Re: Anti-Phishing, why it doesn't work

[robert () dyadsecurity com]

Joseph Miller(joseph () tidetamerboatlifts com)@Mon, Jan 24, 2005 at 11:34:48AM -0500:
> If you don't mind paying $1500 for a 15" 3D monitor, this is the
> choice for you (not to mention the added cost of redeveloping
> operating system desktops for secure applications). 

This type of OS rewrite goes well beyond just the presentation level. 
You can read a little bit about what sun did for X in TSOL here:
http://docs.sun.com/app/docs/doc/816-1042/6m7g4ma8g?a=view

We're working on X extensions for an SE Linux base to allow for similar
functionality.

> If I can gain access to a person's display (via email software
> vulnerabilities, specially formed HTML pages, etc), I can pretty much
> make it look like anything I want to. 

This would be possible with a 3D monitor too.  When you have an
unenforceable and unmodeled security policy, you should expect the
unexpected to happen.

> We all know that the number one reason why Anti-Phishing mechanisms do
> not work is because of dumb users.

I don't blame the users.  They just want to use the computer.  They
shouldn't be expected to be security experts (what ever that means).  If
they go to the wrong website or open the wrong file, the worst thing
that should happen in their email client or web browser would lock up. 
Users would then just reopen the failed application.

MAC/DTE/RBAC may be a more suitable direction to start with.  Perhaps we
can add 3D monitors after we have a functional TCB :).

Robert

-- 
Robert E. Lee
CTO, Dyad Security, Inc.
W - http://www.dyadsecurity.com
E - robert () dyadsecurity com
M - (949) 394-2033