[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Security & Obscurity: physical-world analogies

To: Peter Swire <peter@xxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Security & Obscurity: physical-world analogies
From: Dave Aitel <dave@xxxxxxxxxxxxxxx>
Date: Thu, 02 Sep 2004 14:27:02 -0400

On Thu, 2004-09-02 at 12:24, Peter Swire wrote:
>       Here are arguments for why it is useful to think systematically
> about the relationship between computer- and physical-security issues.
<snip>
> > Peter might be much better to concentrate on the realities and forget
> > about straw-man analogies.  What do you think?
> 
>       I think there is a strong analytic similarity between a firewall
> and physical settings where guards are deciding whether to let
> people/trucks/etc. through a gate.
> 
>       In both cases, the outsiders might be attackers who want to gain
> control over the system (physical attackers infiltrating and computer
> attackers seeking root control).
> 
>       In both cases, the outsiders might be attackers who want to get
> information about the inside (physical attackers spying out the lay of
> the land and computer attackers downloading files or getting other
> information).
> 
>       In both cases, there is "filtering" by the defenders.  Some
> entrants are excluded.  Some get more intensive screening.  The level of
> filtering varies with the perceived level of the threat.
> 
>       Three reasons why studying physical and computer security
> together is useful.  First, at the level of analytic understanding, the
> paper tries to give a unified way to assess when openness is likely to
> help security (conditions closer to what the paper calls the Open Source
> paradigm) and when openness is likely to reveal vulnerabilities that
> create net problems (conditions closer to what the paper calls the
> Military paradigm).  A unified theory is an academic/intellectual gain.
> 


The thing about a straw man is that it looks a LITTLE bit like a man,
but then it turns out not to be a man at all. A firewall is like a gate,
a service is like a window, and a server is like a house, etc. etc. But
you can't take two non-traitors and have them automatically combine
voltron-like into one super traitor on the back end of a gatehouse,
which you can do with a firewall or information filtering device.
There's just no good analogy for the real work of hacking that can apply
to a simplistic physical model. 


>       Second, policymakers in the government and management in
> companies have to decide, every day, what should be secret and what
> should be open.  Not everyone has time to read FD an hour a day to
> become expert in all these things!!  The paper tries to give a useful
> way for decisionmakers to get an approximation of what sorts of things
> should be disclosed.  A unified approach can help decisionmakers.

Or it can handicap them, because they're basing their decisions on an
incomplete, unverified model that doesn't correspond to reality.


Dave Aitel
Immunity, Inc.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Security & Obscurity: physical-world analogies
  - From: Peter Swire

Prev by Date: Re: [Full-Disclosure] win2kup2date.exe ?
Next by Date: Re: [Full-Disclosure] Security & Obscurity: First-time attacks and lawyer jokes
Previous by thread: [Full-Disclosure] Security & Obscurity: physical-world analogies
Next by thread: Re: [Full-Disclosure] Security & Obscurity: physical-world analogies
Index(es):
- Date
- Thread