"general purpose OS is fundamentally inadequate for trusted operations"

listo factor listofactor at mail.ru
Sat Apr 22 09:34:53 CEST 2017


On 04/10/2017 03:25 AM, Robert J. Hansen - rjh at sixdemonbag.org wrote:
>
> Preserve the security of your endpoint system.  Nothing else will do.
>

The year is 2017 and this is simply no longer a practical strategy:

"...Our position is that the general purpose operating system is 
fundamentally inadequate for trusted operations. One can have a
general purpose system or a trusted system, but one can't get both
in a single package. So one needs two..."

Quoted from an almost 10 year old paper "Choose the Red Pill and
the Blue Pill" by Ben Laurie and Abe Singer. Full paper pdf can
be found on the 'net. It's more than worth reading the whole text.

Smart card is not the device authors discuss in that paper, but
it is a small, evolutionary step toward it. It is the best that
many users who agree with the quoted sentence have at their
disposal at the moment. It might not prevent all imaginable
attacks, but it could prevent enough of those to make it worth
deploying.

Use of smart card is an operational complication, and it does
present a "barrier to entry". Consequently, the promotion of it's
use is frowned upon primarily by those that are more interested
in spreading the use of gpg for philosophical and political
reasons among those that don't have any real adversaries, rather
than in the protection - however imperfect - of those that have
real need for communication security.





More information about the Gnupg-users mailing list