Re: Security & Obscurity: physical-world analogies

[gadgeteer () elegantinnovations org]

On Thu, Sep 02, 2004 at 05:37:20PM -0500, Frank Knobbe (frank () knobbe us) wrote:
> To really illustrate the point, let me make a more colorful example.
> People-packets in the real world can be stopped by a moat around the
> castle. The people-packet runs towards the castle and falls into the
> moat. People-packet has ceased to exist. In cyber space, the
> people-packet will again clone itself and run "purposefully" into the
> moat, piling up the "dead" people-packets until the moat is full. The
> remaining people-packets can then enter the castle.
>
> Feel free to play through the same scenario with a wall where "dead"
> people-packets get purposefully deployed in front of the wall until the
> last people-packet can climb the packet mountain and pass over the wall.
 
Unfortunately, this tactic has been used in warfare.  It has been referred
to as the "human wave" attack. :-(
 
> The copy conundrum: You have a chair. Dave wants to steal your chair. If
> he does, you know your chair has been stolen. In cyber space, Dave can
> steal your chair by making a copy. You still have your chair and you do
> not know if it was stolen or not. Dave does have your chair now, but you
> don't know.
>
> Leftovers: Let's say you burned said chair. Let's say Dave told you that
> he came to your house, made a copy of your chair, drove home and put the
> copy into his living room. In the real world you might go to Dave's
> house and remove/destroy your chair. In the IT world you will find that
> said chair is not only present in Dave's living room, but there is an
> inadvertent copy left in his car. Oh, and also on his hands, or any
> other place that the chair passed through.

This is a good example and Dave's mention of the multi-packet attack is
another of why there are large gaps created when relying too heavily on
analogies from one realm in another.

I understand your need for analogies to communicate ideas to a
non-technical audience.  Use analogies and case studies that do not
invoke such powerful emotions.  These simply cloud the issue and lead to
thinking errors.  Exploiting thinking errors is highly effective in both
the physical world and the binary world.

There are thought experiments that can lead to clear thinking about the
issues at hand.  For example, chaper 21 of Bruce Schneier's Secrets &
Lies where he describes "attack trees".  Ross Anderson uses the thought
experiment "how to steal a painting" in his analysis of threat models in
"Security Engineering: A Guide to Building Dependable Distributed
Systems".

No, CEOs et al do not have an hour to spend reading full-disclosure
everyday.  But in today's world it is imperative that they have someone
on staff who does.  And they listen to that person.  Equipped with good
thought tools to consider what this person says will enable them to make
the right decisions regarding the security and integrity of their
organization.
-- 
Chief Gadgeteer
Elegant Innovations

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html