And what if one wishes write their own code? How is one to test their code if only code "already in the system" is allowed to be executed?

Oh, I see. You are referring to the code development toolset used to develop, test and debug your code. I have confidence in my toolset provider.

If that were an issue, I have written my own editors, assemblers and ide in the past. So that isn't such a concern.

If you want to go that far, all modern MCU have embedded code already in the system. What reasons do you have to suspect that that has already been compromised?

 

I can design and create an OS that is 100% secure from hacking or viruses.

What reasons do you have to suspect that that has already been compromised?

What reason do you suspect that they have not?

If you can create an OS that is 100% secure from ... whatever ... then why don't you? Do you think those who write, say, Linux, intend for it not to be secure? Of course not, but occasionally bugs happen leading to vulnerabilities. All one can do is fix them as they arise.

I guess my overall point was: any "OS" that is 100% secure would -- by definition -- not allow any outside interactions. And I'm not talking about internet. I mean things like push buttons and serial interfaces. Any entry -- or even exit! -- into/out of the system can be considered vulnerable to some extent.

I submit that a 100% secure OS could not even be considered an OS. It would just be some static code running in a loop idling away doing nothing important.

 

What reason do you suspect that they have not?

If you can create an OS that is 100% secure from ... whatever ... then why don't you? Do you think those who write, say, Linux, intend for it not to be secure? Of course not, but occasionally bugs happen leading to vulnerabilities. All one can do is fix them as they arise.

I guess my overall point was: any "OS" that is 100% secure would -- by definition -- not allow any outside interactions. And I'm not talking about internet. I mean things like push buttons and serial interfaces. Any entry -- or even exit! -- into/out of the system can be considered vulnerable to some extent.

I submit that a 100% secure OS could not even be considered an OS. It would just be some static code running in a loop idling away doing nothing important.

To each his own.
I have a program running a centrifuge in a lab. I want to see a hacker hack into that code.

 

To each his own.
I have a program running a centrifuge in a lab. I want to see a hacker hack into that code.

I assume you have "unbreakable" physical security as well? Refining uranium or something?

 

I assume you have "unbreakable" physical security as well? Refining uranium or something?

Yes, with ample warning:

 

While slightly off topic this is somewhat interesting. During my career I worked with what were supposed to be secure systems. I was not an IS type and never really had a desire to be. We had to undergo regular security briefings and sign stuff saying we could go to jail for a bazillion years (maybe longer) if we caused a security breach. Not to mention you get fired and lose your security clearance, find yourself in poverty after jail and urinating in gutters. One briefing was really interesting. Agents (guys in black suits who fly on black helicopters) dropped little pen drives, USB drives, call them whatever you want around US Government facilities. The pen drives had just usual folders like a documents folder, sales charts folder, and other assorted folders, just general nonsense and there among the usual type file folders was a single ordinary folder labeled to the effect of Naked Pics Jenny. Something like 40% of those USB pen drives found their way into USB ports on what were supposed to be secure US Government computers which were on large networks.

My guess before we knew the numbers was maybe one in a hundred, maybe 1% at best. Damn, I miss calculated that. The security briefings always were interesting, at least I thought so. They were based on true stories of espionage and what actually happens day to day. I was amazed that 40 people out of 100 would actually shove an unknown pen drive into a work station on a network. Our largest threat to security actually came from within and it was human and not machine. You can make a network as secure as you wish but you simply can't fix stupid.

Ron