In Terminator 3, the SkyNet AI distributes itself globally, becoming invulnerable to destruction, by exploiting the fundamental failure of computer security. it then destroys the world when it gains control of America's nuclear missiles. While this is a considerably more serious disaster than any wrought so far by cyber-crackers, cyber-terrorists, or cyber-warriors, the flaws that make SkyNet unstoppable are the same flaws that make crackers, terrorists, and warriors possible. The same fix that eliminates crackers can terminate the Terminators.
This presentation starts by examining in detail the fundamental flaw in computer security today--the ludicrously excessive authority granted to even silly programs like Barbie Fashion Designer. We go on to see how the Principle of Least Authority (also known as the Principle of Least Privilege), once ubiquitously applied, can end the madness while simultaneously making the user interface to security simpler than it is today.
About the speaker:
Mr. Stiegler is currently a Visiting Scholar at Hewlett-Packard. Previous to this appointment, as COO of Combex Inc., Mr. Stiegler led a DARPA research contract to build a
working prototype of a capability secure desktop that is invulnerable to
traditional computer viruses and trojan horses. Mr. Stiegler designed and
implemented the application launch framework for the desktop, developing new
forms of user interface/security integration that allow people to safely use
even virus-ridden applications without having to work with even the normal
litany of foolish security dialog boxes, passwords, and certificates. This
desktop was later demonstrated in Mr. Stiegler's presentation, "Exploiting
Virus-Laden Software", for the O'Reilly Emerging Technology Conference in
Highlights of Stiegler's earlier works include serving as VP of Engineering for Autodesk, and winning the Software Publisher's Association Best New Business Software Award for DecideRight in 1996.His sf novel Earthweb depicts a future in which a mature Web, with advanced features such as bidirectional links and idea futures, becomes the underpinning fabric of global society.
Palo Alto, Ca