Feeds

Zero-day holiday

Sobering up fast

SANS - Survey on application security programs


The other fascinating technology found in the $100 computer is its wireless mesh networking, first developed at MIT’s Media Lab. This sort of organic proximity network and "viral broadband" (PDF) can be used to build an ad-hoc communications system, and could one day revolutionize social networks and the way people communicate - much like the internet itself. It’s ideally suited to use TCP/IP and can be highly effective even in parts of the world where the internet does not yet exist.

365-day holiday

I have been trying to discover some middle ground between the pristine vision of the "green computer" for every child and Bill Gates’ dream of a personal computer on every desktop - not two entirely different visions, I might add. As a visionary and a respected, powerful leader, Gates made his dream come true - and without any foresight into security, we are faced with the massive exploitation of the zero-day vulnerability we have today. Not only did Gates’ great vision make him the world’s richest man in the process, it also made him one the most generous - with an incredible $28.8 billion dollars in the Bill & Melinda Gates charitable foundation, here is a man who truly makes a difference in our world. With such good intentions, it’s too bad his software is so often found vulnerable to malicious use.

It is with some irony, therefore, that most of the world’s computers run Gates’ software but are now terribly vulnerable to exploitation, digital theft and criminal activity even as I write this. Hundreds of millions computers are vulnerable to the whims of just about any website owner, virus writer, or hacker with malicious intent. I can think of a thousand different ways to lure someone into full system compromise using this zero-day vulnerability - and I don’t think this is the vision Gates had ever dreamed of.

Contrast this with the vision of MIT’s $100 computer - and the view of it as an extremely safe, secure place for children to learn and grow. The goal is to build hundreds of millions of these machines, too. It’s unlikely that Gates would support it, though, as it will be running a flavour of Linux on AMD. It’s unlikely that Intel will support it as well, which might be the reason why it is one of the few organizations openly critical of MIT’s initiative. I hope both can step back from the technology for a moment, just as Negroponte has done, and focus on the betterment of the world through children, for a change.

On the surface, the MIT green computer and the Microsoft Windows XP computer seem to be entirely different, and in many ways they are. They take radically different approaches to what is, ironically, the same goal: using technology to make the world a better place. We’ve seen what happens with a monopoly of like systems designed around the legacy and poor security of yesteryear; let’s hope the upcoming MIT computer for children offers us a glimpse of a much more secure and socially responsible world.

Kelly Martin has been working with networks and security since 1986, and he's editor for SecurityFocus, Symantec's online magazine.

This article originally appeared on SecurityFocus

Copyright © 2006, SecurityFocus

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.