Amazon Has Trucks Filled with Hard Drives and an Armed Guard

From an interview with an Amazon Web Services security engineer:

So when you use AWS, part of what you’re paying for is security.

Right; it’s part of what we sell. Let’s say a prospective customer comes to AWS. They say, “I like pay-as-you-go pricing. Tell me more about that.” We say, “Okay, here’s how much you can use at peak capacity. Here are the savings we can see in your case.”

Then the company says, “How do I know that I’m secure on AWS?” And this is where the heat turns up. This is where we get them. We say, “Well, let’s take a look at what you’re doing right now and see if we can offer a comparable level of security.” So they tell us about the setup of their data centers.

We say, “Oh my! It seems like we have level five security and your data center has level three security. Are you really comfortable staying where you are?” The customer figures, not only am I going to save money by going with AWS, I also just became aware that I’m not nearly as secure as I thought.

Plus, we make it easy to migrate and difficult to leave. If you have a ton of data in your data center and you want to move it to AWS but you don’t want to send it over the internet, we’ll send an eighteen-wheeler to you filled with hard drives, plug it into your data center with a fiber optic cable, and then drive it across the country to us after loading it up with your data.

What? How do you do that?

We have a product called Snowmobile. It’s a gas-guzzling truck. There are no public pictures of the inside, but it’s pretty cool. It’s like a modular datacenter on wheels. And customers rightly expect that if they load a truck with all their data, they want security for that truck. So there’s an armed guard in it at all times.

It’s a pretty easy sell. If a customer looks at that option, they say, yeah, of course I want the giant truck and the guy with a gun to move my data, not some crappy system that I develop on my own.

Lots more about how AWS views security, and Keith Alexander’s position on Amazon’s board of directors, in the interview.

Found on Slashdot.

Tags: , ,

Posted on January 4, 2021 at 6:11 AM52 Comments

Comments

Winter January 4, 2021 6:39 AM

“of course I want the giant truck and the guy with a gun to move my data, not some crappy system that I develop on my own.”

Scenes from Breaking Bad come to mind.

But I love the new incantation of the old saying:
Never underestimate the bandwidth of a station wagon full of tapes hurtling down the highway.

This was true in 1989 when Andrew Tannenbaum quoted it (I have heard it from several other sources), and it is still true today with different hardware.

David Rudling January 4, 2021 6:49 AM

“.. we make it easy to migrate and difficult to leave.”
The prosecution rests its case.

Alext January 4, 2021 6:58 AM

[quote]“.. we make it easy to migrate and difficult to leave.”
The prosecution rests its case. [/quote]

Most excellent 👍

Winter January 4, 2021 7:12 AM

““.. we make it easy to migrate and difficult to leave.”
The prosecution rests its case.”

What, the truck does not drive my data back to me?

How unexpected.

metaschima January 4, 2021 7:31 AM

Very interesting, I never knew about this truck full of hard drives. It seems kinda low tech and unnecessary. I wonder if you can just drive with the truck and hack into it using some vulnerable wifi of NFC it has. I am eagerly awaiting such a hack.

Winter January 4, 2021 7:56 AM

@metaschima
“I wonder if you can just drive with the truck and hack into it using some vulnerable wifi of NFC it has.”

1) Why should the truck have wifi?

2) Why should the system inside the truck be powered up while driving?

Clive Robinson January 4, 2021 8:04 AM

@ Winter,

Sorry my reply to you about the origin of the expression how it is just part of a way to describe latency/bandwidth issurs, how it applied in the real world and killed off a US company and how that relates to the very real issues with MBAs/bean counters and Supply Chain failings and why nature works an entirely different way…

Has been hung up in moderation.

Noah January 4, 2021 8:33 AM

If you properly encrypt the drives on the truck and handle the keys securely, the armed guard is irrelevant. The data becomes far more insecure the moment you upload it to the live server–that is where it is going to get stolen, and again physical security is probably not the weak link.

wumpus January 4, 2021 8:59 AM

@Noah: True, but if it suddenly becomes wildly easier to steal the entire set of data (physically), that threat should have some mitigation. Even if the data is encrypted, backed up, and (the hardware) insured, there will be significant latency in bringing the data back up again.

Unfortunately it is almost certain that this is marketed to people who think “armed guard” == “great security”. Of course the big issue where having a big datacenter encourages use of that data on site. But you’ve already conceded physical access to AWS employees, and now anyone with access to that truck. So there is a strong desire to eliminate real data security (allow physical access with computers that have the keys to the data) entirely.

