Re: Firewall Primitives

["Stephen P. Berry" <spb () meshuggeneh net>]

> My conclusion after being a vendor for lo these many years is
> that customers *DESERVE* the security they get.

Which is fine, as far as that goes.  Unfortunately, it doesn't scale with the
same egalitarianism.

Theorem:  Clue doesn't aggregate worth a damn, and dumb does.  So as an
organisation gets larger, it gets---as a whole---dumber and dumber.

Theorem:  Vendors with larger customers have their survivability probabilistically
enhanced.

Corrollary:  Vendors listen to larger---and therefore dumber---customers over
smaller---and therefore more clueful---customers.

As a result, customers, on the whole, get the security the dumbest customers
deserve.  


This looks particularly interesting if you try to model worldwide information
security as a game between multiple factions with differing goals---one or more
being whitehats (for some suitable definition of whitehat) and one or more being
blackhats.  Some are neutral---i.e., not really concerned about information
security at all.  Most resources start out being controlled by neutral factions,
and whitehats and blackhats may attempt to influence or compromise them.  What you
discover, if you're so inclined to run iterated models, is that there is a finite
amount of resources to be spent on security---good or bad---and so every bit spent
on bad or useless security robs from those making the good stuff.  This means they
are less well suited to advance their technology, market their products, and so
on, and so are less likely to survive in the long run.  In other words, in the
model outlined above, most of the resources at the disposal of the neutrals are
either actively or passively being used to advance the goals of the blackhats.

At the same time, assets that are secured with lousy or no security are more
likely to be subverted by one or more blackhats, meaning that the whitehats
have fewer resources to draw on, and are facing a ever-growing opponent.

If you do take the time to build such a model of the situation and look at it
as a sort of tabletop wargame (like ASL, for example, or Risk if you don't
know what ASL is), you realise that the game balance is really lousy, and one
side is almost always guaranteed an (overall) victory.

It also---and this is why I bothered to bring it up---gives a somewhat different
perspective on the guys who never get around to patching that webserver.  Not
that I'm suggesting that they're doing anything -actively- malicious in being
sloppy or stupid---just suggesting another way of putting the ramifications of
having an industry full of such bozos into perspective.









-spb

Attachment: _bin
Description: