Minimizing Collateral Damage

This cool article about how software engineer Thanassis Tsiodras rooted his Android tablet reminded me of some things I’ve been thinking about for a while.  We have spent decades learning how to minimize collateral damage in technology.  For example, on Thanassis’s tablet, getting shell access wasn’t enough because the SELinux configuration provided another line of defense.  Why haven’t we applied what we have learned in the tech space to the wider world?

The US elections are tomorrow.  No matter who wins, hundred of millions of people are going to be unhappy.  Let’s revisit how we can apply technological structures and design patterns (not technology itself, for once!) to minimize the collateral damage our leaders do.

I write this now so you’ll know it’s not sour grapes.  No matter who wins tomorrow, I will be working on this series.   Continue reading

Why Assumptions are Important

Every piece of technology is built to work provided its assumptions hold.  Every piece of electronics, for example, assumes it will have power.  No power => no function (as famously noted by The IT Crowd).  By breaking those assumptions, you can do some amazing things:

In this video (~36 min), scanlime finds exactly the right microsecond to drop the power supply — just enough! — to cause the processor built into a graphics tablet to dump its entire memory over a USB connection.  This is not a function the tablet was supposed to provide!

By painstakingly, scientifically defeating the assumption of a stable power supply, the tablet’s firmware control program, intended to be kept within the tablet, becomes available to inspect.  And, as scanlime points out at the end of the video, that control program may well open other doors.  Analyzing the control program may reveal other assumptions the tablet makes — assumptions that can be broken to change the tablet’s function to what she wants it to be.

Every system is only functional, secure, reliable, or any good at all, as long as its assumptions hold.  Whenever you think about the latest gizmo, don’t just ask what it will do for you.  Ask what it won’t do for you when you least expect it — when the gizmo assumes wrong.