Are mathematical formulas the best answer to date against hacking? This is what Wired’s Kevin Hartnett explains in “Computer Scientists Close In On Perfect, Hack-Proof Code,” an article he posted on Huffington Post. Several computer scientists are experimenting on a coding method that would make it “impossible” to hack. It’s a sign of relief to learn that a great deal of effort is being put together to make hack-proof code a reality. Perhaps this is possible, but I’m almost certain attackers will eventually figure out a way to break into the system.
Tests are now being conducted using a helicopter code named as “Litte Bird.” Kevin reports that a team of hackers could have taken over the helicopter almost as easily as it could break into a home Wi-Fi. However, engineers from the Defense Advanced Research Projects Agency had implemented a new kind of security mechanism software system that couldn’t be commandeered. The writer goes further to add that key parts of Little Bird’s computer system were unhackable with “Existing technology, its code as trustworthy as a mathematical proof.” I’m looking forwards to see whether this coding method will emerge as unhackable as intended.
http://www.huffingtonpost.com/entry/computer-scientists-close-in-on-perfect-hack-proof_us_57e93bf1e4b05d3737be6460?section=us_technology
It is interesting about reading the history of this style of coding referred to as formal verification. Most code is written to work, and if its tested, to work most of the time. This opens the bugs as its difficult to test all cases like if someone tries to stack or buffer overflow. The strongest way to implement this would probably be to have the verification logic built into the hardware when possible. It sounds like DARPA wants to secure chunks of code that are critical that no one gets in. Hopefully that can be put to use in public systems as well.
I get nervous when ever we call code “unhackable.” I don’t believe anything is ever “unhackable.” It’s good we are spending a lot of time to make sure the code is as locked down as possible before it is sent to production. I think following general security standards while developing, will reduce a majority of the vulnerabilities we face today.