Wednesday, October 10, 2007

Trusted vs Trustworthy

From a recent Secunia advisory post:
Do not browse untrusted websites, follow untrusted links, or open untrusted .PDF files." [italics are mine]
What a paradox. "Trust" is an action. If you browse to a website, you are trusting that website. If you clicked a link, then you trusted that link. An "untrusted" PDF file is one that was never opened. By contrast, an opened PDF file is a trusted file. Why are they instructing you to do what you already do?

What Secunia means to say is:
"Do not browse untrustworthy websites, follow untrustworthy links, or open untrustworthy .PDF files."

There is a huge difference between trustworthiness and trust. Trust is an action and, as a result, a set of relationships (e.g. Alice trusts Bob; Bob trusts Charlie; therefore, Alice transitively trusts Charlie). Trustworthiness is an estimate of something's (or someone's) worthiness of receiving somebody else's trust. Trust relationships can be mapped out-- it just takes time. Trustworthiness, on the other hand, is very difficult to quantify accurately. I also just discussed this in the context of open source and security.

If those of us in the security community don't get the difference between trust and trustworthiness, then how in the world will our systems protect users who may never understand?

No comments: