The Precarious Bridge between Mathematical Certainty and Societal Trust
One of the finest principles of Bitcoin is transactions are built on math instead of institutional trust. Rather than write a contract promising, “A if B, under conditions of C,” and expecting lawyers to uphold this in a specific jurisdiction, the terms can be written indelibly in the Blockchain and enforced by cryptography.
However, people can’t speak crypto at anything like the level of machines. Instead we have to trust the machines are accurately executing our instructions. It’s not all that different than the ambassadorial translator who might alter a message or leak details of a private conversation. When I ask a device to sign something, I have to trust the ‘something’ is not altered and my private key is not shared or compromised.
How can we extend this trust? The gap between a society of people and a network of machines is bridged by a myopic collection of communication points including not much more than images, gestures and sounds. While we can type passwords or scan eyeballs these are still just interpretations of input when they cross into cyberspace.
The one thing we can trust in is physics. Where humans and networks meet is in the time-space continuum of objects. Humans can manipulate objects while objects (smart ones, that is) can manipulate the network.
With this one near-certainty of object continuity (don’t get Trekkie on me), along with another reliable fact that a device is logical, we have the tools to establish trust in the device down to the crypto that instructs our bidding. Unfortunately, here the math breaks down and we have to rely on society.
So, here are a few things to keep in mind:
Don’t play telephone.
Keep the true crypto as close as possible. When you possess a device that can hold its own in a cryptographic communication, it means you aren’t trusting a chain of increasingly unknowable environments to propagate your instruction.
Do open source.
It is an essential component of device trust. Devices are logical. If we can read the code, we can determine the behavior. However, while Open Source is certainly a better model than code obfuscation, even if every element of a device were publicly published (from the apps to the component chipsets), no one person could validate this entire implementation stack. Instead, we place trust in the community to review it for us.
Monitor supply chain reputation.
A device such as a PC touches hundreds of manufactures, each of whom contributes a piece toward the end product. If that end product is shown not to perform as advertised, damage to the offending manufacturer and its dependents can be immensely costly.
For example, GM’s recent recall of autos with a faulty ignition switch has cost them over $1.3 billion. It’s not far fetched to imagine a flaw or even an engineered back door into Intel’s or Dell’s crypto could force them into a similarly massive recall of laptops.
One could further examine vendor reputation and citizens’ rights. But, simply put, the boundary between the fuzzy world of humans and the mathematical world of networks is reliant on the provenance and configuration of devices. We need to draw on transparency, reputation and local crypto for the bridge to be trustworthy.
Image credit: CC by Rob Pongsajapan