This cool article about how software engineer Thanassis Tsiodras rooted his Android tablet reminded me of some things I’ve been thinking about for a while. We have spent decades learning how to minimize collateral damage in technology. For example, on Thanassis’s tablet, getting shell access wasn’t enough because the SELinux configuration provided another line of defense. Why haven’t we applied what we have learned in the tech space to the wider world?
The US elections are tomorrow. No matter who wins, hundred of millions of people are going to be unhappy. Let’s revisit how we can apply technological structures and design patterns (not technology itself, for once!) to minimize the collateral damage our leaders do.
I write this now so you’ll know it’s not sour grapes. No matter who wins tomorrow, I will be working on this series. The first piece will be what we can learn from sudo. I look forward to your comments, but please don’t stump — this is about improving our world regardless of (despite?) any particular officeholder.
Topics (will be updated as the series progresses):
- fine-grained access control (SELinux, ACLs, POSIX capabilities)
- authentication (TLS/SSL, ssh)
- user input (contrast some specific examples in FileZilla, 7-zip, and OpenOffice.org)
I look forward to discussing with you!
As always, opinions are mine and not necessarily those of my employer or any other party.