You are here


Observations on information security.

Cerf and the "secure from the start" Internet

Early Arpanet Map

Vint Cerf, co-intentor of TCP/IP, talked recently about the technology available to "secure the Internet" when it first arrived. News sites claimed "The Internet could have been secure from the start, but the tech was classified." 

 That's really not what he said. And it's not true.


If the Internet had been made "secure from the start," then none of us would be using it. 

Post category: 

Password managers and autocomplete

Authentication Icons


Some web sites insist on as much control over our passwords as they can get. They demand that we choose hard-to-remember passwords, they spread the login over several pages, and they refuse to accept password text through autofill or even copy/paste. This is supposed to reassure us, I guess, the way that shoe removal reassures everyone at the airport.

Post category: 

On-line cipher tools

This is a follow-on of my "Grade School Crypto" introduction to the fundamentals of cryptography. While constructing examples from my class, I came across a nice little web site called "Count On," that includes a page of basic crypto tools.

Post category: 

The "Bug-Free Software" fallacy

For patching the unpatchable

About 20 years ago, I worked with a fellow who proudly told me that he had once written a flawless piece of software. He kept its inch-thick line printer listing as a shrine in his cubicle. I never asked him for details, because he got angry when people questioned his judgement on computing. After all, he had once been in a panel discussion with Grace Hopper!

I have my own Grace Hopper stories, but today's interesting panel discussion took place earlier in December at the 2013 ACSAC in New Orleans. Roger Schell, a luminary in the annals of cyber security, declared that 1980s techniques had indeed created "bug-free software."

Roger Schell is wrong.

So-called "bug-free software" is simply "too hard to patch" software. Instead of being bulletproof, the software is like a fragile gift padded for shipment. We protect such things by adjusting the world outside: physical security, connection facilities, procedures, and so on. We use boxes, bubble wrap, and duct tape to secure the software.

Wordpress tag: 
Post category: 

Multics was flawless?

Multics logo

Last week I participated in a very geeky panel discussion about a now-defunct standard for computer system security: the TCSEC. I showed some charts and diagrams about costs, error rates, and adoption of government-sponsored programs for evaluating computer securityDuring the panel, some audience members made the following claim:

"After its evaluation, Multics never needed a security patch."

I admit I find this hard to believe, and it's not consistent with my own Multics experience. However, most of my Multics experience predated the evaluation. So I ask: does anyone know if Multics had a security patch after its B2 TCSEC evaluation?

[see newer posting]

Wordpress tag: 
Post category: 

The City: a metaphor on software and security

I've probably written about this before, but I feel inspired to write out some details as I sit in this session at ACSAC.

I think the modern city is the perfect metaphor for modern software. Individual programs are entities (people, organizations) who exist in a city. Elements of the city (other programs) provide services and utilities. There is a level of confidence in the services and utilities, but all is at risk of disruption by natural disasters or by criminal acts.

Here are some essential points:

Wordpress tag: 
Post category: 

Stout nails in RC4's coffin

Cipher disk

Two important announcements this week about RC4:

First, Cisco has downgraded the RC4 encryption cipher and marked it as a cipher to "avoid." In other words, web sites should NOT use it to protect things like passwords. This is a revision of their published recommendations for cryptographic algorithms.

Wordpress tag: 
Post category: 

Strong vs Weak Cloud Security

It's always good to hear from an expert, especially an accurate one.

This article in The Register talks about "really secure" email service versus "almost secure" email service, using Lavabit as an example. Lavabit provided somewhat secure email service in that all emails were encrypted with a hefty secret key. But each key was itself stored on the email server, and encrypted with the owner's password.

Wordpress tag: 
Post category: 

Example of KISS

Ok, this is a backwards observation.

One of my hot buttons is to spot "cyber security principles," that is, general but pointed observations on how to improve cyber security. 

A long-held principle is "Keep it Simple, Stupid." Thanks to Moore's Law and the constantly falling price of ever bigger, faster, and more complex tech, no one puts much effort into keeping things simple. The extra features draw more customers even if they make the tech more fragile.

Wordpress tag: 
Post category: 

Phishing email from the Adobe Compromise

Malicious email from Adobe database

This email arrived yesterday. It was sent to an address that only exists in the databases of Adobe and of my email provider. Given that Adobe's customer databases were looted earlier this fall by hackers, I suppose it was a matter of time.

For the uninitiated, I strongly warn you NOT to try to follow the link in that email. If it's only slightly malicious, then the web page will try to tease me out of personal information. After all, this is a job offer, and employers are obliged to collect SSNs and other personal information. 

If it's seriously malicious, then the web page will send me a malicious MS Word or Acrobat file, or perhaps just some web-based scripts, that poke around on my machine looking for weaknesses. 

Wordpress tag: 
Post category: 


Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer