the almost total absence of realistic long-term thinking and oversight contributed
to worldwide economic problems.
Optimizing for short-term gains often
tends to run counter to long-term success (except for the insider investors,
who having taken their profits have little interest in the more distant future).
Although this may not seem like a typical Inside Risks case, it is certainly illustrative of the main theme here.
the Future
The ACM Risks Forum has helped dramatize past experiences with the effects of design faults, system security
vulnerabilities, system failures and errors, and the pervasive roles of people
throughout. Previous columns have
highlighted the importance of understanding these experiences and applying them diligently in the future.
Social engineering (exploiting human weaknesses) is a significant factor
in system penetrations, inadvertent insider misuse, and above all the spread
of malicious malware and other forms
of malicious misuse combined with the
existence of vulnerable systems whose
exploitation permits email and Web-based scams to facilitate online identity
fraud and other forms of malfeasance.
For example, innocently clicking on
a seemingly legitimate link is a common failing. Ultimately, no matter how
trustworthy individual hosts, servers,
and networks might become, users
will need much greater help in detecting and avoiding scams and deception.
For example, human frailties such as
greed, gullibility, and obliviousness
to the risks will clearly persist. Thus,
widespread computer literacy is an urgent goal, involving both short-term
and long-term aspects. Nevertheless,
designing systems, networks, and applications that wherever possible effectively mask the overall complexity and
concerns for trustworthiness must also
be a long-term goal.
Conclusion
Although this column has barely
scratched the surface of an iceberg-like collection of problems, it addresses the need for urgently developing
compelling logical and realistic justifications for embedding long-term
thinking into our planning. Commodity hardware/software aims at the
new computing
technologies
tend to introduce
new security
vulnerabilities,
as well as
reintroduce
earlier ones.
mass market; on the other hand, what
is needed for certain critical applications such as national infrastructures,
secure and resilient cloud servers,
and so on is the existence of meaningfully trustworthy networked systems.
Thus, there is a major disconnect
that requires some long-term thinking to overcome. Unfortunately, the
real-world arguments for short-term
optimization are likely to continue to
prevail unless significant external and
internal efforts are made to address
some of the long-term needs.
References
1. dave, n. a unified Model for hardware/software
Codesign. Ph.d. thesis, MIt, Cambridge, Ma, 2011.
2. kahnemann, d. Thinking, Fast and Slow. Farrar,
strauss and giroux, 2011.
3. neumann, P.g. holistic systems. ACM ACM SIGSOF T
Software Engineering Notes 31, 6 (nov. 2006), 4–5;
http://www.csl.sri.com/neumann/holistic.pdf.
4. neumann, P.g. Psychosocial implications of computer
software development and use: Zen and the art
of computing. In Theory and Practice of Software
Technology, d. Ferrari, M. bolognani, and J. goguen,
eds., north-holland, 1983, 221–232.
5. neumann, P.g. the foresight saga. Commun. ACM
50, 9 (sept. 2006); http://www.csl.sri.com/neumann/
insiderisks06.html#195.
6. neumann, P.g. and Watson, r.n. M. Capabilities
revisited: a holistic approach to bottom-to-top
assurance of trustworthy systems. Fourth layered
assurance Workshop, u.s. air Force Cryptographic
Modernization office and aFrl (austin, tX, dec.
2010); http://www.csl.sri.com/neumann/law10.pdf.
7. Watson, r.n.M. et al. CherI: a research platform
deconflating hardware virtualization and protection,
runtime environments/systems, layering, and
virtualized environments. resolVe workshop
(london, u.k., Mar. 3, 2012); http://www.csl.sri.com/
neumann/2012resolve-cheri.pdf.
Peter G. neumann ( neumann@csl.sri.com) chairs the
aCM Committee on Computers and Public Policy and
moderates the aCM risks Forum ( http://www.risks.org).
he is very grateful to his committee members for their
long-standing incisive feedback on Inside risks columns—
including this one!
Copyright held by author.
Calendar
of Events
October 15–18
31st international conference on
conceptual Modelings,
florence, italy,
contact: de Antonellis Valeria,
email: valeria.deantonellis@ing.
unibs.it
October 15–19
AcM sigUccs Annual
conference,
Memphis, tn,
sponsored: sigUccs,
contact: carol rhodes,
phone: 812-856-2007,
email: csrhodes@indiana.edu
October 15–19
conference on systems,
programming, and
Applications: software for
Humanity,
tucson, AZ,
sponsored: sigplAn,
contact: gary t. leavens,
phone: 407-823-4758,
email: leavens@eecs.ucf.edu
October 21–24
conference on systems,
programming, and
Applications: software for
Humanity,
tucson, AZ,
sponsored: sigplAn,
contact: gary t. leavens,
phone: 407-823-4758,
email: leavens@eecs.ucf.edu
October 22–24
the 14th international AcM
sigAccess conference on
computers and Accessibility,
Boulder, cO,
sponsored: sigAccess,
contact: Matt Huenerfauth,
phone: 646-639-3815,
email: matt@cs.qc.cuny.edu
October 22–26
international conference on
network and service
Management,
las Vegas, nV,
contact: Medhi deep,
email: dmedhi@umkc.edu
October 22–26
5th international conference
of security of information and
networks,
Jaipur, india,
contact: Manoj singh gaur,
email: gaurms@gmail.com