Who Must You Trust?

Discussion in 'privacy problems' started by mirimir, Jun 8, 2014.

Thread Status:
Not open for further replies.
  1. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,031
    A friend recommended this recent article by Thomas Wadlow, "Who Must You Trust?". It's outstanding!
    https://queue.acm.org/detail.cfm?id=2630691
     
  2. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    It's a good read.

    Exactly. We're always dependent on others to some extent (and going on that analogy, not even Les Stroud will go into the Canadian woods without an axe- not even when he shot Snowshoes and Solitude). If you look around your home you'll find that almost every single item had a team of people that went into its design (not even getting into all the materials needed to make the thing and where they came from). Operating systems and software is exactly the same way.

    Though sometimes it gets tempting to go off in the woods and not have to deal with it or play that game.
     
  3. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599

    One of my all time favorites is: Partition of Trust

    The article uses different wording as pasted in below. I "trust" every hop in my circuit but should a bad apple or even two get in my mix, there would still be enough security to leave me intact. So I trust but I plan for a breach of trust. Should a singular breach happen, I will still be standing at the end of the day!



    Layer your Security

    When it comes to trust, you should not depend on any one entity for security. This is known as "defense in depth." If you can have multiple layers of encryption, for example, each implemented differently (one depending on OpenSSL, for example, and the other using a different package), then a single vulnerability will not leave you completely exposed.
     
    Last edited: Jun 8, 2014
  4. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,089
    TRUE for "trust" = "make yourself vulnerable to consequences created by other things/people"

    FALSE for "trust" = "adequately research/test/evidence-gather to establish correct, desired, behavior prior to and while making yourself vulnerable to the consequences created by other things/people"
     
  5. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    689
    Haven't read the link but just going by the title "who you MUST trust" tells me I think this words misused. Trust can't be simply commanded or decided on in the name of convenience or because there's no other option. Trust has to be earned.

    To trust someone is to absolutely believe 100% they'll do what they say. Anything less is simply hope. Of course there's not one single person we can trust in everything and nor do we need to.
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,031
    There much more to it than that. I recommend reading the linked article :)
     
  7. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    689
    OK read it. Yes, great article mirimir. :) As for the usage and the meanings of words, its still "trust according to technology," rather than "technology according trust". Im sure it was you or someone who said somewhere "trust no one". I agree, because in this setting and all that technology involves isn't conducive to a fail safe scenario.
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,031
    Fair enough :)

    As I read it, it's about how best to proceed when you know that you can't entirely trust anyone, or anything.
     
Thread Status:
Not open for further replies.