youtube image
From YouTube: Towards Secure Computing: Navigating the Attack Surface


Combine risk lowering strategies to get a *multiplicative* reduction in overall risk.

Mark S. Miller at UC Santa Cruz, April 2019 is a quick 15 min talk on the central theme of this talk.

Our civilization today rests on infrastructure that is not only insecure, but insecurable.We cannot eliminate risk, but we can be vastly safer. Qualitative arguments have been made for various security architectures, but without any overall framework for comparing them as alternatives or as complements. We present a visualization of the attack surface as a way to reason about aggregate risk, and show how the composition of several techniques --- blockchains, object-capability languages, patterns, protocols, user interfaces, and smart contracts --- can produce a multiplicative decrease in risk without loss of functionality.