Who Controls A Computer? A Predictive Theory of Comparative Strength in Computer Security Conflicts

Monday, April 27, 2015
11:30 AM - 1:00 PM
(Pacific)

Encina Hall (2nd floor)

Speaker: 

Abstract: Any given computer or network runs code from an enormous number of sources, including the producer of the operating system, the hardware, built-in and user-installed applications, websites, and the user herself.  Computers may also run code injected by remote attackers of various sorts including autonomous viruses, individual hackers and state-backed organizations.  What happens when the authors of these various software components have different objectives for the behavior of that single computer or network?

This talk will propose a simple theory that predicts which of these contestants will tend to win in different kinds of computer security contests, including the robustness of encrypted communications; the control of cloud-based and distributed computing systems; and some hypothetical future applications to the security of AI systems.

About the Speaker: Peter Eckersley is Technology Projects Director at the Electronic Frontier Foundation. He leads a team of technologists who do both coding and policy work to strengthen Internet security, privacy, and innovation.

His work at EFF has included several projects to improve the strength and deployment of cryptography on the Internet, including HTTPS Everywhere, the SSL Observatory, and Sovereign Keys; efforts to educate Internet users about privacy and security threats such as Surveillance Self-Defense International and Panopticlick; rallying computer scientists in opposition to Internet blacklist legislation; and efforts to make networks more neutral, open, and transparent, including the first controlled tests of packet forgery by Comcast and promoting secure forms of open wireless networks.

Peter holds a PhD in computer science and law from the University of Melbourne. His doctoral research was on digital copyright and the alternatives, including the computer security dimensions of copyright policy.