[Info-vax] Variable declarations, was: Re: improving EDT

Scott Dorsey kludge at panix.com
Tue Nov 22 12:46:33 EST 2016


 <johnwallace4 at yahoo.co.uk> wrote:
>
>Quite a few people and organisations would say they cared
>about security. They especially say this after they've been
>publically breached.
>
>Fewer people and organisations actually consider (let alone
>invest in) real security upfront.

Indeed, and few of them even consider or invest in it after the fact.

>For certain specific applications, ARM's TrustZone seems to
>have some applicability:
>https://www.arm.com/products/security-on-arm/trustzone
>
>Intel have been trying to achieve something similar on=20
>specific x86-based systems, with little visible effect to
>date:
>https://software.intel.com/en-us/sgx
>https://en.wikipedia.org/wiki/Software_Guard_Extensions
>
>And back in the day, didn't Intel have a capability-based
>chip? The ill-fated iAPX 432?
>https://en.wikipedia.org/wiki/Intel_iAPX_432

Yes, the iAPX 432 was a very slow machine but one with a lot of real security
features.  Although it died a horrible death of bloat, many of the useful
features in the 432 appeared in the i960 which was an ingenious and well
thought-out architecture that Intel seemed to be totally unable to sell in
spite of excellent performance and well-designed security.

>If people actually wanted security, we wouldn't be reading
>about obvious exploit after obvious exploit on the latest
>devices from the Interweb of Trash. Or something.

Precisely.
--scott
-- 
"C'est un Nagra. C'est suisse, et tres, tres precis."



More information about the Info-vax mailing list