[18107] in cryptography@c2.net mail archive
Re: solving the wrong problem
daemon@ATHENA.MIT.EDU (Sherri Davidoff)
Sat Aug 6 20:55:22 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: "Perry E. Metzger" <perry@piermont.com>
Cc: cryptography@metzdowd.com
From: "Sherri Davidoff" <alien@MIT.EDU>
In-reply-to: Your message of "Sat, 06 Aug 2005 14:28:29 EDT."
<87oe8audgy.fsf@snark.piermont.com>
Date: Sat, 06 Aug 2005 18:30:23 -0400
Reminds me of the White Knight from Alice in Wonderland, who doesn't
understand his threat model, and doesn't know how to effectively use
his tools:
`I see you're admiring my little box,' the Knight said in a friendly
tone. `It's my own invention -- to keep clothes and sandwiches in. You
see I carry it upside-down, so that the rain ca'n't get in.'
`But the things can get out,' Alice gently remarked. `Do you know the
lid's open?
`I didn't know it,' the Knight said, a shade of vexation passing over
his face. `Then all the things must have fallen out! And the box is no
use without them.''
...
`You see,' he went on after a pause, `it's as well to be provided for
every-thing. That's the reason the horse has all those anklets round
his feet.'
`But what are they for?' Alice asked in a tone of great curiosity.
`To guard against the bites of sharks,' the Knight replied. `It's an
invention of my own.'
Full text from the chapter:
http://www.sabian.org/Alice/lgchap08.htm
alien
"Perry E. Metzger" writes:
>We already have the term "snake oil" for a very different type of bad
>security idea, and the term has proven valuable for quashing such
>things. We need a term for this sort of thing -- the steel tamper
>resistant lock added to the tissue paper door on the wrong vault
>entirely, at great expense, by a brilliant mind that does not
>understand the underlying threat model at all.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
