Author: devway (from xfocus BBS)
As a reality, network security has three stages: emergence, development, and extinction. Of course, this is from the perspective of the philosophy that everything begins and ends. What we see at the lower layer of technology is code. What we see from the philosophical perspective is the weakness of human nature.
In terms of the most basic principle, security is caused by the inconsistency between the physical level of the computer and the mental level of the person. Although the gap between the two can be compensated through a good human-machine interface, humans may never reach the realm of completely connected with machines. If we regard the physical body as part of the physical world, we cannot fully understand and control our own bodies, let alone the computer that was born less than a century ago. Therefore, the gap between the spiritual and physical worlds is the birthplace of all security issues. Today's and the future's security problems are not generated from this source by integrating various environmental changes.
A software, specifically a program, is born and terminated. The producer and user are often not the same person. If the author and the user are not the same person, their respective understandings of the program are different, which is a gap. If there is a gap, there will be security issues. From this we can recall the story of tongtian tower. People and even the spiritual world between individual and individual are separated, not mutually understandable, or even excluded, or even hostile. The discord in the spiritual world has resulted in the fact that we need complex and complicated social rules to ensure that so many spiritual worlds can live in peace. In a sense, the purpose of our survival is to get along with each other and everything else is a representation.
Compared with the spiritual world, the program is slightly better because it can be precisely replicated. It can even run on a computer with the same hardware. But this is just a representation. There are no identical two leaves in the world. When there are no identical computers. Can a computer from the same manufacturer, batch, or production at the same time be the same? No. Their clock settings are always different. The exact replication of the Program on the two computers also changes due to hardware differences, thus affecting the running results of the program. What makes this difference? At the very least, we hope that the performance of the program will be the same everywhere. What a luxury is it.
It takes thousands of years for a person to get a little safer from history to the present. Yes, a little. Think about the world war in the last century and the Indian Ocean tsunami last year. Of course, humans are now more secure than Ru Mao in terms of individual feelings. However, the ultimate goal of mankind is far from being achieved. In contrast, the computer race (for the sake of simplicity) has not been around for 60 years. It is just a matter of fact to use Chinese computing. The rise and development of networks are still shorter, just decades ago. More important roles in the online world often appear only a dozen or even a few years ago.
Whenever there is a major change in history, the most painful thing is human beings. Because the old gap has not been completed yet, the new and larger gap has emerged. A group of activists rushed forward, but fewer and fewer runners followed. Humans are like streams, which have been flowing too long. The momentum is getting weaker and the traffic is also decreasing. If a terrible situation occurs, for example, when activists start to misselect the target in the desert, the last day of the torch of humanity will not be far away. (We hope that new areas we will enter will bring new oasis for ourselves, where there are Ganquan and jungle .)
Therefore, all security problems begin with gaps ). For example, if we design the compiler and CPU from now on, will there be buffer overflow? What we see here is the gap between history. People cannot go beyond the times in which they live, and the changes in the times lead to unexpected new barriers. In the same era, there is also a gap between people. Programmer A's program calls programmer B's program. What interfaces A and B think are not exactly the same. This is a potential security issue. Programmer programs and user programs may be much different: we have heard too many such stories.
I can't continue to talk about such an empty theory. Readers always want to get valuable things out of their valuable time to access the Internet. So, under the guidance of the gap theory, what kind of suggestions can I give for computer security?
1. Some of our current network elites try to make people ignore the most fundamental security issues. Firewall is the biggest culprit because it tries to mask its serious security problems. A huge medical industry will never replace the value of a healthy lifestyle. Fundamentally speaking, the ultimate goal of network security is to not need any firewall. For example, the best health for a single person is not getting sick, seeing a doctor, or taking medicine. We hope that the computer system will be strong enough in the future to allow people to run securely without using firewalls.
2. More code vulnerabilities than we can see. A large number of vulnerabilities are disclosed every day, just as we have discovered ice float at sea, and more vulnerabilities have not yet been discovered. Software and hardware are growing so fast that gap is growing. Code writers are unlikely to write secure code over time and space (which can run on any hardware in any age. The large amount of code left by the predecessors is unlikely to be completely rewritten by future generations. Because they are writing new code, the solution can only be run when it is run, and the problem is corrected.
3. The open-source movement attempts to bring humans back to the era before "building a tower of things. The advantage of open source is that we can eliminate the gaps between developers and developers, between developers and users, between the former and future generations from a single source code level, because we see the same thing. From this point alone, open-source is much more noble than non-open-source.
4. If the intelligence level is not enough, there is no difference between open source and non-open source. Open source tries to use a single language (Source Code) to eliminate the three barriers, but remember that all these people must understand the code in the same way, the gap between them can be minimized. If either party does not understand the source code or does not understand the source code, the good intentions of open source will be wasted, and the gap will not be narrowed, and it is estimated that it will be even bigger.
5. the more complex the system, the more components and the more gap. This is obvious: a complicated irrigation system is likely to leak more water than a cup. Vulnerability discoverers can track the flow of a piece of data in a complex system and discover new vulnerabilities. Of course, there is also a big gap between people designing complex systems and anyone trying to understand complex systems.
6. We are moving farther and farther in the Age of tools. With a slight analysis, we can find that people's brains have not made great progress over the years, and the top smart people are always so rare. What makes us more and more complex is that our tools become more and more complex. We only need to encapsulate the intelligence of generation after generation into one tool, so that later users can go a little farther with the help of the tool. As a vulnerability analyzer, the level of intelligence is similar to that of everyone. It depends on who has advanced tools.
7. The next generation of security tools will be something like dtrace. Dtrace is a new tool introduced by Sun in Solaris 10. It can dynamically track the running of a program. Debug is the master of the old world, while trace is the king of the New World. In the future, security analysts will have such a tool that can draw a program or a piece of data, draw a line between the platform and the operating platform, and what happened on the demarcation line.
8. In the future, the security control will be detailed to the demarcation line of each inch (as mentioned in recommendation 7 ). Thorough runtime control will be the core function of the next generation of security products. Runtime control not only controls the flow of data in computer systems, but also controls human-computer interaction. The system of people and machines will be handled in a unified manner, and security issues will be extended to every place of people's lives.
9. In the future, anyone engaged in security research will use the Gap Theory summarized in this article as the basic guide. From then on, the security industry will be shuffled, and code security will be taken into consideration from the strategic height of eliminating the gap and controlling the gap. The essence of security is to control the risks caused by gap in an acceptable range.
10. This article will inspire everyone's enthusiasm for theoretical research. This is a good thing. From Practice to theory, it will guide more practices. This is the basic law of things development, haha ..