Re: [colorforth] DARPA takes aim at IT sacred cows
- Subject: Re: [colorforth] DARPA takes aim at IT sacred cows
- From: kbk@xxxxxxxxx (Kurt B. Kaiser)
- Date: Fri, 12 Mar 2004 22:52:56 -0500
John Drake <jmdrake_98@xxxxxxxxx> writes:
> What he wants is a virus proof system. I want that too. Some
> people have made some headway in this type of research though it's
> not currently "commercially viable".
Virus? That's easy. Don't use Windows, it has a lousy security
model.
Most of the military boxes are running Windows, even many of the
warfighting systems.
It's true that Linux and *BSD are not invulnerable, but the risk
is much lower:
http://math-www.uni-paderborn.de/~axel/bliss/alan_analysis.txt
OpenBSD is my choice. One remote hole in the default install, in
seven years (and it was fixed immediately). No execution on the
stack; stack canaries, audited code, etc. etc.
Don't install untrusted code. Don't run as root.
As long as the user is able to install executables there is the
possibility of trojans. On a military computer, especially a laptop,
the systems should be signed, authenticated, and not capable of being
altered. But never fear, "trusted computing" is headed our way and we
will all be in that boat soon. You can't even discuss how your dvd
player accomplishes this w/o risking jail time. Your "computer"
(i.e. internet multimedia viewer) is next.
>> The opinions which are reported are more applicable to a dedicated
>> (wireless) military network. They don't have much bearing on the
>> internet (hopefully).
>
> I'm not sure why you would add "hopefully" to that last sentence.
Because the gist of this is layers of privilege/priority. The net
is already becoming a "consume only" utility for most people.
> First of all the Internet was originally designed for military use.
> Now they are rethinking that design. If this "rethinking" results
> in more resilient systems then we'll likely see the new technology
> crossing over into the private sector. If it doesn't work then we
> won't. Either way it's a "win/win" for the Internet, or precisely
> for people who use computers to communicate.
>
>> I expect the military to require large numbers of small, autonomous
>> entities communicating at fairly high BW. Sounds like a job for
>> dedicated hardware, i.e. Forth chips.
>>
>> --
>> KBK
>
> Yep. Plenty of good research opportunities. There's a lot that can
> be done in the relm of self-organizing wireless networks. For
> instance one could build a complete "peer-to-peer" wireless net that
> operated in the unregulated "Wifi" bandwith. My PDA sends a message
> to your PDA which keeps forwarding it till it gets to the correct
> destination.
Check Roofnet and the technical papers out of MIT written by the
implementors. It turns out that there is a bandwidth problem because
the assumption that traffic is higher between local nodes than remote
notes is faulty. Without a backbone the type of communication carried
on the internet saturates the nodes and the ad-hoc mesh doesn't scale
well. Much work is being done in this area. But this is why traffic
has to be prioritzed.
The ham nets tend to emphasize communication where the quantity is
inversely proportational to the distance, I believe. Long haul tends
to be a different channel.
> Just one idea, there are many. But don't worry. The current
> generation of the Internet won't disappear just because DARPA is
> thinking. But the future may be better than the present because of
> this. I recall some time back threads about "rethinking the
> Internet". Well for whoever's interested, here's your chance.
It will have to be a (wireless) parallel net. That may happen anyway,
the media and Microsoft are well on their way to locking up the
existing net so it would only be used by authorized commercial
enterprises. Everyone else pulls from their ISP or browses port 80.
Hopefully the FCC will continue to be benevolent regarding non-
licensed spread spectrum bandwidth. But the opposing forces are
gathering because they know it means they lose cotrol again.
--
KBK
---------------------------------------------------------------------
To unsubscribe, e-mail: colorforth-unsubscribe@xxxxxxxxxxxxxxxxxx
For additional commands, e-mail: colorforth-help@xxxxxxxxxxxxxxxxxx
Main web page - http://www.colorforth.com