JonKnowsNothing January 4, 2021 9:00 AM

@All

re: We have a product called Snowmobile. It’s a gas-guzzling truck. There are no public pictures of the inside, but it’s pretty cool. It’s like a modular datacenter on wheels. And customers rightly expect that if they load a truck with all their data, they want security for that truck. So there’s an armed guard in it at all times.

It’s also called a Fusion Center Tactical Mobile Police Truck-Van. This is the one with the large extendable mast antenna, lots of SWATTER Types hanging around, filled with wall-to-wall monitors and telemetry trackers galore. It contains the DRTBox and STINGRAY devices and the newer generation of bugs and trackers. They can extract all the data from a smartphone (under the right circumstances).

It’s a gun thing…

Clive Robinson January 4, 2021 9:11 AM

@ JonKnowsNothing,

It’s a gun thing…

Yup and many years ago I was shown rather forcefully why guards should never be issued with slings/lanyards or holsters, and why there should be two at all times looking after each others backs. But the other point I was taught is that a gun is less use than a hammer for defending yourself, and people put stupid faith in them and die because of it.

But… This truck and armed gaurds idea is not at all new. Some here are old enough to have got bored to death reading through the US security rainbow books for what we might call trusted systems.

There was a requirment for trucks and armed guards to deliver the top tier of such systems… I don’t know how many were ever shipped but trucks and armed guards has that cosy, warm, fuzzy fealing we used to get back in the days of the Cold War.

Winter January 4, 2021 9:28 AM

“I agree that the armed guards are basically security theater.”

Probably worse than that. Quite a number of politicians were murdered by their own bodyguards. Many a money transport or bank were robbed by their armed guards.

wiredog January 4, 2021 10:18 AM

A few years ago when I was working on Microsoft’s Azure system I learned that they offer a similar service. No armed guard that I know of, and IIRC they didn’t sell it as a security thing. It was just that if you had petabytes of data to upload it was much faster to send a truck full of hard drives, copy the data to the truck, and then drive the truck to the nearest data center than it was to upload the data over the internet.

I was actually pretty impressed with Azure. The code was cleanly written, thoroughly commented, and only clever where it had to be, with lots of comments surrounding the cleverness.

metaschima January 4, 2021 10:37 AM

@Winter
Most vehicles sold nowadays have WiFi and/or bluetooth enabled. I don’t know about trucks specifically but this seems to be a high tech truck with computers on board, which are also likely to have bluetooth and wifi. So I’m thinking it’s definitely likely that unless they have intentionally disabled all such functionality that these are enabled and represent attack vectors. We cannot know for sure unless we get more intel.

Etienne January 4, 2021 10:56 AM

There was a soldier who was retiring, and every day he went out the main gate with a wheel-barrow filled with straw.

The gate guards searched through the straw and found nothing. The same thing happened each day. They never found anything in the straw.

Finally, one day the guard sees the retired soldier at a bar. He asks him about the wheel-barrow and the straw. “I know you were stealing stuff, but I could never prove it!”

Finally the old sergeant laughed, and said “I was stealing wheel-barrows!”

Jon January 4, 2021 11:58 AM

@metaschima @Winter

3) It would take longer than your remaining physical lifetime to transfer the contents over crappy wifi. And where would you even store it?
4) The data has multiple levels of encryption before leaving the premises. The keys get exchanged out-of-band, over regular old HTTPS over the internet.

BTW: You can play with this yourself for cheaper, the “snowball” family has different sizes to rent, smallest one is smaller than a toaster.

@others:
Regarding the armed guard: It is not only a great marketing option, it is also smart since the truck contains millions of dollars worth of hardware.

Bystander January 4, 2021 12:12 PM

@metaschima

The on-board WiFi or Bluetooth is connected to the infotainment system of the vehicle.
Connecting any computing hardware installed later needs an additional effort while compromising security. Bean-counters will not approve the former, so the latter won’t happen. Technically it doesn’t make sense anyway.

Hard-disks using rotating media are still the sweet spot for capacity vs. price calculations. You don’t want to operate these while in transit to improve immunity against shock and vibration.

Clive Robinson January 4, 2021 12:50 PM

@ metaschima, winter, ALL,

We cannot know for sure unless we get more intel.

That may be easier than you might at first suppose…

Sometimes physical security can be your friend othertimes not.

