Alan Turing, undecidable problems, and malware

January 25, 2017 | By Comodo

In 2003, Oxford University Philosophy Professor Nick Bostrom posed the following question: what if an artificial intelligence (AI) machine were given just one task: to create as many paper clips as possible? If you think about it, this AI machine might decide to kill off the human race. Why? Because 1) humans may decide to turn it off, and 2) humans are made up of atoms that could be used to make more paper clips.

Malware

Alan Turing thought about such information technology challenges almost a century ago. In 1936, Turing argued that humans can never predict whether a computer (a “Turing machine”), even given infinite processing power, storage space, and time, will provide a final Yes or No answer (given a random program and random input). In other words, we cannot know if or when a computer will finish its work, or simply run forever, calculating who knows what. The reason is that any algorithm can be made to contradict itself. Therefore, humans just have to wait for a computer to provide some kind of answer, and then evaluate whether it is what they were looking for, and whether the result seems reasonable.

Over the years, there have been interesting variations on this theme. In 1983, Turing Award winner Ken Thompson argued that an evil compiler could automatically insert a secret backdoor into every program it generates, and that no one could know about it because every “trace of malice” in the compiler’s source code could be removed. The moral, Ken wrote, is that you cannot trust code that you do not “totally” create yourself – including the compiler.

These are not idle, philosophical questions with no practical value. For the analysis of malicious code – or “malware” for short – simple programs do not pose too much of a problem. However, in the current IT landscape, there is simply too much “attack space.” Hackers regularly sneak malware into images, advertisements, software updates, steganography, and more within the millions of lines of code passing through your network every day. And even with access to source code, it is not possible to discover all possible vulnerabilities and attacks, from buffer overflows to SQL injection techniques.

Furthermore, we have to consider the impact of time. Software analysis is not only complex, but also time-consuming. In the Internet era, the average human’s attention span is down to 9 seconds. Consider an analogy from tournament chess, where each player has two opponents: the person sitting across the table, and the ticking chess clock. The business world has the same problem: time is money, and you have to move fast.

Users, especially working in enterprise environments, need access to many applications, programs, and files – some of which are unknown and untrusted. Attackers know that complexity and time pressure are a dynamite combination. As a result, there is always some new code for which antivirus solutions or any automated detection method cannot deliver a reliable verdict within a reasonable time frame. With Alan Turing as our witness, we have a scientific proof that your security solution will fail to detect some of the malware.

So what is the best way to keep your network secure, and to keep productivity high, given that some of the applications you need may have malicious functionality? Comodo has developed the industry’s most sophisticated solution. Our containment technology allows for the execution of untrusted code within a quarantined, very limited space where malicious behavior is simply not allowed. The unknown and untrusted code cannot damage your computer or IT infrastructure. Comodo is the only company that offers such a high level of flexibility and usability, where users do not see any adverse impact on their operations, and yet are 100% protected from malware.

Antivirus

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>