Thursday, May 28, 2015

What is Zakintosh?

One of my pet peeves has long been information security.
Having worked and played with dozens of 'non-conventional' computer systems made me think about ways to MAKE SURE that a computer system can be trusted.
But what would it mean, and what needs to change in order to 'give way' for a new, secure-by-architecture, computer design?
What specific properties, business decisions, and ways of maintaining and supporting such a system would come to life?
I have worked on Zakintosh as my post-graduation thesis in Computer Science and I'm now ready to share it with you.
In my following post I will clarify all those and give you a good idea what the FUTURE of secure computing may entice.
You might even realize that some pieces of the puzzle have been put into place by some current actors.

For now, let's simply set the goals to be achieved by a hypothetical and highly theoretical 'Zakintosh'.
1. It must be secure from the user. Actions of software users cannot cause malfunction of system software or hardware.
2. At any time, the users can be sure that no clandestine (unrequested) operations are being performed by Zakintosh.
3. Software infection is not possible.
4. System is easily auditable. Status of system components and software can be checked by user, and can be trusted.
5. Third party security add-on software (Antivirus, Antimalware) is not required nor considered necessary.
6. The ultimate responsibility for system software security is with the system vendor.
7. There are no "trust levels" of computers like "FIPS-compliant" etc. The only high level of security is available to all Zakintosh users.
8. To compromise the system, hardware must be modified.
9. Hardware modifications to Zakintosh carry a legal penalty in many countries.

These are the basic premises around which more deductions will follow.
I am keen to share more of my vision in the next post; what do you think so far?

No comments: