Trusting computers

Computers have supplanted all other forms of media to safe guard our
information.  Computers store everything from banking histories to
recipes.  Combined with the connectedness of the Internet all of this
information is leveraged to guide our decisions and purchase our needs
and wants.  This is just the surface of how deep computing affects our
daily lives however.  Computers control ballast systems that keep
tankers afloat and SCADA systems that regulate the flow of rivers
through dams.  Computers are the most pervasive element of how our
society controls the environment that we live in.  

To state that trust is important is to understate the obvious.
 Trust is a luxury however, and one that we can not afford.  Our
systems are still fragile and susceptible to human malice and poor
programming.  Virii by the millions have emerged into the world of
computing.  They infect computers by the interactions of others.  This
vector of infection is personified by email users who open foreign
attachments.  Even more deadly is the worm, which can infect without
the interaction of a user.  Worm infection is steadily rising with each
passing year.  Code Red alone compromised 250,000 computers in nine
hours.  Control and trust is lost when these infections occur.  

We absolutely need to trust the machines that help run the fabric
of society.  As a society we must constantly add fail-over systems,
monitors and vaccines to computers.  Until this type of trust is gained
systems must be open to the user.  The more transparent the computers
are the more easily a rouge program can be detected.  The quicker the
development process the faster important patches and medicines can be
dispatched to infected machines.  

One of the latest contenders is the “Trusted Computing” platform.
 In this regime manufacturers provide equipment which will certify that
each application before it is allowed to execute.  The cost of this
type of regime is that development is retarded due to a rigorous
certification process.  Even patches will have to undergo certification
and create an even bigger gap between infections and inoculation.  The
benefits are paltry in comparison to this cost.  Certain virii will be
prevented from executing.  Namely those that are sent via email to
unsuspecting users.  However worms would not be deterred since they
generally infect programs that are already running.  These programs
would already certified but contain vulnerabilities, or flaws in the
code, which allow remotely launched programs to exploit them.  The
certification process does not guarantee that the code works well, or
that it even works at all.  It just stipulates that it is from a
certain developer or company.  

A switch to this “Trusted Computing” environment would not solve
the trust issue.  Software and hardware manufacturers are still not
liable for any damages incurred.  Society must stay vigilant in regards
to what computers do and monitor them.  The stakes are far too high to
trust our computers just yet.

Post a Comment

You must be logged in to post a comment.