Why are computer systems still insecure? [closed]

Question

Closed. This question needs to be more focused. It is not currently accepting answers.

---

Want to improve this question? Update the question so it focuses on one problem only by editing this post.

Closed 3 years ago.

Improve this question

After 50 years of software engineering, why are computer systems still insecure? I don't get it.

Two questions: (i) What's so hard about just denying or restricting networked access to bad actors who lack passwords? It's not like these bad actors arrive with crowbars and dynamite; they only have bits and bytes, right? (ii) Once a bad actor has achieved networked access, why haven't operating-system kernels been re-engineered to make privilege escalation unfeasible?

I am not looking for a book-length answer but merely for a missing concept. If you can see the flaw in my thinking and can shed a little light on the flaw, that will be answer enough.

Is there some specific reason top scholars have not yet been able to solve the problem? Is there a sound reason we still have, say, bootstrapped compilers and unauditable microprocessor designs, despite the long-known security risks?

Is there some central observation, answerable at StackExchange length, that ties all this together? Why are computer systems still insecure?

Update: Commenters have added some interesting links, especially "Is Ken Thompson's compiler hack still a threat?"

Answer 1

At its core, the problem is that software is complex. For any site, you have all of the JavaScript to make the site run. You have the server to handle requests. You have the cache to handle in flight data. You have the CDN to store all of the content. You have some database to store all of the data. You have backup servers where the data goes. You have logging servers where info can end up. You have all of the libraries written by others, but used by all of these parts. You have the web servers, written by others. You have the operating system, and all of the things installed there.

All an attacker needs to do is find one mistake in any of this code, and the gig is up. Programmers are human, so invariably, given a million opportunities to fuck up, we will.

But that is just the technical side. Even if all of the code is secure, users still have passwords, and they're usually bad. There's still the ability to call up tech support and ask for "your" password reset, gaining control of an account that isn't yours. You can still bribe someone who does have access (as of 2000, 80% of intrusions were made by people on the inside - vengeful programmers, bored secretaries, greedy salesguys). There's still social engineering people into believing that fake email is a legitimate request for a password reset.

The problem isn't solved because there isn't a single problem, they're not all technical problems, and most of them are damned hard in the general case.

Answer 2

First people and companies buy insecure computers then try to manage the problem. They still sell no matter the lack of security.

Second people that understand the vulnerabilities have confidentially contracts that makes it difficult to share the ideias with hardware and os developers. Os and hardware developers do not have a good understanding of the business needs.

I for one am a big fish but I can't use my company email then in some communities people does not realize I have experience with big things and serious problems that merits attention and thinks I am nuts. There is many professionals like me.

Third, patents and authoring rights do avoid good ideas to be shared. See how fast China is developing and how far behind US is getting. the patent system was taught as a mean to protect the small inventor, but in the hand of big companies become a way to force their products forward by filing bogus claims against their competitors.

Forth many people that discover the system failures live from it and will not reveal the secrets unless paid for. And just in the last decade or so p2own start paying prizes.

Sixth the incremental security is profitable.

Seventh this is a complex problem that would require a huge effort and most of the problems was discovered after each generation of computers and software are put in place.

Answer 3

The reason is that it's hard to make computers both useful and secure. You can make them completely secure, by disconnecting them from the internet and taking other measures, but then they aren't so useful. So we start adding features and capabilities. We connect our PCs to the internet. The WWW is fun but static. So we create Javascript and allow people to do things like banking via a web browser. It's a pain to keep entering a password, so we create session IDs and store them on the client in cookies or hidden form fields. Then we let users simultaneously open multiple web sites. Uh-oh! Better make sure that other web sites can't read that other-site session id... and so it goes.

Answer 4

There's a simple other reason: people are lazy and not aware. It will not hit me. That's the same attitude you take when walking on the street. It's always the others that suffer. Take Mail for example. Point to point encryption is available since decades, but nobody really uses it. Not too long ago I signed my mails and got them back from Mickeysoft users claiming their Outlook refused to show them without being able to decode the signature. So I turned that off again. Meanwhile it seems I don't see complaints any more, but sending encrypted mails between trusted parties? No way.

Another observation: security is not absolute. It's always relative. And people (I said they are sort of lazy) tend to use the least arduous way. Which in turn means less security.