Latest Security News

מארק רוסינוביץ על מגמות באבטח מידע


מארק רוסינוביץ למי שלא יודע,הוא האדה שכתבתה את SYSINTERNALS TOOLS החינמיים המוכרים לכל אדמין ואיש מחשבים באשר הוא.
האגדה אומרת שהוא מבין במערכות מיקרוסופט יותר מהמפתחים של מערכות אילו עצמם -),
בסופו של דבר מיקרוסופט קנתה אותו לשורותיה אבל יאמר לזכותם כי השאירו את הכלים שהוא פיתח -חינמיים.
באחד הפודקאסטים שבו הוא התארח לאחרונה ומדבר על הספרים שהוא כותב
הוא מדבר על עתיד אבטחת המידע בעדן השלישי של עולם המחשבים - עידן הענן והמובייל.
העידן הראשון היה MAIN FRAME ,העידן השני הוא עידן ה CLIENT_SERVER

הנה הטרנסקריפט של השיחה ( בהזדמנות אני אתרגם)
מעניין מאוד:



MARK:  Well, the bigger trends, I think we're right in the middle of the third disruption in the computer industry, the first one being the mainframes, the second one being client-server, and this one being cloud and mobile.  So that's one that's affecting everybody and the way that everybody thinks about software, from enterprise developers to ISDs to consumers.  But underneath that, as far as security goes, I think that what we're seeing - and I've been a proponent of this form of security, the security technique, the security mechanism since shortly after 2000, when I started to really focus on what my software company, Winternals at the time, could do from a security perspective, and that is whitelisting.  Back then whitelisting was something that nobody used.  Windows and UNIX had some whitelisting capabilities, but very, very few people used it.  And that's been the case up until very recently.

And people I don't think are really aware of this, but now whitelisting has become one of the key security features of the modern client platforms.  When you look at iOS, for example, Apple's ecosystem, it's a complete whitelisted ecosystem.  The whitelist, you can only run the software on the phones that have been approved by Apple and curated by Apple.  Apple is essentially creating their whitelist in their Apple store.  And that has made those platforms - Android's got one.  It's not as well curated, so we've seen a problem with that.  And then Windows Phone's got a curated whitelist, as well, and Windows 8 does, too, that those whitelists, you see the dramatic impact on the security of the system by having that whitelisting in place.  Even if there is - and the sandboxing that goes with the whitelisting, as well.  So I think I feel somewhat vindicated because I've always believed whitelisting would come back and become one of the primary tools in a cybersecurity posture or platform.  And we're seeing that with the cloud platforms really adopting it and seeing the dramatic effects of that being in place.