Monday, April 04, 2005
Will hardware security devices save us?
If you've been reading my rants for a while you can guess my answer ("No. Duh!").
A writer named John Leyden has a perceptive critique of hardware security devices. He points out that a lot of them are poorly designed. He actually understates the problem of deliberately inserted back doors -- engineers like to have those while they're debugging a gadget and they don't always get removed.
I'd add to his critique that it's hard to find pure "hardware" any more. Your little DNetLinkGearSys firewall box is actually a small computer running software which screens your network traffic.
What I like about having dedicated hardware devices in your security system is that it's (relatively) hard to change the software they're running, and they tend to be a lot simpler than your PC. Simplicity means there are fewer things to go wrong and fewer openings for bad guys to attack. And from a security point of view it's way too easy to change software on your PC, as witness the current epidemic of spyware. Single-purpose hardware has the advantage for reliability, other things being equal.
|
A writer named John Leyden has a perceptive critique of hardware security devices. He points out that a lot of them are poorly designed. He actually understates the problem of deliberately inserted back doors -- engineers like to have those while they're debugging a gadget and they don't always get removed.
I'd add to his critique that it's hard to find pure "hardware" any more. Your little DNetLinkGearSys firewall box is actually a small computer running software which screens your network traffic.
What I like about having dedicated hardware devices in your security system is that it's (relatively) hard to change the software they're running, and they tend to be a lot simpler than your PC. Simplicity means there are fewer things to go wrong and fewer openings for bad guys to attack. And from a security point of view it's way too easy to change software on your PC, as witness the current epidemic of spyware. Single-purpose hardware has the advantage for reliability, other things being equal.
# posted by Frederick @ 2:46 PM Email to a friend:
Haloscan: they provide trackback