{"id":8,"date":"2005-03-26T19:46:00","date_gmt":"2005-03-26T23:46:00","guid":{"rendered":"http:\/\/blogs.law.harvard.edu\/zeroday\/2005\/03\/26\/trusting-computers\/"},"modified":"2005-03-26T19:46:00","modified_gmt":"2005-03-26T23:46:00","slug":"trusting-computers","status":"publish","type":"post","link":"https:\/\/archive.blogs.harvard.edu\/zeroday\/2005\/03\/26\/trusting-computers\/","title":{"rendered":"Trusting computers"},"content":{"rendered":"<p><a name='a12'><\/a><\/p>\n<p>Computers have supplanted all other forms of media to safe guard our<br \/>\ninformation. &nbsp;Computers store everything from banking histories to<br \/>\nrecipes. &nbsp;Combined with the connectedness of the Internet all of this<br \/>\ninformation is leveraged to guide our decisions and purchase our needs<br \/>\nand wants. &nbsp;This is just the surface of how deep computing affects our<br \/>\ndaily lives however. &nbsp;Computers control ballast systems that keep<br \/>\ntankers afloat and SCADA systems that regulate the flow of rivers<br \/>\nthrough dams. &nbsp;Computers are the most pervasive element of how our<br \/>\nsociety controls the environment that we live in. &nbsp;<br \/>\n<br \/>\nTo state that trust is important is to understate the obvious.<br \/>\n&nbsp;Trust is a luxury however, and one that we can not afford. &nbsp;Our<br \/>\nsystems are still fragile and susceptible to human malice and poor<br \/>\nprogramming. &nbsp;Virii by the millions have emerged into the world of<br \/>\ncomputing. &nbsp;They infect computers by the interactions of others. &nbsp;This<br \/>\nvector of infection is personified by email users who open foreign<br \/>\nattachments. &nbsp;Even more deadly is the worm, which can infect without<br \/>\nthe interaction of a user. &nbsp;Worm infection is steadily rising with each<br \/>\npassing year. &nbsp;Code Red alone compromised 250,000 computers in nine<br \/>\nhours. &nbsp;Control and trust is lost when these infections occur. &nbsp;<br \/>\n<br \/>\nWe absolutely need to trust the machines that help run the fabric<br \/>\nof society. &nbsp;As a society we must constantly add fail-over systems,<br \/>\nmonitors and vaccines to computers. &nbsp;Until this type of trust is gained<br \/>\nsystems must be open to the user. &nbsp;The more transparent the computers<br \/>\nare the more easily a rouge program can be detected. &nbsp;The quicker the<br \/>\ndevelopment process the faster important patches and medicines can be<br \/>\ndispatched to infected machines. &nbsp;<br \/>\n<br \/>\nOne of the latest contenders is the &#x201C;Trusted Computing&#x201D; platform.<br \/>\n&nbsp;In this regime manufacturers provide equipment which will certify that<br \/>\neach application before it is allowed to execute. &nbsp;The cost of this<br \/>\ntype of regime is that development is retarded due to a rigorous<br \/>\ncertification process. &nbsp;Even patches will have to undergo certification<br \/>\nand create an even bigger gap between infections and inoculation. &nbsp;The<br \/>\nbenefits are paltry in comparison to this cost. &nbsp;Certain virii will be<br \/>\nprevented from executing. &nbsp;Namely those that are sent via email to<br \/>\nunsuspecting users. &nbsp;However worms would not be deterred since they<br \/>\ngenerally infect programs that are already running. &nbsp;These programs<br \/>\nwould already certified but contain vulnerabilities, or flaws in the<br \/>\ncode, which allow remotely launched programs to exploit them. &nbsp;The<br \/>\ncertification process does not guarantee that the code works well, or<br \/>\nthat it even works at all. &nbsp;It just stipulates that it is from a<br \/>\ncertain developer or company. &nbsp;<br \/>\n<br \/>\nA switch to this &#x201C;Trusted Computing&#x201D; environment would not solve<br \/>\nthe trust issue. &nbsp;Software and hardware manufacturers are still not<br \/>\nliable for any damages incurred. &nbsp;Society must stay vigilant in regards<br \/>\nto what computers do and monitor them. &nbsp;The stakes are far too high to<br \/>\ntrust our computers just yet.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Computers have supplanted all other forms of media to safe guard our information. &nbsp;Computers store everything from banking histories to recipes. &nbsp;Combined with the connectedness of the Internet all of this information is leveraged to guide our decisions and purchase our needs and wants. &nbsp;This is just the surface of how deep computing affects our [&hellip;]<\/p>\n","protected":false},"author":214,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-8","post","type-post","status-publish","format-standard","hentry"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/posts\/8","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/users\/214"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/comments?post=8"}],"version-history":[{"count":0,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/posts\/8\/revisions"}],"wp:attachment":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/media?parent=8"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/categories?post=8"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/tags?post=8"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}