The young programmer — and he was no slouch; he’d recently created a custom version of the computer language “C” for his employer, finishing only a little behind the release of “C+” — took on this task with hope; after all, he’d got his start back when the clever students enjoying finding new ways to crash the nearby university’s big IBM mainframe, doing so in the dead of night, and showing the console operators how they’d done it so the vulnerability could be remedied!†
He thought and he thought and everything he came up with — had a hole in it. Allow unrestricted public access to a computer, and people you don’t want in it will get in. Passwords are a trivial problem, given time. Even air-gapping didn’t work, especially if media traveled both directions across the air-gap. Nope, the only way to be mostly safe was to run the support system on an isolated computer from which nothing ever, ever came back to his employer’s network — and that still left the users vulnerable, especially if the support machine was used to distribute software.
The general rule he evolved was this: “If you want to keep a computer safe, you cannot allow any form of unrestricted access. If it is accessible, people you don’t want in will inevitably get in.” That’s Stockman’s Law: if your computer has to be secure, it can have no network connection, no removable media, no unvetted users, no nothing but a display and HIDs — and even that can be defeated by a malicious authorized user. And then what good is it?
Actually, Swift is a bit more forgiving than that:
You cannot just buy “security.” It is something obtained through simple choices and knowledge. Tragically, these aren’t even hard to do or obscure to learn. But no one makes money telling you how to use what you already have. What you need is someone who doesn’t care about your money or looking smart by spouting off fancy words of no consequence — just that you not be a victim.
It pains me to see people who distrust and fear their computers, and who feel powerless in that fear. Because that’s not what I see when I look at computers and phones and websites. I see tools I trust with the story of my life, and the secrets I leave out when I tell that story to others. Everyone should be able to feel like that.
Which is about where I find myself. There is, of course, no way to fight off the most determined hackish types forever. Fortunately, most of the vandals on the far side of the firewall are looking for easy marks, and I work diligently to avoid appearing easy.