The truck and it’s personnel have to come from somewhere, goto somewhere and go back again. And to be proffitable like aircraft it will have to spend most of it’s time “in the air” as it were.

Now if you get it to your site, or you know where it is going to you can “old school” either bug it, follow it, or both back home. I suspect that the personnel can not do the issolation job well, so getting in close with a bug would probably not be too dificult…

But we are also in the world of “new school” as well which means all sorts of other tricks are to hand.

End of part 1

Hillary January 4, 2021 12:55 PM

@metaschima @bystander

In a semi, the the onboard cellular connection is usually through the EOBR (electronic onboard recording device), which is connected to the tractor engine and sometimes cameras. The driver also uses this device to log his hours and prove he’s compliant during road checks. Normally the EOBR doesn’t talk to the trailer. You can add options to connect it to refrigerated trailer temp sensors, and I think maybe back door sensors if the trailer has that package. One thing that people don’t often know – trailers and tractors don’t usually stay together. An average trucking company owns about 3 trailers for every tractor.

If a tractor has onboard wifi it’s usually through the driver’s satellite entertainment system. DirectTV was popular last time I looked into it (5+ years, I’m less involved in fleet management now).

There are separate sensor systems with their own cell signals that you can put in trailers for things like location, door status, and seeing if there’s stuff inside.

Frankly, it would have to be some pretty amazing data to be more worth than stealing pallets of pharmaceuticals. The most expensive insurance claim I’ve heard of involved a pallet of viagra and rain.

MikeA January 4, 2021 1:02 PM

@Jon in re various sizes.

I would be interested in running multiple small less noticeable vehicles and having provision for burst-error correction, rather than one big “packet” with single-point of failure (ground to ground) and timeout/retry for reliability.

But that may just be me.

Pames January 4, 2021 1:05 PM

During late 2009 Amazon migrated from a data center in the Kent Valley to Lynnwood due to risk of collapse of the Howard Hanson dam on the Green River (Corps of Engineers estimated the risk at 0.3), which would have flooded the DC.
We migrated the app servers virtually, but database racks were trucked in three semis. We had to conduct a risk analysis, and it included items like truck catching fire, driving off the interstate, hijack, etc.

You have to include stuff like this.

Hillary January 4, 2021 2:07 PM

@MikeA – I’d make it look just like any other Amazon truck. There are so many Prime trailers on the road now it would be invisible. We can add a nifty security system that makes it very hard to get stuff out if they succeed in hijacking that would be fun security theater.

Most high-value or high-risk goods move through the regular supply chain because they hide in all the other stuff. You just embed cellular location sensors inside the product. Cargo theft is usually an inside job anyway.

Jim January 4, 2021 3:28 PM

The security guard is likely there to protect their hardware, not your (hopefully encrypted) data. What, you don’t think truck drivers stop to use the restroom, eat, sleep, perhaps even grab a shower?

I’ve seen this problem when one is moving to another state, and your moving company truck stops for food & gets robbed.

Anders January 4, 2021 4:15 PM

@Clive @SpaceLifeForm @MarkH @ALL

This faq has some interesting bits like
power requirements, data connection etc…

hxxps://aws.amazon.com/snowmobile/faqs/

Andrew January 4, 2021 4:15 PM

@MikeA

RAIT? Redundant array of Inexpensive Trucks? You could offer RAID 5 and suffer the loss of a truck. Or, ECC anyone?

Clive Robinson January 4, 2021 5:03 PM

@ Anders, ALL,

Buried in the Snowmobile FAQ,

“Snowmobile does not support data export.”

And there the bad news just begins… Because their recommendation are,

“When you need to export data from AWS, you can use AWS Snowball Edge to quickly export up to 100TB per appliance”

Which is not true according to the Snowball FAQ, apparently it’s only 80TByte…

But more interestingly the Snowballs are not just a fraction of the storage and speed, they get sent via the slowest UPS service…

But you also find that the Snowballs can not be used to move data from one AWS region to another AWS region…

So AWS will grab your data quickly, then only let you dribble it out very slowly awkwardly and I suspect expensively with high risk of “lost in transit, not our problem”…

Not what you want to hear realy…

So at best these Snowmobiles are “lock in” with “silly marketing”…

Anders January 4, 2021 5:15 PM

@Clive @SpaceLifeForm @MarkH @ALL

OK, who wants to calculate how much it costs in terms
of electricity bill to fill the Snowmobile?
What’s the current US rate for kWh?

