Latest Essays
Page 43
Is Antivirus Dead?
This essay appeared as the second half of a point/counterpoint with Marcus Ranum. Marcus’s half is here.
Security is never black and white. If someone asks, “for best security, should I do A or B?” the answer almost invariably is both. But security is always a trade-off. Often it’s impossible to do both A and B—there’s no time to do both, it’s too expensive to do both, or whatever—and you have to choose. In that case, you look at A and B and you make you best choice. But it’s almost always more secure to do both.
Beyond Security Theater
We need to move beyond security measures that look good on television to those that actually work, argues Bruce Schneier.
Terrorism is rare, far rarer than many people think. It’s rare because very few people want to commit acts of terrorism, and executing a terrorist plot is much harder than television makes it appear. The best defences against terrorism are largely invisible: investigation, intelligence, and emergency response. But even these are less effective at keeping us safe than our social and political policies, both at home and abroad. However, our elected leaders don’t think this way: they are far more likely to implement security theater against movie-plot threats…
Why Framing Your Enemies Is Now Virtually Child's Play
In the eternal arms race between bad guys and those who police them, automated systems can have perverse effects
A few years ago, a company began to sell a liquid with identification codes suspended in it. The idea was that you would paint it on your stuff as proof of ownership. I commented that I would paint it on someone else’s stuff, then call the police.
I was reminded of this recently when a group of Israeli scientists demonstrated that it’s possible to fabricate DNA evidence. So now, instead of leaving your own DNA at a crime scene, you can leave fabricated DNA. And it isn’t even necessary to fabricate. In Charlie Stross’s novel Halting State, the bad guys foul a crime scene by blowing around the contents of a vacuum cleaner bag, containing the DNA of dozens, if not hundreds, of people…
The Difficulty of Un-Authentication
In computer security, a lot of effort is spent on the authentication problem. Whether it’s passwords, secure tokens, secret questions, image mnemonics, or something else, engineers are continually coming up with more complicated—and hopefully more secure—ways for you to prove you are who you say you are over the Internet.
This is important stuff, as anyone with an online bank account or remote corporate network knows. But a lot less thought and work have gone into the other end of the problem: how do you tell the system on the other end of the line that you’re no longer there? How do you unauthenticate yourself?…
The Battle Is On Against Facebook and Co to Regain Control of Our Files
Our use of social networking, as well as iPhones and Kindles, relinquishes control of how we delete files -- we need that back
File deletion is all about control. This used to not be an issue. Your data was on your computer, and you decided when and how to delete a file. You could use the delete function if you didn’t care about whether the file could be recovered or not, and a file erase program—I use BCWipe for Windows—if you wanted to ensure no one could ever recover the file.
As we move more of our data onto cloud computing platforms such as Gmail and Facebook, and closed proprietary platforms such as the Kindle and the iPhone deleting data is much harder.
You have to trust that these companies will delete your data when you ask them to, but they’re …
Is Perfect Access Control Possible?
This essay appeared as the second half of a point/counterpoint with Marcus Ranum. Marcus’s half is here.
Access control is difficult in an organizational setting. On one hand, every employee needs enough access to do his job. On the other hand, every time you give an employee more access, there’s more risk: he could abuse that access, or lose information he has access to, or be socially engineered into giving that access to a malfeasant. So a smart, risk-conscious organization will give each employee the exact level of access he needs to do his job, and no more…
Offhand but On Record
More and more people are using computers to chat with each other, but there's no such thing as a passing conversation on the Web
Facebook recently made changes to its service agreement in order to make members’ data more accessible to other computer users. Amuse, Inc. announced last week that hackers stole credit-card information from about 150,000 clients. Hackers broke into the social network Twitter’s system and stole documents.
Your online data is not private. It may seem private, but it’s not. Take e-mail, for example. You might be the only person who knows your e-mail password, but you’re not the only person who can read your e-mail. Your e-mail provider can read it too—along with anyone he gives access to. That can include any backbone provider who happened to route that mail from the sender to you. In addition, if you read your e-mail from work, various people at your company have access to it, too. And, if they have taps at the correct points, so can the police, the U.S. National Security Agency, and any other well-funded national intelligence organization—along with any hackers or criminals sufficiently skilled to break into one of these sites…
Lockpicking and the Internet
Physical locks aren’t very good. They keep the honest out, but any burglar worth his salt can pick the common door lock pretty quickly.
It used to be that most people didn’t know this. Sure, we all watched television criminals and private detectives pick locks with an ease only found on television and thought it realistic, but somehow we still held onto the belief that our own locks kept us safe from intruders.
The Internet changed that.
First was the MIT Guide to Lockpicking (PDF), written by the late Bob (“Ted the Tool”) Baldwin. Then came Matt Blaze’s 2003 …
The Value of Self-Enforcing Protocols
There are several ways two people can divide a piece of cake in half. One way is to find someone impartial to do it for them. This works, but it requires another person. Another way is for one person to divide the piece, and the other person to complain (to the police, a judge, or his parents) if he doesn’t think it’s fair. This also works, but still requires another person – at least to resolve disputes. A third way is for one person to do the dividing, and for the other person to choose the half he wants.
That third way, known by kids, pot smokers, and everyone else who needs to divide something up quickly and fairly, is called cut-and-choose. People use it because its a self-enforcing protocol: a protocol designed so that neither party can cheat…
People Understand Risks—But Do Security Staff Understand People?
Natural human risk intuition deserves respect -- even when it doesn't help the security team
This essay also appeared in The Sydney Morning Herald, and The Age.
People have a natural intuition about risk, and in many ways it’s very good. It fails at times due to a variety of cognitive biases, but for normal risks that people regularly encounter, it works surprisingly well: often better than we give it credit for.
This struck me as I listened to yet another conference presenter complaining about security awareness training. He was talking about the difficulty of getting employees at his company to actually follow his security policies: encrypting data on memory sticks, not sharing passwords, not logging in from untrusted wireless networks. “We have to make people understand the risks,” he said…
Sidebar photo of Bruce Schneier by Joe MacInnis.