Computer security is one of my favorite areas, both because of the interesting challenges it poses and because of the importance of writing software that protects users' integrity and privacy.
In my view, the most important parts of designing secure systems are carefully selecting components based on their design and track record, taking great care to avoid security problems in new software you're developing, and providing multiple layers of security ("security in depth") so that a single failure isn't catastrophic. Security software can also play a role, by adding another layer of security or filling in a gap in an insecure part of the system.
One of my favorite projects was creating ucspi-tls to add TLS support to qmail's SMTP and POP servers. It uses all of these approaches: it is built on top of qmail and sslserver, both of which has a very good security record; it is written carefully to avoid introducing new bugs into these systems; and it runs the SSL processing in a separate low-privilege process so that vulnerability to any flaws in that subsystem are limited.
We also took security and privacy very seriously in the Whereabouts location awareness project. We created a rule-based privacy system that allows a user to control who has access to their sensitive location information under what circumstances, including rules based on time and location. Especially as systems gather more information about us automatically, it is important that mechanisms are in place to make sure users have control over their own privacy.
On a project with Allied Media, we designed a secure system for managing medical data about HIV patients for SEMHA. We created a private certificate authority, and issued client certificates to all of our users, which were used along with a password as part of a two-factor authentication system. We used SELinux to limit the capabilities available to any one process, so that a security flaw in one part of the system couldn't spread to any others. The data lived on another server in a different part of the network, protected by the individual users' passwords.
Recently, we solved a horrible Spam problem at the Genesee Free-Net with Untangle, which is a fantastic piece of software for providing first-line defense against spam, viruses, and attacks on Web sites.
Posted in
- Printer-friendly version
- Login to post comments
