Posted by Robert Vamosi on August 3, 2016
A noticeably thinner but no less perkier Dan Kaminisky proposed fixing the Internet (“this Internet”) in his Black Hat USA 2016 keynote address.
Kaminsky, who famously broke then fixed the DNS-backbone of the Internet, opened by talking about an isolated web browser with only 14 system calls. He said that the term “sandbox” was wrong. Kids play in a sandbox, and the sand doesn’t always stay inside. He prefers the term “isolation technology.” From there the talk rambled a bit before returning to the browser (which he said he would release shortly) at the end.
He said the Internet is one of many. He talked about a limited Internet in France in the early 1990s that provided news, shopping, basically what we have today. He also traced the evolution of AOL, which he said first got the Internet into ordinary homes and then got rid of the payment for hourly usage. He said both of these became obsolete or failed because they limited themselves by what they could make money from, not what the Internet could or should be.
He said the Internet today is not designed for security, but for more photos of cats.
Kaminsky also digressed on the fact the Internet managed by engineers, managers, developers, but “not enough technical writers.”
He encouraged the crowd to keep on hacking, to “keep us honest.”
What he ended up proposing was a National Institute for Health for the Internet. He said the direct analogy with medicine (often the way malware behaves like human viruses) was not his point, but rather how medical practice is handled. He said that the term “snake oil” was literally derived from using snakes to make oil that was then sold to cure everything. He said that one practice in medicine was to use an autoclave. The autoclave takes germs out of the environment.
Which brings us back to the isolated browser. Like an autoclave it can reset everything back to normal. Which keeps the Internet healthy and operational.
Get the latest Software Integrity news, thought leadership, and more.