I haven't blogged in a long time. I guess I should have caught up with this blog with the recent goings on, specifically the OK to commit that a cleaned-up version of ProPolice, the IBM stack smash protector research project, got from the gcc mailing list.
As of late I've been working and not working (depending on mood) on a paper about designing a secure and user friendly operating system. Between this and Star Ocean, my time is occupied with little news to put up here. I'll probably post a review of a book I read earlier, a nice piece for those interested in learning exactly how security attacks happen.
"Defining a Secure and Friendly Operating System" is a general reference plan for designing a secure Linux distribution. The concepts in DaSaFOS are not aimed at creating a specialized operating system; but rather at creating a more generalized system which can function as a home user's desktop with high quality security and excellent performance. DaSaFOS brings together existing concepts and projects to describe what can be done today to make a more secure system.
There is much work to do. After finishing and publishing DaSaFOS, I will begin the basic design documentation and begin the search for funding. The pax-future documentation for PaX gives insight into a post-next-generation technology that would be interesting to research into and implement; by no means is current-day technology, even that unimplemented, feature-complete.
One major strategy is to design an online, inline information delivery system to educate the user on-the-fly as to proper security practices. As rediculous as this sounds, OSMOSIS or Online Simple Memoranda Offloading Secure Information Strategy is the name of the subproject I will eventually create to pursue this effort. By feeding the most important information in the simplest form to the user utilizing a non-invasive, non-intrusive, attention-grabbing interface, the last end of security can be held up. Any user can break his own security, and so our final efforts will be to teach them not to.