Security News > 2020 > April > Marriott Was Hacked -- Again
We may have to get the government involved to require certain standards to be met via some sort of security framework.
The first thing you have to realise is a "Top down" approach to security does not work for a whole heap of reasons.
As it's not that difficult to abuse the Shannon channel passing mechanisms between user and kernel modes to get privilege escalation it's unsuprisingly a significant security issue Microsoft have know about this for decades and have not done anything about it untill being "Embarrassed" into doing so.
The Shannon channel problems exists with all architectures of all sizes, including the basic "Perimiter security model" which is the fundimental of just about all commercial security offerings at some point.
Sometimes I wonder if people realy want security, and then I read a report that says what the market size of the computer security market is, I think yet again 'there is two much "Future money" in securiry solutions' that many will see improving security as "Breaking their rice bowl".
News URL
https://www.schneier.com/blog/archives/2020/04/marriott_was_ha.html