Just to be clear, even thinking about *aspects* of this problem is at the advanced NSF-funded research end of the spectrum. It’s possible that solving this for the case of today’s software engineering techniques is fundamentally impossible. We don’t even know.
-
-
Prikaži ovu nit
-
As it stands, the recent status report from the Huawei Cybersecurity Evaluation Center in the UK indicates that they can’t even get a handle on Huawei’s code, or even verify that it’s the same code running in hardware.https://www.google.com/amp/s/www.washingtonpost.com/world/national-security/britains-spy-agency-delivers-a-scathing-assessment-of-the-security-risks-posed-by-huawei-to-the-countrys-telecom-networks/2019/03/27/ab16d7d2-50fd-11e9-8d28-f5149e5a2fda_story.html%3foutputType=amp …
Prikaži ovu nit -
I’ve worked with people from Huawei and they were thoughtful and intelligent. I don’t see Huawei as particularly malicious. But if your threat model is “the Chinese government can make Huawei behave maliciously,” code reviews aren’t going to save you.
Prikaži ovu nit -
I think this is a great quote. https://twitter.com/ncweaver/status/1222153480355209218?s=21 …https://twitter.com/ncweaver/status/1222153480355209218 …
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
-
-
If academic twitter is representative, it seems they're also about to lose a nontrivial amount of relevant expertise due to Brexit.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
it's the same people that want to solve the brexit/NI border issue with technologies that do no exist.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
And that doesn't even start to get into trusting the hardware. It's turtles all the way down.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
I heard at
@enigmaconf there was an ML model that detects insecure code so we're goodHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
But I just heard on the IAB mailing list that attribution will save us /s
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
100% In general we have been working on reducing the risk of human malicious behavior, but we are not even slightly near of a completely secure model. How fascinating are these topics though
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.