  1. A fully powered Snowmobile requires ~350kW
  2. The Snowmobile is designed to transfer data at rate up to 1 Tb/s, which means you could fill a 100PB Snowmobile in less than 10 days.

Clive Robinson January 4, 2021 5:26 PM

@ Jim,

The security guard is likely there to protect their hardware, not your (hopefully encrypted) data.

If they are, then they will need to be several on rotational shift…

The FAQ indicates that the ~34 ton truck will be sitting upto 2kM from your building for around 10days sucking in 350kW of power

Which is probably going to require a special power take off with a very thick cable…

For 110V ~3200Amps (dommestic supply is usually 100Amp unless you get an upgrade for your kitchen and water/heating system.

Thus a three phase 1/2 of a megawatt supply needs to be found unless you want to hire their equally as large generator lorry…

To be honest I realy do not know why they need 350kW, it sounds like everything is powered up all the time. You would think they could apply a little brain power and work out how to sequentially switch units on and off as needed.

Anders January 4, 2021 7:01 PM

@Clive @SpaceLifeForm @MarkH @ALL

No inner pictures indeed…only small look from the back…

hxxps://www.netspaceindia.com/amazons-snowmobile-store-and-trasfer-upto-100-petabyte-of-data-using/

BTW, in the end of 2020 Seagate announced it started shipping 20TB HDD’s
to selected customers. But even with those 100PB needs 5000 drive.

lurker January 4, 2021 7:05 PM

@Clive
You could fit two, but for comfort just say one, 350kva diesel generator units in an average semi-trailer. Jus’ keep truckin’…

Winter January 5, 2021 12:17 AM

@xcv
“D*mn labor unions are going full-on Nazi, eliminating undesirables, gas chambers at the hospitals, concentration camps, crematoriums, mausoleums, etc., etc.”

That is how “Americans” think about the freedom of the poor.

JonKnowsNothing January 5, 2021 2:24 AM

@Winter @xcv

re: … how “Americans” think about the freedom of the poor.

Sadly true. In the USA the poor have no freedoms and the gun totters toot their horns as if they are the only ones that matter.

Such folks have been accosting people in grocery stores here because they are asked/required to wear a mask inside the store. Several incidences have happened in my dirt lot part of California but down in the still-walking-mobile-morgue of Los Angeles, they entered stores and spewed their no-mask demands on people inside, ramming carts into patrons that were wearing masks.

Brilliant comments such as:
  * I don’t wear masks
  * called a customer at the grocery store a “mask Nazi.”
  * An unmasked woman tried to ram her shopping cart into a masked man, claiming that he hit her, and was later seen kicking the man in a checkout line.
  * “Come on, patriots, show him what’s up,”

I don’t know if I will enjoy the schadenfreude when a large number of these folks die in the next 2 weeks. We have The UK-Bug now, TRIAGE has been enacted, ambulances have been told “don’t bring in anyone who isn’t going to make it”(1).

1, I don’t know what the ambulances are supposed to do with the still slightly breathing folks but they are not to haul them to the hospitals because There’s No Room At The Inn and There’s No Room At The Stable either.

ht tps://www.latimes.com/california/story/2021-01-04/maskless-protesters-grocery-store-westfield-century-city-mall

Winter January 5, 2021 2:41 AM

@Jon
“I don’t know if I will enjoy the schadenfreude when a large number of these folks die in the next 2 weeks.”

It is natural selection in action, sad but true. Especially sad when I realize that they probably do not believe in evolution.

Reality is unrelenting. No use arguing with reality.

PS, original is held in moderation, second try. Sorry if this leads to a double post.

Winter January 5, 2021 2:42 AM

Data point for moderation:
using the wrong word in “Reality is a …..”. Change the word, no problem.

Clive Robinson January 5, 2021 4:25 AM

@ lurker,

You could fit two, but for comfort just say one, 350kva diesel generator units in an average semi-trailer.

Yup but the AWS FAQ “suggests” their truck which is the same size as the Snowmobile.

Which when you think about it actually tells you something that might be the equivalent of a security slip…

MarkH January 5, 2021 4:33 AM

Thanks to Anders for posting the FAQ link, which answers some of the questions raised previously.

Five or six years ago, I was talking with a young friend who works for companies maintaining large datasets, about the possibility of shifting the databases from company servers to a cloud service.

I concluded from a little mental arithmetic that an internet transfer would be time-prohibitive.

My friend explained to me in some detail about Amazon gadgets sized something like a large suitcase, stuffed with hard drives, which could be used for such a transfer.

