| ||||||||
|
Exploring the Impacts of
Pervasive Computing |
|||||||
 |
||||||||
| |||||||||||||
by Scott Tilley
"[The book] offers an authoritative introduction to the field of cryptography, suitable for both the specialist and the general reader. The book adopts an encyclopedic approach to cryptographic systems throughout history, from ciphers to public key cryptography. Schneier also outlines cryptographic protocols--the steps required for secure encryption--with the precision of a chess master." Applied Cryptography is an interesting mix of theory and practice, and it has proven to be a best seller for its author. Which makes it all the more strange that in the first sentence of his most recent book Secrets & Lies: Digital Security in a Networked World (John Wiley & Sons, 2000), Schneier renounces his previous work as "a mistake." In fact, he now appears to renounce the technology-centric view of computer security that he previously advocated through his focus on cryptographic algorithms. "He's [Bruce Schneier] worked in cryptography and electronic security for years, and has reached the depressing conclusion that even the loveliest code and toughest hardware still will yield to attackers who exploit human weaknesses in the users. Moving away from blind faith in prevention, Schneier advocates swift detection and response to an attack, while maintaining firewalls and other gateways to keep out the amateurs. Secrets & Lies has been selling very well. As of last Fall there were more than 45,000 copies of the hardcover version of the book sold, and it had entered its fourth printing. Schneier's writing makes for very interesting reading. I raced through most of Secrets & Lies in a few days while sitting at the beach last Fall. Of its many provocative ideas, I'll just touch on three of them here: security usability, system complexity, and intrusion detection. Security UsabilityIt's easy to make a computer system completely secure: don't let anyone use it. Obviously this is not a practical solution, but it illustrates the fundamental problem with the tradeoff between usability and security. Generally speaking, trying to make systems more secure often involves making them less usable. For example, passwords are still the most common way of restricting access to a shared resource, such as a computer account or a Web site. But if you force users to use hard-to-remember passwords, they'll inevitably write the passwords down on little yellow stickers and leave them taped to the side of their monitors. In fact, most users today have so many passwords to remember that they often try to use the same one, or a small set of similar ones, for all the systems they access. Schneier describes a simple technique to gain access to such passwords: setup a Web site containing free information, but force users to register with a name and password. Also ask them about the other types of sites they visit, such as banks or online media portals. Collect the passwords and then try to use them on the other sites. Collecting the incorrect passwords users type is also useful, since people often type in a correct password but for the wrong site. There are of course other access control mechanisms available other than passwords, but they are not yet in widespread use. Techniques such as finger printing and retinal scans are more secure than passwords, and they very well may replace the simple text phrases currently used. But for now, passwords are the main method and they suffer from at least two serious drawbacks. Firstly, if they are easy to remember, they are easy to crack. Secondly, if they are hard to remember, they are made easy to recall by placing them in plain text and in full view of potential adversaries, as mentioned above. System ComplexityAssessing the relative security of a computer system is exceptionally difficult. There is no easy way to quantify security; it's a quality attribute that is mostly unrelated to a system's functionality. Designing a system to be secure from the start is hard enough; assessing the security of a legacy system is even harder. The problem is exacerbated by the increasing complexity of today's computer systems. The sheer size of these programs means that no one really knows how all the parts go together. Consequently, it's difficult to say how secure the system is, just as it's difficult to say how maintainable the system is, or how reliable it is. The following table, taken from Table 23.1 on page 357 of Secrets & Lies, illustrates the increasing complexity of even commodity software, to say nothing of special-purpose applications:
One of the consequences of system complexity is the difficulty in ascertaining whether or not anyone has fiddled with the system. Hackers can enter the system across the network. Or they can be "on the inside," armed with knowledge of some of the known (but not publicized) weaknesses of the system. Or can they be innocent users who are victims of social engineering, giving away their passwords to hackers pretending to be caring system administrators. No matter which method is used, the end result is the same: the system has been comprised. The challenge is detecting the intrusion as soon as it occurs, and then taking appropriate action. Intrusion DetectionSchneier is now the Chief Technology Office of Counterpane Internet Security, Inc., a network intrusion detection company. In Schnier's view, detection (and subsequent response) to security breaches is the only way to address computer security. Most products so far have focused on prevention, but as no device can ever be 100% effective, this approach does seem to make sense. Secrets & Lies makes a strong case for intrusion detection systems. The best arguments are analogies to the analog world. For example, banks have security boxes and safes, but they also have armed guards and serious insurance policies. In fact, Schneier states that, in the end, security is all about insurance: managing risk and determining acceptable levels of liability. This view of computer security as management issues, rather than a technical issue, is refreshing. That said, prevention is still important. Just as you wouldn't leave your house unlocked in most major metropolitan areas, you shouldn't leave your computer system wide open to hackers. Fire walls, encrypted email, and anti-virus software is still important. Many people claim they have the same level of protection for their house just by putting an alarm company's sign out in front of their house -- without actually having an alarm installed. If the burglar doesn't know for sure if there is an active alarm system, they'll likely try an easier target. In both the analog and digital worlds, a soupçon of security is better than none at all. | |||||||||||||||||||||||||||
| ||||
Last
Fall, Microsoft admitted that their internal networks had been compromised by
hackers operating from abroad. Last week, some of Microsoft's Web properties
were inaccessible due to concerted attacks by hackers. Events such as these have again raised the profile of information systems security. If mighty
Microsoft is susceptible to Trojan horses and Denial-of-Service attacks, what hope is here for you? In his
recent book Secrets & Lies: Digital Security in a Networked World,
well-known computer security guru Bruce Schneier outlines the serious challenges
to any organization attempting to create and operate a secure computing
environment. Even a soupçon of security helps, but it is never enough. 
In Secrets & Lies, Schneier advocates a more
holistic approach to computer security. As he often states in the book, security
is a process, not a product. The reliance on technology as the sole source of
security for today's information systems is misplaced. After all, people use
computers, and people are inherently unsecure. According
to the editorial review at amazon.com,