Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

5/22/2019
10:30 AM
Ari Singer
Ari Singer
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
100%
0%

The 3 Cybersecurity Rules of Trust

Every day, keeping anything secure requires being smart about trust. The rules of trust will keep you and your data safer.

Do you trust me?

Why wouldn't you? I'm honest, have strong credentials in cybersecurity, and helped design security solutions for top technology companies and government entities.

But hold on — you don't know me from a hole in the ground. Am I fictitious? The advanced degrees in my office — are they real? My six patents — real or exaggerated? You have to trust your instincts on whether I'm trustworthy.

That's the central problem everyone faces in information security today. Casual hackers, organized crime, government-sponsored hackers, secret backdoors, malicious insiders, corrupt supply chains, and porous technological defenses all contribute to our predicament. You can listen to experts, hire security professionals, buy technologies from the right companies, and still lose the security battle. Bulletproof solutions would be prohibitively expensive, and standard off-the-shelf solutions may not keep you safe.

The Rules of Trust
You already make trust decisions based on a framework every day. You let hotel staff clean your suite but don't leave cash out on the dresser. You give your credit card to Amazon.com, but not to that dubious character selling designer-brand watches on the sidewalk. You invest in established mutual funds but not the get-rich-quick scheme that your friend's cousin swears is a sure 1,000% return on investment.

How do you make those decisions? Simple: You follow three Rules of Trust:

  • All things being equal, trust as little as possible.
  • Use evidence and experience to measure trustworthiness.
  • Trust proportionally to risk.

That's it. You're set. Easy, right?

You know better; trust is no precise science. Even if you follow the rules carefully, you'll get burned sometimes for being too trusting, or miss out on something for not trusting enough. Yet on the whole, following these three Rules of Trust will help you make better cybersecurity decisions.

Be Untrusting
Rule 1: "All things being equal, trust as little as possible."

In other words, allow attackers fewer ways to compromise you. Make life harder for them. Reduce your "attack surface."

Making data inaccessible is the best kind of security. If your secrets are not on — or passing through — your computer, bad guys probably can't get them. When feasible, keep super-sensitive stuff on paper or an external drive that is usually disconnected from your computers. Anything transmitted could be stolen before it arrives. When you send a private e-mail or post in a closed community assume it will be read by unintended parties. Our collective defenses are too weak to assume anything else. Despite your carefulness, many people and organizations (sadly) could get malware onto your computer, if they targeted you.

Measure Trustworthiness
No doubt you load all your favorite software on your computer, and 20+ apps on your smartphone, and access email on both devices, probably using public Wi-Fi. Fine. Being untrusting doesn't mean being a digital hermit. To be productive, we all sometimes need sensitive material on our devices — so we all must learn to gauge trustworthiness.

Rule 2: "Use evidence and experience to measure trustworthiness."

A few tips to measure risk levels:

  • More code = more risk: Programs with 10,000 lines of code could actually be reviewed by careful developers. Software with 10 million lines of code (sorry, Microsoft) is going to have a lot of bugs and create more risk.
  • More programs = more risk: Picking which permissions to grant your smartphone apps is complicated. Once you install more than a couple apps, risk balloons. It takes just one malicious app to compromise your system. One survey found companies average over 480 cloud and on-premises applications in use, and they're attacked 500 times per day.
  • Hardware tends to be safer than software: It's very expensive to change hardware, so hardware vendors work hard to make sure it's exactly right before it reaches you. Security hardware often provides isolation capabilities that block malware on your machine from accessing data.
  • Old technology and too-new technology may be vulnerable: Criminals eventually find ways around almost any security. You'll need to adopt new kinds of security over time, but don't always trust the salesperson, who may not know about vulnerabilities that haven't been fixed.
  • Doing homework helps: Are your hardware and software from reputable vendors? Do people trust their security? Your intuition is often an accurate guide, too.

Distrust and Verify
When you must trust, Rule 3 is important: 

Rule 3: "Distrust proportionally to the level of risk."

Your risk level is based on an attacker's cost and motivation to take what's yours — and on the value of your assets to you. If you treasure that data, and criminals want it, distrust much — and verify more. High risk? Then attacks are coming. Consider two-factor authentication, and remember your measure of trustworthiness; verify that you really trust the software and hardware you use.

The security you have today is probably sufficient, if your assets have low value to attackers — or if the attack costs more than the assets are worth. Most attackers seek profit, after all.

Every day, keeping anything secure requires being smart about trust. Stay alert, evaluate continually, and adjust security as things change. Your decisions about trust will factor into almost every choice you have. The rules of trust will keep you and your data safer. Trust me; I'm a security CTO. Maybe.

Related Content:

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Ari Singer, CTO at TrustiPhi and long-time security architect with over 20 years in the trusted computing space, is former chair of the IEEE P1363 working group and acted as security editor/author of IEEE 802.15.3, IEEE 802.15.4, and EESS #1. He chaired the Trusted Computing ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15208
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can ...
CVE-2020-15209
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one....
CVE-2020-15210
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and ...
CVE-2020-15211
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices f...
CVE-2020-15212
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `outpu...