The technology and know-how exists to build a hack-proof computer, but doing so won't be easy, says Howard Shrobe, principal research scientist at the Massachusetts Institute of Technology's Computer Science and Artificial Intelligence Laboratory, or CSAIL.
Creating such a secure system would require re-architecting legacy systems and abandoning long-used and popular programming languages, such as the C-family of languages, he says in an interview with Information Security Media Group.
The critical question isn't whether safer computer systems can be designed, but whether key players - including technology makers - can be incentivized to do so, he says. "The key enabler for all of that is actually having a well-specified set of architectural principles that would give you some guarantees about cyber safety," Shrobe says. "I think we know what enough of those are to proceed along those lines."
In the interview (see audio link below photo), Shrobe:
- Describes microchips from Intel that prevent buffer overflow to mitigate vulnerabilities that facilitate hacking;
- Explains why popular languages such as C and its offshoots must be abandoned in favor of modern and more secure programming languages; and
- Discusses the types of incentives that could encourage adoption of technologies and processes needed for a hack-proof computer.
"There's evidence that the major manufacturers see security as something they need to attend to," Shrobe says.
Shrobe is faculty co-director of MIT's Cybersecurity: Technology, Application and Policy, a six-week, online course starting March 14 that's aimed at providing IT and IT security practitioners with a wide-ranging exploration of cybersecurity technologies and applications. He has a Ph.D. in computer science from MIT. Schrobe joined CSAIL as a research scientist in 1978 and was promoted to principal research scientist in 1980.