Minimizing Collateral Damage

This cool article about how software engineer Thanassis Tsiodras rooted his Android tablet reminded me of some things I’ve been thinking about for a while.  We have spent decades learning how to minimize collateral damage in technology.  For example, on Thanassis’s tablet, getting shell access wasn’t enough because the SELinux configuration provided another line of defense.  Why haven’t we applied what we have learned in the tech space to the wider world?

The US elections are tomorrow.  No matter who wins, hundred of millions of people are going to be unhappy.  Let’s revisit how we can apply technological structures and design patterns (not technology itself, for once!) to minimize the collateral damage our leaders do.

I write this now so you’ll know it’s not sour grapes.  No matter who wins tomorrow, I will be working on this series.  The first piece will be what we can learn from sudo.  I look forward to your comments, but please don’t stump — this is about improving our world regardless of (despite?) any particular officeholder.

Topics (will be updated as the series progresses):

  • sudo
  • firewalls
  • fine-grained access control (SELinux, ACLs, POSIX capabilities)
  • authentication (TLS/SSL, ssh)
  • user input (contrast some specific examples in FileZilla, 7-zip, and

I look forward to discussing with you!

 As always, opinions are mine and not necessarily those of my employer or any other party.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.