Re: Comcast storing WiFi passwords in cleartext?

[William Herrin <bill () herrin us>]

On Wed, Apr 24, 2019 at 9:10 AM Benjamin Sisco <bsisco () justassociates com>
wrote:
>  There’s ZERO reason to store or transmit any credentials (login,
service, keys, etc.),
>  in any location, in an unencrypted fashion regardless of their perceived
value or
>  purpose.  Unless you like risk.

Risk is threat times vulnerability times impact. No impact, no risk. For
example, if the credentials for my grocery store loyalty card are
compromised, I do not actually care. It has no impact. Hence failing to
encrypt the card number as it transits the store network or sits in their
database carries no risk.

There can be, on the other hand, substantial costs associated with using
encryption. Key management infrastructure. Manpower. Business risk: loss of
the keys becomes loss of the data. Mistakes yield service outages that
impair business operations. Forgot to renew that key? Gotta close the store
until the IT guy gets here because the cash registers don't work. These
costs tie to the use of encryption regardless of the risk it mitigates.

I take no position on what risk the comcast wifi passwords issue carries.
I'm posting only to point out that an absolutist model which says, "stuff
of type X must always be encrypted," is probably not well tuned to the
customer's actual security needs. The generally accepted principle is that
if you spend more money mitigating the risk than the attributable cost of
the risk then you're doing it wrong.

Regards,
Bill Herrin

-- 
William Herrin ................ herrin () dirtside com  bill () herrin us
Dirtside Systems ......... Web: <http://www.dirtside.com/>