How about adopting an architecture that incorporates special-purpose
security safeguards into the CPU? Routers and switches don't need to
execute arbitrary code, Cisco knows ahead of time, before they deploy a
product, what code that product should be allowed to execute.
Do you think there is no way in hardware to limit the code that gets
executed? Maybe you should join the FBI.
Hardware has bugs too.
Arbitrary code execution isn't too hard on the XBox, for instance, even
with complex crypto checks.
Intel screwed up their design of hyperthreading with caches, and as a
result, local users can steal data from one another.
I think your broad suggestion is flawed. Perhaps the only reason we
*don't* see as many hardware-based bugs, is that when you are getting
ready to put something in hardware, you are generally more interested in
getting it right the first time, given the production costs. The
problem is, the mode of failure is astronmically worse, as you can't
easily patch any problems that do crop up.
On another note:
The unfortunately common misconception that 'appliances' are safe
because they are "hardware devices" really needs to go. Everything is a
combination of hardware and software, and that's how it should be, from
an engineering perspective.
From a security perspective, software should be viewed as a living thing
that constantly needs feeding, whether it is on a funny-looking
rackmount proprietary computer, in your mobile phone, or on your
desktop.
tim
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
