Wednesday, October 3, 2007

On Naked Emperors

A spat has blown up on the Linux Kernel Mailing List over the merging of SMACK and/or AppArmor into the kernel, vs SELinux's use of Pluggable Security Modules. The NSA's Stephen Smalley asked Linus Torvalds:
You argued against pluggable schedulers, right?
Why is security different?
which prompted this reply from Linus:
Schedulers can be objectively tested. There's
this thing called "performance", that can
generally be quantified on a load basis.

Yes, you can have crazy ideas in both schedulers
and security. Yes, you can simplify both for a
particular load. Yes, you can make mistakes in
both. But the *discussion* on security seems to
never get down to real numbers.

So the difference between them is simple: one
is "hard science". The other one is "people
wanking around with their opinions".
(For the whole exchange, see http://kerneltrap.org/Linux/Pluggable_Security).

Once again, information security proponents get blasted for being unable to objectively back up their cases. We have got to get away from basing so much of what we do on opinion; so often, when called on this, we end up looking like an emperor who just lost his clothes. And it's happening more and more often.

No comments: