Home page logo

dailydave logo Dailydave mailing list archives

Re: The underlying structure is foamy
From: Jack Whitsitt <sintixerr () gmail com>
Date: Tue, 28 May 2013 23:57:18 -0400

(In support of the email below, but perhaps a little OT to the
original thread): I don't think you've taken that concept far enough.
The security state of the internet (or any network really) at a given
moment in time is (in my untested opinion) the aggregate result of a
series of decisions made and actions taken by authorized roles in
legitimate capacities somewhere on a timeline.  (If there are
illegitimate actions able to be taken by authorized or unauthorized
roles, the ability to implement those actions by those roles is the
result of legitimate actions/roles earlier in the timeline.)

You can model the entire state this way - technology is just a
physics-limited proxy for those decisions/actions.

This means that if you really want to
control/manage/influence/predict/comprehend an environment over time,
you really must conceptually start with the human aspects or you risk
relatively massive conceptual mis-alignment.

On Tue, May 28, 2013 at 8:08 PM, Eric <pty.err () gmail com> wrote:
Something a lot of people don’t get about the internet is that it’s more of
a policy artifact than a technology artifact.

The reason we got the internet we have, and not whatever the incumbent telco
industry was working on 30 years ago, isn't because the organizers picked
the better suite of crufty network protocols.  It’s because they adopted,
championed, and defended a crucial set of policy principles, e.g. end-to-end
(i.e. “the stupid network”), open standards, open access, etc.

If you think of the internet mainly as a bunch of packet switching devices,
it's easy to quibble with the naval metaphor: “Container ships are
expensive, packets are cheap.”  “Network latency is measured in
milliseconds, not nautical miles.”  Etc.

But seen through the internet-as-policy lens, the naval metaphor makes a lot
of sense: the legal jurisdiction of the playing field is international.  Law
enforcement is mostly absent.  Commercial operations are basically on their
own.  Bandits can attack with impunity, for the most part.  Etc.

At least in maritime scenarios 500 years ago, a private operator had the
benefit of long-established and generally agreed-upon doctrines of
self-defense and self-help.  Not so much in cyber.

My first point being that in this particular policy discussion, it helps to
recognize the internet as a figment of policy more than anything else.  And
my second point being, modern cyber law doctrine isn’t even to the level
that maritime was 500 years ago.  Folks are starting to recognize this, and
we're seeing signs that we're on the cusp of a major push to bring it up to
date, one way or another.

On Fri, May 24, 2013 at 11:32 AM, Keith Seymour <keseymour () gmail com> wrote:

We're all driven by metaphors. They make complex subjects easy to discuss
without getting lost in the details. They also allow you to think creatively
about the subject and gain new insights. I think Dave's metaphor works well
for both of these purposes.

Sure the ships are cheaper, sure they are faster but ours are just as fast
and cheap as theirs so the advantage needs to be that ours are more
effective. Bits have to get there and it's still better that they arrive
without alerting the defender. Bits still have to be stopped and searched
and filtered, better if the attacker doesn't know it's happening.
Controlling the commons is what made the British huge and our copying that
is a lot of what helped us become great - we were able to control what other
nations did in the world.

One similarity to the ocean analogy is there are only certain points that
connect a nation to this commons. If you can control the commons and these
points you can manage what nations are allowed to do there. The difference
is that the Navy can only stop, turn around, capture, or sink a cargo from a
controlled nation. In cyber you could board the vessel and weaken the
springs in the cargo of assault rifles without the owner knowing. This makes
you ever more powerful because your opponent believes their cargo is
arriving intact and their plans are moving forward successfully.

Replacing nuclear deterrent in the modern power structure is interesting
because it's entirely asymmetrical.  First world nations are completely
vulnerable and have no real retaliation. If the attack were as Ben puts it
'removing air conditioning and microwaves' and the only retaliation a first
world nation has is nuclear which would be considered an excessive response
in world view. Iran could reverse the economic embargo on the US by shutting
down email mail services in all of the fortune 500 companies, and there
isn't much the US can do about it legitimately.

This new playing field is very interesting because like never before it
puts companies' in the position of directly defending themselves and
everything that's valuable about them against criminals, terrorists, and
nation states. Governments that don't understand that, or aren't able to
protect their citizens will have a difficult time of it.

Dailydave mailing list
Dailydave () lists immunityinc com

Dailydave mailing list
Dailydave () lists immunityinc com

Art & Security --> http://sintixerr.wordpress.com
Dailydave mailing list
Dailydave () lists immunityinc com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]