Full Disclosure mailing list archives
RE: Security & Obscurity: physical-worldanalogies
From: "Yaakov Yehudi" <yehudi () tehila gov il>
Date: Sun, 5 Sep 2004 15:55:52 +0200
On Thu, 2004-09-02 at 11:24, Peter Swire wrote:
I think there is a strong analytic similarity between a firewall
and
physical settings where guards are deciding whether to let people/trucks/etc. through a gate. [...] In both cases, there is "filtering" by the defenders. Some
entrants
are excluded. Some get more intensive screening. The level of filtering varies with the perceived level of the threat.
Frank Knobbe replied... I was trying to stay out of this discussion, but I do have to throw in some comments. I do not believe that we can make accurate and meaningful analogies between the physical realm and the information technology realm or cyber space or whatever you want to call it. The analogies we to make "appear" to serve our purpose for making it easier to understand the difficult issues surrounding IT based scenarios, but in fact are presented solely for one situation. Any modification of the situation, and reaction scenarios, break down quickly because they can not be performed in both worlds with the same results and same action-reaction behavior. Case in point: You say firewalls are like entrances. People (on lieu of packets) are inspected and gain entrance or not. For a single person/packet, this works. While in the physical the person can not circumvent the entrance, in the information world this is quite easily achieved. In cyber space, the person-packet would just clone or copy itself a million times, overwhelming the inspectors and slip passed the checkpoint. Umm.. Unless we fail closed. YY _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Security & Obscurity: physical-worldanalogies DAN MORRILL (Sep 02)
- <Possible follow-ups>
- RE: Security & Obscurity: physical-worldanalogies Yaakov Yehudi (Sep 05)