Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

good read: Please do not change your password

From: Dave Farber <dfarber () me com>
Date: Sat, 17 Apr 2010 16:31:59 -0400




Begin forwarded message:


From: "Jonathan S. Shapiro" <shap () eros-os org>
Date: April 17, 2010 2:39:42 PM EDT
To: Benjamin Kuipers <kuipers () umich edu>
Cc: dave () farber net, ip <ip () v2 listbox com>
Subject: Re: [IP] good read: Please do not change your password




[For IP]

On Sat, Apr 17, 2010 at 9:01 AM, Benjamin Kuipers <kuipers () umich edu> wrote:
Insurance is a rational investment because the *utility* functions of the individual insurance-purchasers are 
different from the utility function of the insurance company that aggregates the risk.  For an individual, the 
negative utility of a loss increases non-linearly with the dollar cost.
 
I can't speak for others, but for me, the negative utility of a password compromise is *weeks* of lost time 
re-building all of my machines. Admittedly, I am probably an atypical user with atypical concerns. I do believe that 
the cost of compromise is non-linear for most computer users, but certainly not on the scale of losing one's home.
 
Since we seem to have a lively topic, there is another aspect of Herley's cost analysis which is difficult to assess, 
and which I think is relevant.
 
The individual user who makes the password change is aware of the hassle of making the change, and also aware of the 
hassle of having their system cracked. Typically, they are not aware -- or at least cannot accurately assess -- the 
*organizational* costs when their machine is cracked. Even relatively junior employees have access to valuable 
corporate intelligence and intellectual property. Loss of this property is a loss to the company, not to the 
individual, and most individuals consider that loss in only a secondary way.
 
So, in effect, the attacker has two forms of advantage over the defender. The first is that the attacker needs to 
find only one point of entry among many, while the defender must guard them all. The second is that the defender must 
deploy defenses that users will tolerate, and the threat perceived by those users is much smaller than the actual 
threat. In Benjamin's terms: there is a failure of alignment between the negative utility to the organization and the 
negative utility to the individual. Both effects favor the attacker.
 
 
Jonathan S. Shapiro




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: