lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1094149622.9497.100.camel@localhost.localdomain>
From: dave at immunitysec.com (Dave Aitel)
Subject: Security & Obscurity: physical-world
	analogies

On Thu, 2004-09-02 at 12:24, Peter Swire wrote:
> 	Here are arguments for why it is useful to think systematically
> about the relationship between computer- and physical-security issues.
<snip>
> > Peter might be much better to concentrate on the realities and forget
> > about straw-man analogies.  What do you think?
> 
> 	I think there is a strong analytic similarity between a firewall
> and physical settings where guards are deciding whether to let
> people/trucks/etc. through a gate.
> 
> 	In both cases, the outsiders might be attackers who want to gain
> control over the system (physical attackers infiltrating and computer
> attackers seeking root control).
> 
> 	In both cases, the outsiders might be attackers who want to get
> information about the inside (physical attackers spying out the lay of
> the land and computer attackers downloading files or getting other
> information).
> 
> 	In both cases, there is "filtering" by the defenders.  Some
> entrants are excluded.  Some get more intensive screening.  The level of
> filtering varies with the perceived level of the threat.
> 
> 	Three reasons why studying physical and computer security
> together is useful.  First, at the level of analytic understanding, the
> paper tries to give a unified way to assess when openness is likely to
> help security (conditions closer to what the paper calls the Open Source
> paradigm) and when openness is likely to reveal vulnerabilities that
> create net problems (conditions closer to what the paper calls the
> Military paradigm).  A unified theory is an academic/intellectual gain.
> 


The thing about a straw man is that it looks a LITTLE bit like a man,
but then it turns out not to be a man at all. A firewall is like a gate,
a service is like a window, and a server is like a house, etc. etc. But
you can't take two non-traitors and have them automatically combine
voltron-like into one super traitor on the back end of a gatehouse,
which you can do with a firewall or information filtering device.
There's just no good analogy for the real work of hacking that can apply
to a simplistic physical model. 


> 	Second, policymakers in the government and management in
> companies have to decide, every day, what should be secret and what
> should be open.  Not everyone has time to read FD an hour a day to
> become expert in all these things!!  The paper tries to give a useful
> way for decisionmakers to get an approximation of what sorts of things
> should be disclosed.  A unified approach can help decisionmakers.

Or it can handicap them, because they're basing their decisions on an
incomplete, unverified model that doesn't correspond to reality.


Dave Aitel
Immunity, Inc.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