Bruce Schneier
Schneier on Security
A blog covering security and security technology.
« Airplane Security | Main | Limitations on Police Power Shouldn't Be a Partisan Issue »
December 1, 2005
The Human Side of Security
A funny -- and all too true -- addition to the SANS Top 20:
H1. HumansH1.1 Description:
The species Homo sapiens supports a wide range of intellectual capabilities such as speech, emotion, rational thinking etc. Many of these components are enabled by default - though to differing degrees of success. These components are implemented by the cerebral cortex, and are under the control of the identity engine which runs as me.exe. Vulnerabilities in these components are the most common avenues for exploitation.
Posted on December 1, 2005 at 1:01 PM • 21 Comments • View Blog Reactions
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
my identity engine does not run as a win32 exe...
Posted by: Nils Kalchhauser at December 1, 2005 1:19 PM
"my identity engine does not run as a win32 exe..."
I think some people run that under wine...
I agree; I prefer an OpenMind, though I am particular about what patches I accept. Hmm... compiling...
Posted by: Eli at December 1, 2005 1:41 PM
I've always considered this Layer 8 of the OSI model...The Carbon Layer.
Posted by: Porter at December 1, 2005 1:55 PM
I saw a woman outside who I think was running with open ports...
Posted by: Josh at December 1, 2005 2:23 PM
Rational thinking is an optional upgrade, and has been known to cause conflicts with other modules.
Note that the FLOPS that any given cerebral cortex is capable of varies wildly and is only somewhat dependent on the manufacturer.
Posted by: Grady at December 1, 2005 2:34 PM
I find that I am at my most vulnerable state when I have a buffer overflow of beer.
Posted by: CP at December 1, 2005 2:53 PM
I had a waking dream once that I couldn't boot in the morning - lines of assembler kept running past my eyes and then I'd crash, everything would go black, and it would start again from the beginning. It was quite vivid, and was starting to turn into a nightmare before I finally woke!
Scary, I've always had a vague concern about the nature of reality after reading a book - Counterfeit World, by someone I don't remember, as a kid. The real world turned out to be a simulation, but scarily, the real world above was as well ...
Trev
Posted by: Trev at December 1, 2005 2:56 PM
We as human beings are influenced by viruses that are normally invisible for us but they can enter through microscopic small ports. All kinds of security we use to prevent, defend and eliminate these organisms don't stop them really. It is an neverending way of struggle for life. Viruses need us and we need them. So let us be happy about it because that is the living nature. Our 'human application software (awareness)' should realize it.
Posted by: John Heijmann at December 1, 2005 4:17 PM
ME.EXE is a .NET Framework application, hence, there's really nothing to worry about...
Posted by: Not-JF at December 1, 2005 4:47 PM
If the least privilege principle were applied systematically the H.1 vulnerability factor would be much more limited than today...
Posted by: Ilfak Guilfanov at December 1, 2005 5:44 PM
Trev: A bit of Google-searching yields:
Counterfeit World, (1964) aka Simulachron-3 by Daniel F. Galouye,
movie version The 13th Floor (1999).
An info site for the (late) author is at:
http://www.severing.nu/galouye.htm
Posted by: David Harmon at December 1, 2005 5:46 PM
"ME.EXE is a .NET Framework application"
Unfortunately the performance of me.exe was a bit of a let down compared with Native code :)
Posted by: havvok at December 1, 2005 6:01 PM
I know I shouldn't do this, but it's just easier to run jammit as root.
Posted by: jammit at December 1, 2005 6:12 PM
Anyone who thinks they are *not* 'living' inside a simulation, had better visit this website.
Enjoy!
http://www.simulation-argument.com/
Z
Posted by: Z at December 2, 2005 5:41 AM
@ Z:
In reading the abstract on How to Live in a Simulation:
"ABSTRACT. If you might be living in a simulation then all else equal you should care less about others, live more for today, make your world look more likely to become rich, expect to and try more to participate in pivotal events, be more entertaining and praiseworthy, and keep the famous people around you happier and more interested in you."
It appears to me that an overwhelmingly large percentage of our World DOES believe we are living in a simulation, whether they admittedly recognize it or not, based on trends and behaviors. :-)
dq.
Posted by: Delores Quade at December 2, 2005 7:24 AM
I upgraded from ME.EXE to a 64 bit version of SELF.EXE compiled for VMS AXP. So far it has been extreamily stable and I am the sanest person I know.
Posted by: yODAT at December 2, 2005 10:18 AM
@ yODAT
funny, i was just about to toss my books on VMS (it seemed awfully DEC-adent to just hang on to them any longer) when i read your comment. the more things change...
Posted by: Davi Ottenheimer at December 2, 2005 10:51 AM
> DEC-adent
Oh, God, we're not going to turn into a bunch of punsters around here, are we?
Posted by: Pat Cahalan at December 2, 2005 12:43 PM
Post a comment
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.
|
| Syndication |
|
RSS 1.0 (full text)
RSS 2.0 (excerpts) |
| Crypto-Gram Newsletter |
|
If you prefer to receive Bruce Schneier's comments on security as a monthly e-mail digest, subscribe to Schneier on Security's sister publication, Crypto-Gram.
read more |
Comments