Reply to post: An impossible job - as pointed out in 2012

You don't need a HERO, you need a ZERO. From Google

Peter Brooks 1

An impossible job - as pointed out in 2012

Here's some extremely good advice on cyber-security. It's all the more remarkable because it is from 2012. It makes it abundantly clear that, if you are concerned for your security, only open source software offers you any hope at all:


The task of finding and eliminating every significant vulnerability from a complex product is monumental. If we also consider flaws intentionally inserted by a determined and clever insider, the task becomes virtually impossible. While there is a large body of literature describing techniques for finding latent vulnerabilities in hardware and software systems, no such technique claims the ability to find all such vulnerabilities in a pre-existing system. Techniques do exist that can prove a system implementation matches a design which has been formally verified to be free of certain types of flaws. However, such formal techniques must be incorporated throughout the design and development process to be effective. They cannot currently be applied to a finished product of significant size or complexity. Even when embedded into a design and development process, formal techniques of this type do not yet scale to the size of complete commercial telecommunication systems.



A security evaluation of potentially suspect equipment being deployed in critical infrastructure roles may seem like an answer to the security problems posed. Unfortunately, given the complexity of the telecommunications grid, the limitations of current security evaluation techniques, and the economics of vendor-financed analyses provide a sense of security but not actual security. Significant security is available only through a thoughtful design and engineering process that addresses a complete system-of-systems across its full lifecycle, from design to retirement and includes aspects such as discrete technology components, their interactions, the human environment, and threats from the full spectrum of adversaries. The result of such a process should be a convincing set of diverse evidence that a system is worthy of our trust.


This is who said it (full document):

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon