Securing The Wrong Spaces: A Lesson

["Paul Ferguson" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via techdirt.com.

[snip]

A brand new Japanese warship that apparently has the country's latest and
greatest radar system, was unable to spot a fishing boat in its path,
leading to a collision and two missing fishermen. This is raising all sorts
of questions about the quality of the radar system, but some are saying
that the collision was really due to human error and that the radar system
is designed more to watch out for missiles in the air, rather than ships
below it.

That's a fair enough response, but does point out that vulnerabilities come
from all directions -- and you can make the best system in the world, but
if it's looking for the wrong thing, it won't stop something bad from
getting through. It does seem rather ironic to set this ship up to be the
best in the world at spotting threats from the sky -- and forget to include
a decent system to find threats right next to it in the sea.

[snip]

Link:
http://techdirt.com/articles/20080219/021718291.shtml

There is a great security lesson to be learned here -- if you're
focused on securing only a subset of the entire threat landscape,
the insecurities will generally occur in the places you're not
focusing on.

Focus on the Big Picture.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFHvSOGq1pz9mNUZTMRApTgAKC1xOmARnuNjW3WBzA6oMN3pceVzwCgoDxP
+mXeTDVURF9ZbPV+8fsrrZ0=
=91Wr
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.