What can they really do? Nobody has an operating system fit for task in the age of mobile code and persistent internet. Sure, Fuchsia and Genode are coming along, but they aren't ready yet. Anything else is duct tape and bailing wire.
The people who operate and use the system have to be secured also. From phishing, from blackmail, insider threats, infiltrators, spies. With all the data breaches these days, more and more blackmail material will be available. People would be hesitant to take a job that involved having full time bodyguards or continuous security monitoring of their entire personal life, vetting of their extended family and friends, limits on social life. The salaries for such critical people would likely be very high (plus the added cost of the bodyguards/watchers). And who watches the watchers? People with top secret, compartmentalized access are monitored somewhat less than that and still get compromised.
Possibly complete security is impossible, in which case decentralizing, redundancy, failsafes, and layers of protection with constant incremental improvements (not new features) when flaws are found may be the only reasonable approach. Expect systems to fail and make sure failure does little harm. Regardless it is going to cost more, one way or another.
The Sodinokibi/REvil ransomware gang has reportedly infected Taiwanese multinational electronics corporation Acer and demanded a ransom of $50 million. Those responsible for the Sodinokibi ransomware strain announced on their data leaks website that they had breached the computer giant.
3 comments
[ 3.0 ms ] story [ 17.5 ms ] threadPossibly complete security is impossible, in which case decentralizing, redundancy, failsafes, and layers of protection with constant incremental improvements (not new features) when flaws are found may be the only reasonable approach. Expect systems to fail and make sure failure does little harm. Regardless it is going to cost more, one way or another.