[alert0]

I would really like to see a move toward purpose built systems and actually software engineering. General purpose operating systems really speed up development time, but I am not sure we need critical infrastructure to be capable of playing Doom or running generic ransomware. In the same vein, it would be nice for the people who built these systems to be able to provide tolerances and document failure cases. This would be mandating memory safe languages, understanding dependencies, mandatory penetration tests, mandatory fuzz testing. We have standards for building bridges but not for computing systems.

Another policy point would be data de-risking. It has been shown time and time again that companies cannot protect their own data, not to mention user data. I think we should make it very costly to be breached and lose PII. It would raise the bar a lot for who could do what, but I do not think companies have really demonstrated that they can handle this data responsibly. These data losses have even become a national security risk. [1]

1. https://foreignpolicy.com/2020/12/21/china-stolen-us-data-ex...

[caseysoftware]

> I would really like to see a move toward purpose built systems and actually software engineering.

We've tried bespoke systems for all sorts of components. That's how we end up with multi-billion, multi-year sole source contracts where $beltwaybandit prints money and it takes multiple years to support now-common functionality/capabilities because it wasn't in the initial meticulously-specified, waterfall-driven design plan enshrined in the contract 5 years ago. And that contract itself was an extension to an extension to an extension from a contract a decade before that.

Excuse me, I'm having flashbacks now.

[chc4]

Critical infrastructure is not the devices being hit by ransomware attacks. They are encrypting corporate networks, which do need to be able to run Outlook and use a web browser.

[mjevans]

Laws need to be passed which mandate that critical infrastructure continues to function safely, without corporate comms networks.

If your billing and tracking system breaks tough, that's the cost of picking poor software and not training employees.

[kube-system]

Ironically enough, sometimes it might be other laws that necessitate those systems to be running in order to continue operations. Critical infrastructure is often fairly regulated for other reasons (depending on what it is), and those systems might be used to meet some other compliance/regulatory requirements.

I have found myself working on these kinds of systems professionally, although we were able to air-gap them.

I guess you could say that inability to comply with those other regulations is also a “too bad, you should have thought of it” scenario, but those are not always laws we’d want them to break. (Safety, etc)

And at some level, critical infrastructure is no more of an expert at preventing cybercrime than a shopkeeper is at preventing shoplifting. I do think we need the government to stand up a bit here and help to prevent this crime in the first place.

[bawolff]

I assune you have to be pretty incompetent to be damaged by randsomware. It cant hurt you if you have backups, and i dont understand how you could run a major company without backups.

[philprx]

Taking down a system to reflash it with backups can take significant time that translates often in big companies to 10x-100x the ransom cost.

That's also why there are tensions between big companies / victims and law enforcement agencies because they have divergent interests: keeping the business running vs prosecuting and blocking criminals

Did you give data protection job a go? They're heavily recruiting people who can really make a difference. But it looks often easier than it is ;-)

[nitrogen]

The ransomware hurts if the ransom is to keep the hackers from posting your documents.

[bawolff]

Maybe, but is that the situation that the fuss is about. That sort of scenario surely doesn't involve a business shutdown.

[caseysoftware]

> I do not think companies have really demonstrated that they can handle this data responsibly.

Neither have governments. The entire OPM (Office of Personnel Management) background check database was breached and thoroughly compromised for years. And that system is effectively the blackmailer's wet dream. I wrote about that almost 6 years ago here:

https://caseysoftware.com/blog/why-this-security-breach-is-w...

And that was before the NSA had all their best hacking tools stolen..

[jl2718]

What is the responsible thing to do here?

Should a government announce to the people that everybody within it is potentially operating under foreign influence?

[Nexxius]

Cyber COP, Experian Cyber services, and the like have provided fairly perm accounts paid for by the government due to breaches and mistaken disclosures of PII. While the above mentioned incident is one of the more notable, it ain't the first and isn't even the most recent.

[jl2718]

If you think that is even an attempt at a solution, then I’m pretty sure you don’t understand how this information is used.

[timeinput]

I feel there's probably a benefit to general purpose systems. Most non-general purpose machines I encounter are IoT or PLC devices and the S in those acronyms is for security. At least with a general purpose system I can implement hardening guidelines like DISA STIGs and automatically scan to be sure that they're enforced.

Maybe you get away from that with real software engineering, but that seems a bit like no-true Scotsman to me.

[R0b0t1]

"Real" software engineering is just a way to justify adding artificial scarcity to the SWE labor pool.

[alert0]

I think it is more so a way to recognize the actual scarcity in the SWE labor pool. I am sick of using apps implemented by the CEOs nephew who is learning to program. I am sick of developers who don't understand a memory corruption vuln. I am sick of people not managing, updating, or auditing dependencies. There is scarcity of talent and we need to stop letting people accumulate and then lose personal data.

[elevation]

> purpose built systems

You can see the benefits and limitations of this approach by considering commodities where "purpose built" is economical.

One common purpose built device is the dumb gigabit network switch. It has a well defined and stable specification, and for performance reasons the switching fabric is implemented in a dedicated ASIC which cannot be reprogrammed or remotely disabled. This makes it very stable and difficult to attack directly.

The limitation is that this rock-solid infrastructure only shifts the attack surface to a higher layer in the stack. The same switch that can't be attacked directly will happily deliver an email that tricks a human into assisting a hacker's scheme, like installing a virus onto their accounting PC.

Sure, you could implement your accounting software in an ASIC as well, but unfortunately, the requirements upon accounting change much more frequently than the gigabit 64b/66b waveform spec; if the government is allowed to issue new regulations then it will always be more economical to build the accounting system on a general purpose machine.

[dbuder]

Your gigabit network switch runs Linux. Even the securities exchanges' gigabit switches run Linux (on a FPGA).

[annoyingnoob]

https://www.pcworld.com/article/249951/if-it-aint-broke-dont...

[JediLuke]

Right now congress is debating how to spend 1 trillion in infrastructure, and I feel that most of it will go to pointlessly laying more concrete across the continent. I would like to see some kind of secure citizen-network, separate from the internet, restricted in functionality to just basic services, a business directory, and a message board that requires a crypto cert to identify yourself so you can make a post/comment. Solve the misinformation problem, the cybersecurity problem, train a generation in tech, kickstart the local supply chain AND stimulate economy all at once!

[rtpg]

Functioning roads and bridges that don't have cracked load-bearing beams are a bit higher priority than a BBS and digital yellow pages.

[rtkwe]

I doubt that will solve misinformation people are happy to spread complete nonsense under their real names on Facebook all the time. Plus if it's run by the government basic things like moderation get tricky due to 1A.

[whatshisface]

Why would anyone use the Governet, when the Internet is so much better?

[visualradio]

How would cryptographically verified identities solve the misinformation problem?

Conservative elites which believe it is necessary to fabricate some external evil to preserve social order are historically willing to engage in obscurantism and spread lies under their real names.

The monopolization of farm land by domestic land lords is fault of foreign powers for not allowing enough living room, attempts to end feudalism in south america are Russian plots to establish Stalinist regimes on southern border of United States, UFOs are not domestic military projects but nefarious extraterrestrials, Soviet Union is not collapsing but actually developing undetectable super weapons, Iraq has weapons of mass destruction, etc.