Re: truth is for Admins

[chris () blask org]

--- On Mon, 10/26/09, Rich Kulawiec <rsk () gsp org> wrote:

> And this in turn is why any security strategy that depends
> on user education/cooperation has already failed. 
> Completely.  It's prudent to presume that one's users are at 
> best utterly incompetent, at worst actively malicious, and 
> design accordingly.

While I don't (think I) agree with the spirit I completely agree with the summation.  Assuming that your user 
population is a breath away from going barking mad at any given moment is only prudent.

And, since we have not yet delivered the full set of tools necessary to design and implement accordingly, it should not 
surprise anyone that we still have the results we do.

So far, while we have managed to make an incredibly functional global communications system, many of the parts are 
still only partially engineered.  It is equally possible to make a functional transportation system that is only 
partially engineered but still "works" by general definitions.

In either case, each desperately needs more advancement than is going to come in any short period of time.

Cars can be built with little more than a drive train and steering (and brakes, if you feel generous), but when Gramma 
slams one into a building it shouldn't come as a tremendous surprise.  Seat belts and airbags are no replacement for 
embedded radar, video interpretation software, accelerometers and predictive pseudo-cognizant vehicle management 
combined with a driver-override (or better yet, replacement) system, but until we can develop and deliver all that 
affordably for a billion cars belts and bags will simply have to do.  The only downside is that this freedom of 
movement will cost a few tens of thousands of lives a year (in the US alone) until we get the full system developed and 
deployed sometime around the middle to the end of this century.

Also in the meantime, traffic engineers will have to work with the tools at hand and send their own grandmothers and 
children out on the half-baked highways they design.

So, all in all it isn't anything new that is expected of us, whatever our roles are in the infosec industry.  If you 
work for a vendor, you need to improve your cars so fewer (but, sorry, still 'some') of your customers slam them into 
trees.  If you are a network admin, you have to design and operate systems where only some of your users will die in 
fiery wrecks some of the time.  

Except, of course, that generally we don't lose any actual lives in the course of dealing with our own compromises so 
the tenor of our self-pitying whining should be notably less than our automotive peers.

-chris


      

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.