The Human Side of Security

A funny—and all too true—addition to the SANS Top 20:

H1. Humans

H1.1 Description:

The species Homo sapiens supports a wide range of intellectual capabilities such as speech, emotion, rational thinking etc. Many of these components are enabled by default – though to differing degrees of success. These components are implemented by the cerebral cortex, and are under the control of the identity engine which runs as me.exe. Vulnerabilities in these components are the most common avenues for exploitation.

Posted on December 1, 2005 at 1:01 PM21 Comments


Eli December 1, 2005 1:41 PM

“my identity engine does not run as a win32 exe…”

I think some people run that under wine…
I agree; I prefer an OpenMind, though I am particular about what patches I accept. Hmm… compiling…

Grady December 1, 2005 2:34 PM

Rational thinking is an optional upgrade, and has been known to cause conflicts with other modules.
Note that the FLOPS that any given cerebral cortex is capable of varies wildly and is only somewhat dependent on the manufacturer.

Trev December 1, 2005 2:56 PM

I had a waking dream once that I couldn’t boot in the morning – lines of assembler kept running past my eyes and then I’d crash, everything would go black, and it would start again from the beginning. It was quite vivid, and was starting to turn into a nightmare before I finally woke!

Scary, I’ve always had a vague concern about the nature of reality after reading a book – Counterfeit World, by someone I don’t remember, as a kid. The real world turned out to be a simulation, but scarily, the real world above was as well …


John Heijmann December 1, 2005 4:17 PM

We as human beings are influenced by viruses that are normally invisible for us but they can enter through microscopic small ports. All kinds of security we use to prevent, defend and eliminate these organisms don’t stop them really. It is an neverending way of struggle for life. Viruses need us and we need them. So let us be happy about it because that is the living nature. Our ‘human application software (awareness)’ should realize it.

havvok December 1, 2005 6:01 PM

“ME.EXE is a .NET Framework application”

Unfortunately the performance of me.exe was a bit of a let down compared with Native code 🙂

Delores Quade December 2, 2005 7:24 AM

@ Z:

In reading the abstract on How to Live in a Simulation:

“ABSTRACT. If you might be living in a simulation then all else equal you should care less about others, live more for today, make your world look more likely to become rich, expect to and try more to participate in pivotal events, be more entertaining and praiseworthy, and keep the famous people around you happier and more interested in you.”

It appears to me that an overwhelmingly large percentage of our World DOES believe we are living in a simulation, whether they admittedly recognize it or not, based on trends and behaviors. 🙂


yODAT December 2, 2005 10:18 AM

I upgraded from ME.EXE to a 64 bit version of SELF.EXE compiled for VMS AXP. So far it has been extreamily stable and I am the sanest person I know.

Davi Ottenheimer December 2, 2005 10:51 AM


funny, i was just about to toss my books on VMS (it seemed awfully DEC-adent to just hang on to them any longer) when i read your comment. the more things change…

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.