From: Harvey Newstrom (mail@HarveyNewstrom.com)
Date: Tue Jul 16 2002 - 08:10:46 MDT
On Tuesday, July 16, 2002, at 05:05 am, Anders Sandberg wrote:
> In the end, I think the big issue is whether trust is on the increase or
> decrease. It is a cultural issue, and not just about what pays and
> doesn't pay, but what symbols and values are promoted by ourselves. When
> integrity becomes highly valued, then trust will also increase.
In rigorous security analysis, it turns out that trust is a bad thing.
Trust only occurs when someone is unable to verify something or to
control something. Then you are in a position to have to "trust"
someone or something to not be deceptive. Stronger security occurs when
trust is unnecessary and the integrity of a claim is demonstrated in
some way. If all parties can separately verify the integrity of
information, they can assure themselves of its worthiness without having
to trust anyone. For example, counting your change is a better check of
a transaction than reputation and trust of the cashier.
-- Harvey Newstrom, CISSP <www.HarveyNewstrom.com> Principal Security Consultant <www.Newstaff.com>
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:15:29 MST