Slashdot: Interview: The L0pht Answers

This week’s…interview guest is L0pht Heavy Industries as
a group….Many insightful questions for the L0pht guys were posted
Monday. Today, lots of insightful answers on everything from
political controls on the Internet to hardware hacking.

“Several months ago I began predicting that someday someone
would find a buffer overflow in the various Windows TCP-IP stacks
and use it to write a worm that would bring down the Microsoft part
of the Internet and cause so much traffic as to effectively shut
down everything else. I further predict that until an event of this
magnitude happens, the general public will not really learn the
basic lessons about security that the *nix world was forced to
learn from the first worm.”

“What are your thoughts on this prediction? (Timeline,
reasonableness, etc.)”

I believe your prediction is right on track. However, I don’t feel
that an Internet Worm II is necessary to teach Microsoft, its
customers, or its vendors, about security. There are three ways to
implement a security model, the slow way, the fast way, and the
right way. The slow way involves making a bunch of little mistakes
and fixing them over time as you find them, correcting your
policies and implementations. The fast way involves having a major
disaster occur, after which the faulty parts of the system are
completely torn apart and reimplemented. In practice, the slow way
often leads to the fast way.”

“Which brings us to the right way: To design software with a
security policy in mind, and with extra caution, care, and
expenditure during the implementation. OpenBSD’s model of proactive
security measures is a classic example of ‘the job done right’.
Retroactively applied security measures are a recipe for