On Wed, 05 Dec 2007 22:45:39 EST, Dude VanWinkle said: > You are right, thanks for all the careful planning and well thought > out infrastructure. I mean, who could have thought that the ability to > reach into the homes of every tom dick and harry as well as every > company on the planet would be used for swindling cash? I'd like to see you find *any* evidence that the guys who did the original design work had *any* serious reason to expect that 15 years later, somebody would change all the AUPs and let Joe Sixpack on the net. For that matter, you're welcome to come up with security protocols that would have been acceptable on the hardware of the time, or in the computer culture of the time. Remember - we're talking about a time when you really *could* get all the TCP/IP users on the planet around one table in a conference room, and picking up the phone, dialing a number you knew already, and saying "Hey Bernie, will you smack your user upside the head?" and know that Bernie would do it, because Bernie was expecting you to do it if he called you. Some dude at MIT called Stallman was even running machines that didn't have passwords, and everybody logged in as "system admin" - and the world didn't end. Now tell me how you would have imposed the sort of security needed today on that environment. ;) The tech was different, the culture was different. The amazing thing is that it still works as well as it does in today's tech and culture. > So you knew this 30 years ago, and didn't change squat, and we are > still dealing with it now. A lot of us understood all this 30 years ago, but some vendors made conscious choices regarding the usual security/bling/ease-use trade-offs that in retrospect, were not in the community's best interests. > How fuscking hard is it to design a system > with separate processors|memory for command|data channels? It's not hard - it's called a Harvard architecture (as opposed to the Von Neumann architecture we know and love, where one memory has both program and data in it). The problem is that *loading* program code into such an architecture requires some finesse, because almost by definition, the program loader is treating some other program's code as data, and thus shouldn't be allowed to do a "data store" operation into "program storage" memory locations (Go ahead - *try* to write even a simple program loader that doesn't treat the loaded program's bytes as data - it *is* fsck'ing hard.. ;) Or you could go the EEPROM/CDROM route like most game consoles did. That's easier on the practicality side, but still isn't as flexible as a general-purpose PC.
Attachment:
pgpDfrDbgONdA.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/