The Moral of “Trusting Trust”

I’m writing up a short summary for each classic cybersecurity paper that I have to know for my qualification exam. This week, let’s chat about “Reflections on Trusting Trust” by Ken Thompson (1984).

The three page paper comes from Ken Thompson’s Turing Award lecture in 1984. In it, he details a very elegant attack by which a backdoor can be injected into a program through a malicious compiler, leaving no evidence in the actual source code of the compiler or the program.

Moral

The moral is obvious. You can’t trust code that you did not totally create yourself.

Thompson argues that a skillful attacker can install a bug that will be almost impossible to detect. He spends the rest of the speech to say that most unauthorized access to computer systems is vandalism and should be treated as such by the media, the law, and society at large. This drawn out emphasis on the treatment of vandals undercuts the seriousness of the previous attack.

The moral is not that we cannot trust code we did not write ourselves.  The moral is that even the code we write could be corrupted. The keyword in Thompson’s paper is “totally.” This turtles-all-the-way-down attack stops only when you use your own vacuums.

(more…)

Continue ReadingThe Moral of “Trusting Trust”

Saltzer and Schroeder Design Principles

Alright, time to discuss another classic computer security paper! Today, it's The Protection of Information in Computer Systems by Jerome H. Saltzer and Michael D. Schroeder. Written in 1975, this document outlines some fundamental security concepts. I suggest focusing on Section 1, Basic Principles of Information Protection. The 8 design principles start at Section 1.3. As is apparent, these principles do not represent absolute rules--they serve best as warnings. Economy of mechanism: Simple is best.…

Continue ReadingSaltzer and Schroeder Design Principles

In Support of Diverse Clip Art

tl;dr Diverse representation within computer science matters. Stock images, clip art, and textbook examples affect us in subtle and perhaps unconscious ways. They dictate who we expect to see in certain roles. They even influence which roles we see ourselves assuming. When we rely on one default representation, we create a box for ourselves from which it is difficult to break free. We become unable to see others in a specific role and if we…

Continue ReadingIn Support of Diverse Clip Art

Stop Phish Shaming

Phishing won't be a problem. Everyone here is smart. tl;dr Stop shaming people for getting phished. Also, you can be phished. We need to stop encouraging the idea that only dumb people get phished. That's not how phishing works. Everyone can be phished, that's the nature of the sport. People get busy, answer emails with their phones, and don't have the time or attention to check every single link.  Furthermore, phish shaming can breed complacency…

Continue ReadingStop Phish Shaming

Cyberpolitics in International Relations

[In Progress]

Choucri, Nazli. Cyberpolitics in international relations. MIT press, 2012.

Review


td;dr Traditional IR theory stinks. Also, computers are a thing people should care about.

Cyberpolitics is one of first books that pushed the IR community to think about cybersecurity in a meaningful way. Choucri argues that cyberspace constitutes a new “space”, and as such, “provide[s] opportunities for expanding power and influence in world politics” (p. 5).

Choucri argues that traditional IR theory has failed us. It is static, state-focused, unable to combine perspectives, and ignorant or unwilling to address change.  IR theory must be modified to address cyberspace.

Below are some of my notes, with definitions and quotes. I recommend you check out Clark’s model of cyberspace for an IR-cyber stack.

(more…)

Continue ReadingCyberpolitics in International Relations