Security through Distrusting when trust is bad – ESD18

The word “trust” is heavily misused in cybersecurity. We relate it to hardware, software or technology. We want each element to be trusted or, in other words, not to require undue attention. But is it really so? Because the word ‘trusted’ means that a given component may effectively compromise our entire system. After all, we are not always in control of every element comprising our IT system, such as chipset controllers, USB ports or BIOS.

Joanna Rutkowska – from the ‘Invisible Things Lab & Qubes OS Project’ talks about how extensive trust in technology can become a source of cybersecurity-related problems and how to deal with them. This was the second speech given during the last edition of EXATEL Security Days 2018.

Would you like to see and hear other speeches? You can watch them on our website:

The videos are available on our YouTube channel.

About EXATEL Security Days 2018

This year’s edition is already the third conference on the practical side of cybersecurity. The principle we follow is – as little theory, and as much practice and action as possible. The last two days have seen the fastest changes in the cybersecurity sector in history, and questions on the impact of IT on everyday life, and the condition and functioning of the state were asked, so decidedly for the first time.

Discussions on cybersecurity have moved from the conference to media headlines. #CoDalej [#whatnext] – this was the slogan we decided to promote this year’s EXATEL Security Days with. For it is clear that cybersecurity is entering a new age – an era that will affect everyone through completely new contexts. The Internet of Things, 5G, national IT infrastructure, industry 4.0, hybrid conflicts – many of these phenomena were not considered a year or two ago. What to invest in so as not to lag behind in this “arms race”?

Joanna Rutkowska