Dailydave mailing list archives
Re: Semi-Private numbers
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Mon, 2 Apr 2012 12:24:55 -0700
When something is felt to be a secret, but is really something you give to everyone, I call it a semi-private numbers. You'll see them everywhere, social security numbers, credit card numbers, biometrics of all sorts, your maiden name, etc. It's weird how people get upset when huge collections of semi-private numbers get stolen.
Why weird? They don't have a choice but to use these numbers, and the leak has a negative impact on their life. I'd wager that it's mostly a failure of our industry, in one of two possible ways: 1) We failed to provide any practical alternatives (we are not shunned by the industry, we *are* the industry - and frankly, most of our supposed solutions look good only on paper). - OR - 2) Our fixation on perfect security is actually based on a misunderstanding of how societies work and can flourish. Keep in mind that in many areas, the physical world is probably much better off specifically because we're quite willing to rely on trust and casual, imperfect deterrence, and no on perfect security. I actually fancy that thought, if you recall ;-) /mz _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Semi-Private numbers Dave Aitel (Apr 02)
- Re: Semi-Private numbers Michal Zalewski (Apr 03)
- Re: Semi-Private numbers Anton Chuvakin (Apr 05)
- Re: Semi-Private numbers Michal Zalewski (Apr 03)