[1186] in WWW Security List Archive
RE: Security via Sounding Impressive
daemon@ATHENA.MIT.EDU (Steve Dabbs)
Mon Nov 20 11:21:59 1995
Date: Mon, 20 Nov 1995 03:42:22 -0800 (PST)
From: Steve Dabbs <sdabbs@netcom.com>
To: Jonathon Tidswell <t-jont@microsoft.com>
cc: szabo@netcom.com, www-security@ns2.rutgers.edu
In-Reply-To: <199511192315.PAA04272@imail2.microsoft.com>
Errors-To: owner-www-security@ns2.rutgers.edu
Sounds like the designers were into bdsm a little too much, the words do
need a bit of modernization for the public :) Any suggestions?
On Mon, 20 Nov 1995, Jonathon Tidswell wrote:
>
> Supposedly Nick Szabo <szabo@netcom.com> wrote:
>
> | I've notice an interesting pattern in how security mechanisms are named.
> | On the one hand, we have some security features with very impressive sounding
> | names:
> |
> | Certification *Authority*
> | *Authorization*
> | *Trusted* Server
> | *Master* Key
> | etc.
>
> I wonder what historical context makes people give these words some
> (undesrved ?) emotional weight ?
> Perhaps its the implication of the proper use of appropriate
> techniques/mechanisms ?
>
> | These words fill most people with awe and good will towards the feature so
> | named. They also make good channel markers, pointing out the
> _insecure_ parts
> | of the system. The effect is to cover up the lack or inadequecy
> | of a mechanism with invocations that put our brains to sleep. This
> | is quite lucrative for marketing purposes, but it works on
> | many designers of security features as well!
> |
> | On the other hand, when we isolate the actual mechanisms of a system
> | are in fact mathematically secure, we get names like:
> |
> | Encryption
> | Blinding
> | Message Digest
> | Mix
> | Capability
> |
> | These are just plain, boring words, with no connotation that we should
> | trust them like we trust our big brother. They just work.
>
> What you are really saying is that you trust some statements (that the
> mechanisms described above actually work) actually come from an
> authority whose judgement can be trusted. Or are you asserting that we
> should use you as a certifcation authority and believe you when you say
> these mechanisms work ?
>
> All computer security ends up in trust, trust placed by a human in a
> piece of hardware or software. Some obtain this trust directly by
> attempting to break it and failing, others by studying mathematical
> proofs. Still others obtain it indirectly by contact with people who
> obtained it directly, still more rely on certificates from certifaction
> authorities.
>
> Academic journal reviewers are typically better certification
> authorities, but are far less accessible than TV and trashy journals
> which are very bad certification authorities.
>
> - Jon Tidswell
> Disclaimer: I think my thoughts are my own, and I believe my writings
> are too.
>
>
>
