One part of ensuring that a program is secure is checking that it is free of bugs and that it responds to odd or malformed sequences of commands without spilling any of the secrets it is meant to be guarding. This is a big task. The number of combinations of commands that can be entered into a piece of software increases exponentially as it gets more complicated. And many firms modify programs they have bought off the shelf, inadvertently introducing new bugs as they do so. It is thus no use relying on what a programmer has told you about how his code works.
Cryptosense’s penetrator, therefore, starts from scratch. First, it works its way through the list of commands that can be given to the program it is trying to subvert, in order to see how it responds. “At the end of that process it has two piles,” says Graham Steel, one of Cryptosense’s founders, “one where [the target program] did what it was supposed to do, and another pile full of error messages.” Armed with those experimental data, the virtual penetrator can work backwards, reconstructing a simulacrum of the target program whose behaviour, mistakes and all, matches reality. Thus armed, it can begin trying to break things. Even with a computer rather than a human being doing the testing, an exhaustive search of all possible sequences of commands can be time-consuming. But the testing algorithm is smart enough, says Dr Steel, to give priority to those combinations most likely to prove fruitful. (Unsurprisingly, he will not disclose how exactly that is done.) Even if Cryptosense’s automated hacker can find and plug all the holes in a particular piece of software, there will still be weak links. Software is used by people, and people can be tricked, threatened or charmed into spilling secrets. Also, what works for the good guys can work for the bad. If automatic hacking proves itself, there is nothing to prevent malicious hackers coming up with their own versions, and using those to scan for weaknesses.