Security In General (Was running Linux on odd devices is SOOO COOL!)
Jason Spatafore
jason_online at spatafore.net
Sun Nov 15 13:08:07 MST 2009
On Sun, 2009-11-15 at 12:53 -0700, Lisa Kachold wrote:
> I guess I still disagree with your use of the word 'broken'.
> By that
> definition, gpg is 'broken' as well as *any* encryption system
> that uses
> passwords. Just because because you can brute force a crack
> doesn't
> mean that the protocol broken.
That is why it is important to use defense in depth...multiple layers of
security. The cracker may get through the first layer...then there's
another he has to crack...then he wonders "How many more layers?" and
oftentimes will quit.
I thought it was hilarious when I watched Smallville a few weeks back.
Chloe, the computer hacker in the group, had to get through 100
firewalls. She did it...and found a video of the guy mocking her. I
thought that was a very good example. If you can keep the crackers
moving in a direction that ultimately gets them nowhere, that is the
best possible route.
So, will we see tripwire applications that ultimately just keep spawning
chroot'd jails that keep the cracker digging and digging for nothing,
ultimately driving the cracker to non-critical appliances that are
designed just to keep entertaining the crackers desires? THen,
ultimately, if the cracker can lock up the appliance, they have a false
feeling of accomplishment?
Ultimately, a digital smoke screen. The goal: Keep them busy...discover
who/what they are. And harden your own security from the tactics you
observe. Oh, and arrest them if you can. :)
More information about the PLUG-discuss
mailing list