[15461] in cryptography@c2.net mail archive
Re: The future of security
daemon@ATHENA.MIT.EDU (Anne & Lynn Wheeler)
Wed May 26 15:56:37 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 26 May 2004 09:51:01 -0600
To: "Steven M. Bellovin" <smb@research.att.com>
From: Anne & Lynn Wheeler <lynn@garlic.com>
Cc: Ian Grigg <iang@systemics.com>, Graeme Burnett <rgb@enhyper.com>,
cryptography@metzdowd.com
In-Reply-To: <20040511153635.E4DCD7B44@berkshire.research.att.com>
At 09:36 AM 5/11/2004, Steven M. Bellovin wrote:
>In message <409ACFC7.6050407@systemics.com>, Ian Grigg writes:
> > Security architects
> >will continue to do most of their work with
> >little or no crypto.
>
>And rightly so, since most security problems have nothing to do with
>the absence of crypto.
> >
> >j. a cryptographic solution for spam and
> >viruses won't be found.
>
>This ties into the same thing: spam is *unwanted* email, but it's not
>*unauthorized*. Crypto can help with the latter, but only if you can
>define who is in the authorized set of senders. That's not feasible
>for most people.
one of the issues has been that many crypto security solutions have been
oriented towards hiding information. that may work with outsiders ... but
traditionally, 90percent of fraud has been insiders ... and recent news
last friday about study to be published was that interviewing something
like 1000 people involved in identity theft cases ... it was determined
that at least 70percent had some sort of employee involvement.
in that sense ... the internet and introduction of the possibility of
outsider related fraud ... has distracted/obfuscating focus from the real,
long standing issues.
my repeated observation that current generation of desktop systems were
originally introduced to operate in a standalone environment where
applications could be introduced that freely took over the whole machine.
attempting to continue to satisfy the standalone ... total take-over
requirements at the same time using the same platform for generalized
interconnect to an increasingly hostile environment creates some
diametrically opposing objectives.
there have been some number of time-sharing systems from the 60s & 70s that
were designed from the ground up to handle multiple, concurrent users that
potentially had conflicting, competitive, and/or opposing objectives (say
multiple users from competing corporations and industrial secrets might be
involved). these systems with designed in security from the ground-up have
shown to be immune to many of the current day vulnerabilities and exploits.
to some extent, there could be valid claims about attempts to use
cryptography as bandaids to address fundamentally flawed infrastructures
(or at least infrastructures that were specifically designed to not handle
many of the existing situations that they have been used for) ... aka lets
use bandaids to treat strep infections.
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
