Can we make hack-proof computers?

Summary:They could be hack proof - or much less hackable - if security were built into them instead of bolted on. Here's an example of what that means.

The recent Synology Diskstation ransomware attack  is just the latest in a long line of criminal and state security hacks of computer systems. Or it was a couple of weeks ago.

According to Microsoft some 80+ percent of security problems in the wild are memory-based. Buffer overflows, initialization errors, DMA bugs, firmware updates and more manipulate memory to get malware loaded.

Special Feature

Why business leaders must be security leaders

Why do many boards leave IT security primarily to security technicians, and why can’t techies convince their boards to spend scarce cash on protecting stakeholder information? We offer guidance on how to close the IT security governance gap.

This has been understood for decades. The Burroughs B5000 architecture, designed in 1961, contained a flag bit that tagged control words to stop programs from corrupting OS commands.

This idea was extended in the later B6500 to give more granular control. These machines were popular in financial services and descendents are still available today.

Fast-forward to today. In the paper The CHERI capability model: Revisiting RISC in an age of risk, presented at the 2014 International Symposium on Computer Architecture (ISCA) broadly expands on these ideas. The core idea: control memory access through instruction set extensions.

CHERI stands for Capability Hardware Enhanced RISC Instructions. Let's parse that.

  • Capability. An unforgeable token of authority.
  • Hardware. Capability support built into hardware.
  • Enhanced RISC Instructions. For machines based on RISC principles, such as the MIPS processor, adding new instructions that compilers, language runtimes and OSs - not user programs - can access.

Their goal: create an implementable and cost-effective path to much greater system security, without requiring user space software recompilation. That last is key for migration to more secure computing.

Security isn't free

The researchers implemented CHERI as an extension to with widely used 64 bit MIPS IV instruction set. The capability coprocessor was implemented on a second chip.

In addition to comparing CHERI to other existing protection schemes - where it excelled - they also measured the overhead compared to a base MIPS CPU. The worst case benchmark - Bisort - incurred about a 20% cost. Not bad, and they suggested techniques that could improve that.

The Storage Bits take

It should be clear to all that aftermarket security isn't good enough. The good news: we know how to do much better. The bad news: it will take work.

But the basic memory protection ideas of CHERI should be more widely adoptable, especially for vendors who use MIPS or ARM today. While processor speeds aren't rising, the costs of poor security are.

Just ask Target. Or Synology.

The only way we will achieve Internet privacy and personal freedom - including, possibly, election security - is through truly secure infrastructure. CHERI is not the last word on the problem, but it points the way forward.

Comments welcome, or course. What's it worth to you to defeat malware? 

The authors of the paper are Jonathan Woodruff, Robert N. M. Watson, David Chisnall, Simon W. Moore, Robert Norton, Michael Roe and Jonathan Anderson the University of Cambridge; Brooks Davis and Peter G. Neumann of SRI International; and Ben Laurie of Google UK.

Topics: Storage, Hardware, Security

About

Harris has been working with computers for over 35 years and selling and marketing data storage for over 30 in companies large and small. He introduced a couple of multi-billion dollar storage products (DLT, the first Fibre Channel array) to market, as well as a many smaller ones. Earlier he spent 10 years marketing servers and networks.... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.