Friday, April 28, 2006

Success Predictors

Thin client workstations have not succeeded in the past. What has changed to make them desirable now?

  1. The virus/ spyware/ adware attacks are increasing. The introduction of new attacks may overwhelm the capabilities of the defenders to provide defenses fast enough. A new, quickly spreading virus may destroy computers rather than profitably convert them to spambots. A very slowly spreading virus may go undetected. The need is for hardware prevention, not reactive defense by humans. Over zealous DRM suppliers are now installing rootkits, opening computers to viruses. Websites secretly install spyware.

  2. The next generation monopolistic operating system is going to be very expensive. It has a huge hardware requirement in terms of memory, processor speed, graphics card performance, and disk drive. It will require a new expensive office suite software. Being mostly new, it will have lots of bugs making it a fertile playground for viruses. The maker's reputation says that version 3.0 of any product is the first usable version. There will be new file formats for all document types, and Digital Restriction Management will be epidemic. On Jan 15, 2006, the first security patches for Vista beta were released, which were in reused software.

  3. Thanks to Moore's law, hardware has gotten a lot more capable and less expensive. A gigabyte of flash and a gigabyte of RAM are currently about $ 50.00 each at retail. Low power microprocessors are capable of most all office tasks. Gigabit networking to the server is cheap. LCD displays are falling in price. This hardware mix means the (fast) network is only used for data transfer, not code loading and booting. Local memory means instant program start, and instant boot. Servers and disk drives are getting cheaper.

  4. Open source software is approaching the expensive stuff in terms of functionality, quality, interoperability, and coverage of all office functions. There are some movements to require office suites to use public formats, such as the Open Document Format. Users are beginning to understand the need to archive all information in non-proprietary formats for long term access.

  5. A Distributed File system / Document management system will control all of the corporate documents and make it possible to find, search, revise, manage, and version all critical corporate information. The latest version of crucial stuff will not be on a user's disk drive in a powered down computer.

  6. Cost, both installation and administration will be very low. There will, however, be some transition costs to convert to the new platform.

  7. There is a huge dissatisfied mass of computer users, system administrators, IT heads and corporate executives that are fed up and aren't going to take it anymore, but have no valid alternative.

  8. There are some groups in a corporation that would be obvious to convert. Call centers, data entry groups, administrators, most executives, any one with well-defined computing needs.

  9. Groups with high security profiles, such as Homeland Security, would appreciate the statement “hardware protection absolutely prevents viruses and spyware”.





Success Criteria

The computer and its open source software has to satisfy all of the work requirements of the end user. Therefore adequate open source software must be available, and that software must inter operate with the existing corporate software/ network/ server/ database environment. A current trend is internal corporate applications are moving from heavy desktop clients to browser based with most of the heavy lifting on the server.

The open source software must be designed and implemented with the hardware restrictions of the computer in mind. Specifically, no runtime code modification is allowed. The compiler must assign variables into the data memory and constants into the instruction memory. There cannot be subtle uses of instruction modification. The design obviously rules out Just-In-Time compilers. Downloaded programs as text (javascript) or byte-codes (Java and Flash) need to be carefully analyzed to decide if to be allowed (with possible restrictions) or prohibited.

The computer design does not focus on third party software developers. A number of anti-piracy/ anti-debugging techniques involving runtime code modification will fail. The installation procedure is very different. Instead of copying files to a disk drive, the program is loaded into instruction memory ready to run, and all of the auxiliary files go into the distributed file system.



Overview of Components

The computer is based on a low power microprocessor and graphics chip set popular with open source software. The motherboard will have at least two memory slots, one for flash memory for the instructions, and the other for data memory, using flash or battery backed up RAM. Additional hardware logic implements the protection. An attempt to write to the instruction memory will generate an interrupt; an attempt to fetch an instruction from the data memory will generate an interrupt. An additional tiny microprocessor will be programmed to read from an external memory (for example, a USB flash drive) and write to the instruction flash memory, including checksum validation, when triggered by a push button. When the load is complete and verified, the main micro processor will be started.

The software image is created by ether:

  • A separate “builder” computer system will be provided to configure and test the instruction memory image. This system would have disk drives and writable memory. The software would include open source compiler(s) and loader(s), plus testing programs.

  • Software images with popular configurations would be sold by Rock Solid.

Open Source Software can be analyzed and modified to run correctly with the hardware restrictions. By restricting the hardware design to a few configurations (no slots, no additional drivers), the software can be tested to work correctly on each configuration.

The desktop computer will be merged with the LCD display (and speakers), sharing power supplies and minimizing desktop cables. There would be ports for instruction memory loading, keyboard, mouse, head phones, microphone, VOIP handset, network, and USB (specific drivers would have to be preloaded). Bluetooth could be used for keyboard, mice, headset, synchronization with laptops, etc. Omitted hardware includes fan, disk drive, floppy drive, CD/DVD drive, board slots, serial and parallel ports, modem, etc.

A distributed file system/ document management system with support for all of the document types is required. This will have versioning, control, backup, security, etc. It will support email and calendering and other groupware activities.

Rock Solid Server

This computer design could also fulfill a number of roles as a server computer. Additional flash memory could replace disk drives for most web server work, most dynamic web data is stored in database server computers or in attached network storage. A load balancing router could be extended to power up and down servers based on load. The router could power up just enough servers to handle 150% (or so) of current load. All unneeded servers would be powered
down. No disk drives saves power.

