On Thu, 2004-09-02 at 12:24, Peter Swire wrote: > Here are arguments for why it is useful to think systematically > about the relationship between computer- and physical-security issues. <snip> > > Peter might be much better to concentrate on the realities and forget > > about straw-man analogies. What do you think? > > I think there is a strong analytic similarity between a firewall > and physical settings where guards are deciding whether to let > people/trucks/etc. through a gate. > > In both cases, the outsiders might be attackers who want to gain > control over the system (physical attackers infiltrating and computer > attackers seeking root control). > > In both cases, the outsiders might be attackers who want to get > information about the inside (physical attackers spying out the lay of > the land and computer attackers downloading files or getting other > information). > > In both cases, there is "filtering" by the defenders. Some > entrants are excluded. Some get more intensive screening. The level of > filtering varies with the perceived level of the threat. > > Three reasons why studying physical and computer security > together is useful. First, at the level of analytic understanding, the > paper tries to give a unified way to assess when openness is likely to > help security (conditions closer to what the paper calls the Open Source > paradigm) and when openness is likely to reveal vulnerabilities that > create net problems (conditions closer to what the paper calls the > Military paradigm). A unified theory is an academic/intellectual gain. >
The thing about a straw man is that it looks a LITTLE bit like a man, but then it turns out not to be a man at all. A firewall is like a gate, a service is like a window, and a server is like a house, etc. etc. But you can't take two non-traitors and have them automatically combine voltron-like into one super traitor on the back end of a gatehouse, which you can do with a firewall or information filtering device. There's just no good analogy for the real work of hacking that can apply to a simplistic physical model. > Second, policymakers in the government and management in > companies have to decide, every day, what should be secret and what > should be open. Not everyone has time to read FD an hour a day to > become expert in all these things!! The paper tries to give a useful > way for decisionmakers to get an approximation of what sorts of things > should be disclosed. A unified approach can help decisionmakers. Or it can handicap them, because they're basing their decisions on an incomplete, unverified model that doesn't correspond to reality. Dave Aitel Immunity, Inc. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
