[Cryptography] Trustworthiness
Ray Dillinger
bear at sonic.net
Tue Jun 20 20:54:24 EDT 2017
On 06/20/2017 05:29 AM, iang wrote:
> On 18/06/2017 11:26, mok-kong shen wrote:
>
>> P. G. Neumann wrote in his article: Trustworthiness and Trustfulness
>> are Essential,
>> CACM, vol.60, p.28:
>>
>> "The concept of trustworthiness seems to becoming supplanted with
>> people falsely
>> placing their trust in systems and people that are simply not
>> trustworthy...
>> Are there any practical remedies in sight?
> In practice, anything labelled with trust was a bit of a bait&switch.
> The notion that people could "trust" systems was a misuse of the word.
> In practice people rely on systems, not trust them. You don't trust
> your car to get you to work, except euphemistically instead you rely on it.
What is needed is for people to understand that "trust" here is a
pejorative. You trust your car to get you to work, meaning you know
that you can't get to work if it breaks down.
In every case, trusting anything means acknowledging that it is a thing
that must either work as expected or cause you to fail.
If you lived close enough to a bus line that you didn't have to trust
your car to get you to work in the morning, that would be a good thing,
because not having to trust something means being less likely to fail.
The Trusted Platform Module, for example, is named correctly. "Trusted"
means simply that it introduces an additional risk of failure.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170620/c5f03a12/attachment.sig>
More information about the cryptography
mailing list