I suppose this must have been one of the “Snowball” devices.

Clive Robinson January 5, 2021 4:54 AM

@ Winter, JonKnowsNothing, xcv,

It is natural selection in action, sad but true. Especially sad when I realize that they probably do not believe in evolution.

Thus they have probably not thought it through to the logical conclusion also dictated by evolution.

So despite how many thousands of millions of years we can show eveloution to be true… Some people would still chose to have faith/belief in the opposite because somebody they mistakenly hold in authority says so. That and they find I guess, through some form of persecution complex, a kind of comfort in such unreasoned beliefs with the old “my faith is being tested I must be strong” argument.

However when they turn it into violence against others, who are quite innocently trying to get on with their everyday lives looking after their loved ones as best they can in very difficult circumstances not of their own making… You have to ask the question are these “I have faith” people, with malice aforethought going out to practice murder just like those who have in the past done so with more traditional weapons?

To which the answer scientifically is yes, so how might that play out in a “stand your ground” state that also has “concealed carry” legislation?

Because this sort of thing happens when you let “crazy” have too much leeway it makes the others “fearful of the crazies” and that all to often lead to violent confrontation in return that often spirals.

Curious January 5, 2021 6:20 AM

I was not impressed with the notion of simply having an armed guard onboard a vehicle. Having read about security related news for the last eh 20 years, the first thing that came to my mind was asking “what is the actual implementation of this security scheme, would it even be considered that safe”.

Where I live, occasionally there is something akin to a public statement to be seen in news articles, where business owners are warned by experts or public officials working for the government/state that business owners are targets for espionage. It seems like, the danger for espionage is very real, and so I think if I was a CEO in big business with expensive or important ideas/products, then I personally would be frightened using a laptop if I had to use it anywhere never knowing for sure if somebody was trivially watching over my shoulder. Then there have been news about for a year now about how researcher have decrypted encrypted data on laptops by listening with a microhpone close by and analysing the noise the computer makes (my basic understanding of that kind of attack).

Winter January 5, 2021 7:53 AM

@Clive and others
“Because this sort of thing happens when you let “crazy” have too much leeway it makes the others “fearful of the crazies” and that all to often lead to violent confrontation in return that often spirals.”

Another way of looking at these self-destructive people is to interpret it as tribalism. It seems to me that a certain part of the USA has devolved into Neo-tribalism where sticking to the tribe’s believes is paramount.

In general, such tribalism seems to thrive in times where the world is perceived as chaotic and the future is uncertain and bleak. This is exactly the state of mind of a large part of the (rural) population in the US.

Just consider, life expectancy in the demographic of Trump’s supporters has fallen. They experienced an atrocious, state-inflicted opioid crisis that killed twice as many of their people as COVID has until now. And the opioid crisis was brought upon them by their own doctors. Their incomes are falling, and have stalled since the 1980’s. The education and career prospects of their children are in shambles.

I can understand that they rally behind their “own folk”. Even though it is their own leaders that have brought this misery upon them. When their leaders tell them COVID is a hoax, they will repeat it and act upon it.

Better to die together than to live alone.

c1ue January 5, 2021 9:25 AM

Snowmobile and its smaller counterpart, Snowball aren’t new.
Internet speeds simply suck for moving really large amounts of data. These services exist to shift petabytes and more into Amazon’s cloud.
As for the interview: I’m stilling reading through it but it is largely advertising so far.
Not that what the “engineer” says is untrue – more like what he/she does not say.
Doesn’t anyone remember DynDNS attack? Which took down Amazon and a significant fraction of the internet not so long ago?
This is what happens when you put all the eggs in one basket.
Another major problem is that Amazon is not actually legally liable for breaches or other failures, other than say physical security breach.
They provide tools but don’t take on the actual job of ensuring security.
You can’t even pay Amazon to “guarantee” security – there’s no Amazon NOC or SOC to buy into.
Thus what do you have?
A large provider whose services are “at your own risk” but who is happy to sell you extra security services which are basically extensions of what it does for itself – only without any actual liability.
I’m not blaming Amazon for this lack since really nobody does this, but don’t blow smoke up my butt.

Winter January 6, 2021 7:06 AM

@Dude
“Before you get too excited at the prospect of Republicans thinning their own herd, you should look at the hard data.”

I think everyone here knows perfectly well that the COVID-19 pandemic in the USA killed mostly poor (non-White) urban Americans. COVID killing mostly ubtan Democrats was also the main reason the GOP embraced the pandemic.