Introduction

The incredible spread of viruses, spyware, adware and other malevolent software in today's networked computing environment has created an enormous burden to clean up and a huge risk of theft of identity or financial information. Current solutions depend on a race between the bad guys and the good guys; quickly identifying new software holes and exploiting / fixing them or creating new attacks / new identification signatures. This is purely a reactive strategy, plugging the holes in the software dike. There are two possible disasters: a new attack very quickly destroys zillions of computers before being identified; and the rate of introduction of attacks exceeds the capabilities of the good guys. Now Sony BMG records has attacked PCs with a hazardous rootkit in its DRM code.

A new, obviously correct hardware defense is required. This fertile petri dish for virus growth and infection must be eliminated. Viruses and other malware work by adding/modifying executable code in the dynamic memory of the host computer, and programs on the disk drive. The fix is to enhance the hardware to limit instruction fetch from read-only memory and to eliminate the disk drive (or eliminate executables on the drive). The practice of downloading executables such as Java, Javascript, and Flash will need to be severely restricted or prohibited.

This computer will meet the needs of most (not all) office workers. It will contain an approved set of open software tools that would cover all of the work requirements. These tools would include a distributed file/document system, an office suite (word processor, spreadsheet, drawing, graphic manipulation, presentation, email, calendering), a web browser (possibly site restricted), Voice over IP, instant messaging, and any company specific software. Note the lack (or need) of virus/malware protection software.

Now that the software is always loaded into memory, a program instantly launches (in Windows terms: clicking on a icon on the task bar) and does not need to be loaded from disk every time (Windows terms: double clicking on a desktop icon).

Non-volatile memory for the data memory means the computer would boot in one second. This speed would allow unobtrusive power saving by powering down the computer and display when not being used. When required again, it would be active instantly.

This computer will also meet the needs of web surfers, classrooms, public libraries, Internet cafes, call centers, point of sale, data entry, and other restricted function computers.

Laptop versions of this computer would require a disk drive (and possibly a CD/DVD drive) but would have mostly identical software. An additional software component would be a synchronization tool to the corporate document management server when networking is available.


Friday, April 07, 2006

Example: it is getting worse

http://www.eweek.com/article2/0,1895,1945808,00.asp

Mike Danseglio, program manager in the Security Solutions group at Microsoft, at the InfoSec World conference.

He cited a recent instance where an unnamed branch of the U.S. government struggled with malware infestations on more than 2,000 client machines. "In that case, it was so severe that trying to recover was meaningless. They did not have an automated process to wipe and rebuild the systems, so it became a burden. They had to design a process real fast," Danseglio added.

Introduction

The incredible spread of viruses, spyware, adware and other malevolent software in today's networked computing environment has created an enormous burden to clean up and a huge risk of theft of identity or financial information. Current solutions depend on a race between the bad guys and the good guys; quickly identifying new software holes and exploiting / fixing them or creating new attacks / new identification signatures. This is purely a reactive strategy, plugging the holes in the software dike. There are two possible disasters: a new attack very quickly destroys zillions of computers before being identified; and the rate of introduction of attacks exceeds theanalysis and repair capabilities of the good guys. Now Sony BMG records has attacked PCs with a hazardous rootkit in its DRM code.

A new, obviously correct defense is required. The fertile petri dish for virus growth and infection must be eliminated. Viruses and other malware work by adding/modifying executable code in the dynamic memory of the host computer, and programs on the disk drive. The fix is to enhance the hardware to limit instruction fetch from read-only memory and to eliminate the disk drive (or eliminate executables on the drive). The practice of downloading executables such as Java, Javascript, and Flash will need to be severely restricted or prohibited.

This computer will meet the needs of most (not all) office workers. It will contain an approved set of open software tools that would cover all of the work requirements. These tools would include a distributed file/document system, an office suite (word processor, spreadsheet, drawing, graphic manipulation, presentation, email, calendering), a web browser (possibly site restricted), Voice over IP, instant messaging, and any company specific software. Note the lack of virus/malware protection software, as there is no need for any.

Now that the software is always loaded into memory, a program instantly launches (in Windows terms: clicking on a icon on the task bar) and does not need to be loaded from disk every time (Windows terms: double clicking on a desktop icon).

Non-volatile memory for the data memory means the computer would boot in one second. This speed would allow unobtrusive power saving by powering down the computer and display when not being used. When required again, it would be active almost instantly.

This computer will also meet the needs of classrooms, public libraries, Internet cafes, call centers, point of sale, data entry, and other restricted function computers.

Laptop versions of this computer would require a disk drive (and possibly a CD/DVD drive) but would have mostly identical software. An additional software component would be a synchronization tool to the corporate document management server when networking is available.

Executive Summary

Implement an office computer that cannot catch viruses, spyware, adware, hazardous DRM or be maladjusted by the user. It can only execute software that has been loaded into Read-only flash memory by a system administrator. Local data is stored in non-volatile memory, so the computer boots in one second. It does not have a disk drive; all data files are stored in a document management system on a server. With open source software (operating system, office suite, browser, email, calendering, instant messaging, VOIP, etc.) and reduced hardware requirements (piggybacked onto flat display, no disk, floppy, CD/DVD, fan, slots) the computer plus software would be very inexpensive to install and administer.

  • Hardware restricts instruction fetch from only read-only instruction memory, and catches any attempt to write into instruction memory.

  • Open source software plus limited hardware implies low cost.

  • Server based document management system controls all corporate data files.

  • Computer boots in one second, can unobtrusively power down.