ydns' blog
information security, the outdoors and me RSS 2.0
# Saturday, October 20, 2007
The Write-Once OS
I have been thinking more about trust and its importance in a computing environment.  Since there are so many ways to erode or remove trust altogether it seems that we need to do more to provide solutions to combat these attacks.

The key benefit with computing technology is that it is so dynamic.  This capability enables us to change anything in a nanosecond.  This is also a huge risk.  What would happen if you removed the element of change from a computing environment?  Would it cease to have value?  I think not.  I think that the recent surge of CD bootable OS images and virtualized images are merely one phase of this trust recovery process.  The next phase is creating "write-once" environments that cannot be modified by API.  Simply revoke ALL write API access to the disk.  Force all activity to occur in memory.  This of course has constraints, but systems are more powerful everyday.  Its only a few years away that we will have many GB's of memory in systems as a low end standard.

A write-once OS would improve the trust level it provides by preventing any changes to it on the fly.  The concern of course is that all of its flaws are persistent as well.  oh well, mankind has yet to make a perfect piece of software.  I guess we'll have to live with that human flaw.  A write-once OS should be as locked down as possible of course to reduce its attack surface area.  Of course data storage will need to happen elsewhere.  And session persistence is not a trustworthy goal as the session data needs to be stored elsewhere and could have been polluted/infected.

Now this is an area Linux could easily excel in.  The write-once OS.  This would need to be refreshed/recompiled (possible by the user as well) so any vulnerabilities or features can be released.  Sure, you need to download a 10-20GB image, but at least once you securly load it, you won't have any questions.

Perhaps its even possible to convert the concept to hardware - the hardware linux OS.  Not only is it not modifiable, but you never have to doubt it - ever.  This is merely a thought, I've no experience in OS design, but I suspect this is possible, just by forking linux.

Saturday, October 20, 2007 12:56:38 PM (Eastern Standard Time, UTC-05:00)  #    Comments [0] -
tech
Navigation
Home
My Resume
Bink
CERT
Microsoft Technet
SANS
Security Focus
dasBlog
SourceForge
Categories
 
 
 
 
 
 
Archive
<October 2007>
SunMonTueWedThuFriSat
30123456
78910111213
14151617181920
21222324252627
28293031123
45678910
Blogroll
About the author/Disclaimer

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

© Copyright 2009
ydns
Sign In
Statistics
Total Posts: 68
This Year: 1
This Month: 0
This Week: 0
Comments: 3
Themes
Pick a theme:
All Content © 2009, ydns
DasBlog theme 'Business' created by Christoph De Baene (delarou)