Archives For Saltzer and Schroeder principles

Separation of privilege and the avoidance of unpleasant surprises

Another post in an occasional series on how Saltzer and Schroeder’s eight principles of security and safety engineering seem to overlap in a number of areas, and what we might get from looking at safety with from a security perspective. In this post I’ll look at the concept of separation of privilege.

Continue Reading…

The kettle of doom

20/12/2013

My thanks to Charlie Stross for alerting us all to the unfortunate incident of the Russian kettle, bugged with malware intended to find unsecured Wi-fi networks and co-opt them into a zombie bot net (1). Now Charlie’s take on this revolves around the security/privacy implications for the ‘Internet of Things’ movement, making everything smart and web savvy may sound really cool, but not if your toaster ends up spying on you, a creepy little fore-taste of the panopticon future.

Continue Reading…