabilities, off-by-one errors, and sometimes also because of incorrectly initialized random number generators.
OpenBSD also does everything right in terms of its design: It guarantees security through high-quality management, including code reviews, coding standards, and automated tests.
Does the world really need another operating system that claims to be totally secure? It already has OpenBSD, which has reported two remote vulnerabilities in the past 16 years – others can only dream of that kind of security.
0 kommentar(er)