However, the pandemic killed enough Grey Republicans to make their friends and relatives mad. That was one component of all the mismanagement that did cost Trump his reelection.

Now that COVID has reached rural USA, the equation may change.

GaidinBDJ January 7, 2021 3:34 PM

“Amazon Web Services security engineer:”

I went to college for engineering but I have been working in security for the last 20 years and the idea of trying to combine security and engineering mindsets is just…wrong.

I can’t really articulate the difference, but there’s something different about how you approach an engineering problem and how you approach a security problem. Kind of like the difference between trying to push a long stick and trying to pull a long stick.

Clive Robinson January 7, 2021 4:27 PM

@ GaidinBDJ, ALL,

I can’t really articulate the difference, but there’s something different about how you approach an engineering problem and how you approach a security problem.

In part it’s what @Bruce Schneier has called “Thinking hinky” it’s kindvof a “sixth sense” or “subconscious pattern matching” in both engineering and security it causes you to look at certain things more critically.

On a more basic level there are several types of what has become tagged with “Quality” as a working practice.

Design engineers of any note want to balance cost with reliability to find a “sweet spot” where product will get placed in the widest part of the eye diagram of cost of manufacture -v- quantity of manufacture where the profit is greatest.

They also want to “flatten the bath tub curve” that is to minimize “juvenile failure” such that product flows one way. That is out via an optimized supply chain, not back for repair/rework via an unoptomized “returns path” that can cost rather more than the profit on each item. It was this problem back in the 1960’s that caused the British Standards Institute (BSI) to start looking at quality procrsses which gave rise to “Quality Assurance” and what many call ISO-9000.

Security is 100% without doubt a “Quality Assurance” process, just one that does not yet have a standard as such. Just like the Quality mindset the Security mindset has to be fully in place before “Day Zero” of the inception of a Project / Product / System. If it’s not thrn the chances that the product will be secure diminish correspondingly.

Manufacturing engineers design with robustness in mind against “random events”. Thus you have the notion of high availability systems where robustness (MTTF) combined with the shortest repair times possible (MTTR) are optomised against each other then viewed through the cost of meeting that objective.

Security engineers design with robustness in mind against “directed events”. That is the enemy is not blind probability but a highly focused attacker. Thus you have the notion of high security systems where segregation/seperation is optimized against minimizing attack surfaces.

In many cases the design ends up being one using systems in parallel with instrumentation to provide “voting circuit” type designs. Although NASA did not think up this philosophy it goes back more than two millennia to a logical riddle, NASA made it obvious via the need for extream reliability.

BigThink January 8, 2021 6:51 AM

You all entirely fail to see the point of the guard:
He is there to stop people from sabotaging the fire extinguisher and setting that thing on fire. Don’t think data security from theft, think data security from physical destruction.
Again: Do you think that hardware comes cheap?

JonKnowsNothing January 8, 2021 9:35 AM

@ GaidinBDJ Clive ALL

re: Security and Engineering

the difference between trying to push a long stick and trying to pull a long stick.

Many cultures have a similar concept: YIN-YANG.

Clive has detailed many aspects of engineering focus and we gain focus-insight, that we call “expertise”, in whatever jobs/fields our life path take us. When you gain expertise it often comes as the expense of generalization or The Bigger Picture.

We develop a myopia.

This is often encouraged by corporations which like to pigeonhole people into nice boxes of tasks and duties. When you ask about the other boxes you are told:

  Do You Own Job, Don’t Ask Questions, Someone Else is Doing That.

We have all been boxed up and packaged.

It is when you poke your nose outside of your expert area and observe or inquire that you have the possibility to see change or a needed change. Such changes are part of “security” because by noticing or observing, what you notice is actually that something is lacking: a security fault.

  Code reviews are about finding “bugs” but what are bugs?
  They are security faults.

  What are operational plans with locked doors that need
  bookcases jammed in front of them to keep them closed?
  They are security faults.

What we think is just “expertise”, is actually accumulated knowledge of “failures”. War Stories. We all know loads of them.

An adage that used to float around Silicon Valley:

Programmers only know how to create the bugs they have created in the past.
Engineers know how to design systems that fail.

Each iteration provides insights into why and how. We come by this knowledge over time.

Linking Security and Engineering may seem at odds, but they are one and the same.

Flip the coin.

ht tps://en.wikipedia.org/wiki/Yin_and_yang
(url fractured to prevent autorun)

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.