Secret City - Trailer season 1
Short (6 episodes) series about modern day espionage in Australia. The arch villain reminds me of Hillary Clinton. That's not a coincidence, is it?
Everyone is chasing a SIM card from a smart phone. Supposedly it's contains a secret that someone is willing to kill to protect. The government security outfits (an alphabet soup of acronyms, much like what we have here in the USA) is very interested in this tiny little computer part.
One government agency has a TSA like security protocol for anyone coming into the building. They even have cell phone lockers for employees where employees can leave their smart phones when they come into the building. But the employees use computers inside the building that are connected to the outside world. How secure is that? It could be very secure if the people who are in charge of computer security know what they are doing, but if they are using any kind of commercial software there are going to be holes.
Problem is the way modern computers use RAM (random access memory). Any computer program is composed of two parts: code and data. The code is the program (the sequence of instructions) that the CPU (central processing unit) executes, and the data is what those instructions operate on. Both code and data reside in RAM and while there are flags that can be set that will tell you whether a particular block of RAM contains code or data, those flags can be changed, so what was once data can now become code and vice versa.
You can test your code all you want, verify that it has no holes and will not let anyone do anything that would allow the release of confidential information, but if you allow a program to change that flag on a block of data (which undoubtedly came from outside), you will now have a wild program running loose in your system.
Java, on the other hand, is not allowed on Chromebooks because it cannot be contained. You could make a Java interpreter that was constrained, but that is another software project that would need to be tested, vetted and verified.
I'm thinking if you want a secure computer system, you would need to write the code yourself, which means you are going to need an army of programmers. Big government agencies can afford that, but there are not too many people who are creative enough to write code and are docile enough to work with the restrictions imposed by working for a big Federal agency. Plus, programmers are people too, so some of them are liable to take short cuts, like 'borrowing' code from outside. And there might be a point where your system becomes so complex it is not possible to know whether every component has been rigorously tested and is known to be secure.
All it takes is one little loophole known to one guy and the whole thing can be compromised.