This talk is about the science of insecurity, by which I mean the entire spectrum of exploits and vulnerabilities considered as a systematic, repeatable, and most importantly, predictive mathematical model. We're going to examine, from first principles, what it is about exploits that makes them exploits in the first place, and how we can use this systematic understanding to design and implement software in which - to borrow a turn of phrase from Dan Kaminsky - entire classes of bugs simply don't exist.
But before I get going, I want to remark on the other talk this Congress that focuses on Turing machines - Cory Doctorow's talk yesterday on "The Coming War on General Computation." You're going to hear a lot in the next hour about certain hazards of Turing-complete protocols, and I need to make clear that what I'm inveighing against is Turing machine computational power in very specific places, namely the communication boundaries between Turing-complete systems. Your CPU needs to be able to perform arbitrary computation. ICMP ECHO does not. So that's an important distinction, and do please keep it in mind.
But more important than that are Cory's spot-on observations about how the sausage gets made: how lawmakers and vendors conspire to herd users into walled gardens where, oh by the way, the folks doing the herding can lock out competitors and bleed those users to their hearts' content. It's the oldest game in the book, and it's already underway in the United States: right now there's an initiative under development called NSTIC, the National Strategy for Trusted Identities in Cyberspace, which is really just the old carrot and stick game aimed at conning citizens into voluntarily giving up any possibility of anonymity online - which is really the same as free speech online, when you get right down to it - by holding out the carrot of quote-unquote "safe" walled gardens like the iOS App Store and social networks like Google+, where the price of admission is your offline identity, backed up with a stick made from the spectre of spam and malware and evil cybercriminals on the filthy nasty Internet.
And no matter how rotten the carrot really is, the thing about human psychology is, once someone has bought into lofty and nebulous promises about matters such as security, it becomes really hard to convince them that the carrot cake is a lie. So our other option is to break the stick, and that's what we're going to talk about today.