lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <200505220341.j4M3fJOE001804@turing-police.cc.vt.edu>
Date: Sun May 22 04:41:31 2005
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Can ISO15408 evaluated products be trusted? 

On Sat, 21 May 2005 06:36:29 PDT, Nora Barrera said:

> What's the use of security functions if they can be circumvented?

Rule #1 of security: It's never perfect.

Rule #2 of security: It's stupid to spend more effort on security than you
need to.

Rule #3 of security: Good security features raise the attacker's cost faster
than they raise your cost.  Bad security features are the opposite.

Rule #4 of security: The "right security" is that set of features which raises
the attacker's cost to equal the value of the target, while having the lowest
total sum cost to you.

Almost all bank vaults have security functions (big lockable doors, solid walls,
and so on).  The fact that they are still circumventable doesn't mean they're
useless.  If the bank has (for instance) an average of $150K in the vault at
a given time, they don't need perfect security - they only need enough security
so it costs an attacker at least $150K to break it. Yes - there's probably some
psycho asshole bank robber who will attack the bank *anyhow*, even if it costs
him $250K and he ends up $100K in the hole.  Since it's going to cost you
a lot *more* to stop the $250K attack, your best bet at that point is to
quit improving the security any further, and just shell out the $5K/year in
insurance premiums to cover the bank's losses.. ;)  (This also explains why
major branches that may have $3M in cash have lots more sophisticated vaults
than tiny branches, which tend to the wimpier vaults...)

Why is the credit card system basically insecure?  Because the banks have
figured out that if they spend $X, the fraud rate will be 3%, but to push it down
to 1% would cost a LOT more $X.  What maximizes their return seems to be
spending enough on security to keep the fraud rate around 2%.  

Schneier's "Secrets and Lies" has a lot more good stuff to say about this...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050521/02ffec9e/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