|
Message
From: Charlton Heston<claudevms@c...>
Date: Tue Mar 22 23:51:23 CET 2005
Subject: [oc] Hardware and OS integration and security
I am interested in how current hardware designs constrain operating system design
and how functions from both directions could better benefit the user if functions
are moved from one medium to another. The goal is to provide a secure computing
environment with the system owner in the position of making decisions and administrating
the computer s/he has purchased. This is a consumer centric approach to security that
achieves security and would compete with the current Trusted Computing Platform Alliance (TCPA)
that seeks to mandate Fritz-chips on every computer and is supported by large companies
who want to enforce DMCA and DRM for the movie and music industries.
Obviously, this type of project has a large process component that requires schooling governements
on the need to protect consumer rights and remind them that companies have to wait for crimes to be commited
and address the crime in the courts system. It's unreasonable to treat all computer users as guilty
and put their computer in "jail." Schooling businesses is also needed - we do keep them in business.
A persons' home is her/his castle.
An alternative technology archiecture is needed to counter TCPA.
The goals of the alternative technology architecture is to present to business and government
that consumers can have a trusted computer. The computer is trusted to not have viruses
and will not allow the distribition of viruses. The computer can execute both commerical and
Open Source software.
The technology components are as follows:
1. Encrypted instruction sets - What is the overhead of translating instructions via a lookup table
in the cache prior to execution of the instruction? If a processor had this capability every buffer overflow
would get translated into garbage and not execute. The system owner could translate software
based on the lookup table in the install process using tools that come with the operating system
that executes in this environement. Disk space is cheap so a user could even use several
encrypted versions of their favorite OS. Since no one knows the translation lookup table no viruses
could execute on the computer. This would end the code and patch cycle. By the way this idea was patented
in the 1970s but not for virus protection. Obviously, the computer owner must not install any viruses
to protect her/his computer but other computers will not let it in the door or allow it to propagate
across the network by using this approach.
2. A shadow stack could be built into the processor. Comparing the shadow stack to the final stack
using the shadow stack on procedure return could determine if the stack was over run. The stack would be activated when RAM is installed in a special slot on the motherboard to prevent hacking some system
parameter to turn it off. I haven't fould this idea in any papers on the Internet so far...
3. Multiple instruction set processors. Java virtual machines provide extra security by doing careful
bounds checking on arrays, etc... Perhaps a processor could be built to use multiple instruction sets
where additional checking can be done faster.
4. Better processor virtualization. The i386 uses a register to contain the physical address of the page tables
while other processor designs allow virtual addresses to be used thus allowing the processor to virtualize itself.
This allows for the building of better "sandboxes" to test software.
"Open" is the right direction. Preserving Open access to the Internet is important.
Preserving access to Open source is critical. TCPA, DMCA and DRM and politicians present
a real threat today if you can believe the news.
If this or similar projects are being worked on please point me in the right direction.
Thanks,
-ClaudeVMS
-------------- next part --------------
An HTML attachment was scrubbed...
URL: attachment.htm
|
 |
Browse
