Computer security barks up wrong tree

THE BOFFIN BEHIND the security under the bonnet of the One Laptop Per Child project, Ivan Krstic, says that current approaches to IT security are obsolete.

He said that the computing industry relies on "utterly obsolete concepts and assumptions" and has "massively failed when it comes to desktop security".

Krstic slammed software vendors' efforts to secure their products at the opening session of the annual AusCERT computer security conference in Australia.

He said that modern security relies on the user to make informed and sensible choices on things they don't understand.

The concept that software ran by a computer user should operate with the same level of privilege that the user has was proof the approach is deeply flawed. Computer users were constantly bombarded with complicated dialogue and decision boxes they had no hope of understanding, he said. More here. µ