undefined | Better HN

0 pointsforgotpwtomain9y ago0 comments

> I thought that at one point but DOD tried and nobody wanted the stuff. COTS, low-cost, and high-speed above all else even for critical stuff. Government kept trying with Common Criteria but almost all vendors and customers went for least secure stuff. NSA tried again with programs like SPOCK that evaluated Sentinel's HYDRA firewall. Defense contractors and DARPA/NSF-funded groups keep making stuff. Basically nobody buys it.

> So, I blame the demand side instead of NSA. If market gave a shit, NSA would be working their butts off trying to get anything done in a memory-safe, type-safe, CPU-on-up system. But no... Least we're going to see another effort with the Dover to integrate RISC-V with SAFE architecture's PUMP. Both RISC-V and SAFE were U.S. government funded IIRC. Years of papers on both with no uptake in industry or FOSS for even SAFE's basic techniques until Dover.

And instead we get Intel ME. I seriously don't know what to think.. Certainly the later is a sub-system that 99% of users don't care for or want but will still happen to have (and all vulnerabilities associated). If opposite is possible why couldn't they shove a safer system down users-throats after all?

0 comments

3 comments · 1 top-level

nickpsecurity9y ago· 2 in thread

Intel tried to do the right thing three times:

https://en.wikipedia.org/wiki/Intel_iAPX_432

https://en.wikipedia.org/wiki/Intel_i960

https://www-ssl.intel.com/content/dam/www/public/us/en/docum...

Backward compatibility with insecure apps, language, and OS features above all else is what market said. That plus raw speed. The above projects collectively cost Intel over a billion dollars that they didn't make back. i432 died for sure. i960 is in legacy mode with security features turned off or removed. Itanium is in downward spiral. Realistically, they should just modify x86 to support C safety like Cambridge's CHERI or other group's Hardbound are doing. Then, they get compatibility + safety.

They're probably just too afraid to make another attempt after loosing a billion to a market that said "F* security or software maintenance." Giving them the insecure crap they demand is actually the ethical choice in capitalism given they'll put you out of business otherwise. Only two that ever made it with a Right Thing approach were Burroughs B5000 and System/38 (aka AS/400). Both turned off hardware security due to user demand (performance over security) but kept OS architecture. Both still sell.

slededit9y ago

They are making some more attempts with MPX.

https://en.wikipedia.org/wiki/Intel_MPX

nickpsecurity9y ago

It's just an extension for one problem. A good thing that's happening. It's not a solution to a bunch at once. They're not risking it. Maybe they'll do it incrementally over time.

j / k navigate · click thread line to collapse