Interesting People mailing list archives
Security of the internet
From: David Farber <farber () central cis upenn edu>
Date: Sun, 7 Nov 1993 11:51:48 -0500
[ "Users of the net must understand that it is an "open" net. They may not rely upon the security of such a network. They may not rely upon the apparent origin or destination of the messages. They may not rely upon the behavior of privileged users (system managers et. al.) within the net. They not rely upon the polite behavior of users of the net." so says the below author. I wonder if most users and even companies understand this. I DOUBT it. Wonder how far the telephone system would have gotten with such an attitude? We are building a new world wide coimmunications system NOT a toy!!! (I hope).. djf] Date: Thu, 4 Nov 93 06:50 EST From: WHMurray () DOCKMASTER NCSC MIL Subject: Security of the internet Our esteemed moderator complains as follows (aside, but in normal voice from a high pulpit):
....which is that system and network security stinks in most systems, particularly those on the Internet.
Not true, Peter. System security stinks on one system in five in the internet. This is not "most." However, it is sufficient to put the whole net at risk. The level of security in the internet is. That is to say it is a given; the laws associated with large numbers make it resistant to change. It is sufficient for most of the applications or uses of the net. Otherwise, by definition, the uses would not take place. At the same time it is insufficient for many of the applications. Users of the net must understand that it is an "open" net. They may not rely upon the security of such a network. They may not rely upon the apparent origin or destination of the messages. They may not rely upon the behavior of privileged users (system managers et. al.) within the net. They not rely upon the polite behavior of users of the net. This is not because the origin and destination of many messages are forged, that many privileged users are malicious, or that most users are rude. If this were the case, the net would simply disintegrate. Rather, it is simply in the nature of an open network that some will be. If it is important to your application that a message came from where it appears to have come from, then you had better have sufficient evidence, independent of that which the net provides you, that that is where it came from. If it is important to you that your message not be seen by anyone other than its addressee, you had better talk in a code that only you and he understand. It is now relatively simple to automate such protection for your traffic at the application layer. Once automated its use will be simple and transparent. You will be able to enjoy both the wide connectivity and economy provided by the net and the security required for your application. It is unrealistic to expect to get both, by default, from the same mechanism. The real world does not work that way. William Hugh Murray, Executive Consultant, 49 Locust Avenue, Suite 104; New Canaan, Connecticut 06840 1-0-ATT-0-700-WMURRAY; WHMurray () DOCKMASTER NCSC MIL ------------------------------ Date: Fri, 5 Nov 93 16:40:18 PST From: RISKS Forum <risks () csl sri com> Subject: Re: Security of the internet Bill, Consider the network as a system in the large. If almost all of those systems use passwords, their security stinks. [Only a few systems today use token authenticators.] If a Trojan horse in my system captures a password on your system as a result of an FTP or TELNET from my system to yours, then YOUR system is now vulnerable to an attack that might permit me to Trojan horse your system, which in turn can compromise all of the systems that you FTP or TELNET to. It is as simple as that. By induction, virtually the entire net is at risk sooner or later, by iterative closure [cloture?]. Peter
Current thread:
- Security of the internet David Farber (Nov 07)