Tactical Security vs Strategic Security
Like many security specialists I have been following the Blue Pill saga. Blue pill is essentially a rootkit inspired by The Matrix. Once the achine has swallowed the blue pill it is owned absolutely and there is no way for the suer to know that they are owned. The way Blue Pill works is that it burrows under the O/S and runs it in a virtual machine.
One feature of the Blue Pill debate caught my attention. Joanna Rutkowska is for the time being concentrating on the AMD platform. This brings the ususal security paranoia of 'must be paid by Intel' since if Blue Pill were to be released Intel platforms would become more secure.
Or would they? After all the Intel and AMD architectures are both equally vulnerable. The choice of AMD was made because the programmer was somewhat more familiar with the AMD chip. The Intel chips also support a virtual machine mode. On the other hand there is to date only a known exploit for one platform (albeit incomplete).
This illustrates the difference between tactical security and strategic security. Until there is a known (or suspected) Intel exploit then there is a tactical security advantage to using Intel. From a strategic security point of view there is no difference.
If you had a very short term project that you had to be absolutely sure was not compromised by Blue Pill (and this was the only concern) there would be an argument for making a processor choice on the basis of tactical security. Otherwise the difference is not worth bothering about. The answer is to develop a secure platform that is 1) capable of recognizing that it has swallowed a Blue Pill and 2) provides an always present Red Pill that allows the user to reverse the effects.
