|
|
|
|
|
|
by jerf
868 days ago
|
|
|
Basic principle of security: A security system should be more expensive to break for the attacker than the value of the thing it is securing to the owner. This is generally a counter to people using binary thinking and believing that a security system is broken if there is any way in at all, thus thinking things are either in the categories "secure" or "insecure" without any further qualification. In fact those categories don't exist. It is intrinsically at a bare minimum a spectrum of security, and one can slice & dice more finely if one likes based on what sort of attacks various different types of attackers can mount, e.g., defending against whole-internet scans is one thing, nation-state attackers specifically targeting you quite another. I'm using it in a different way: When what you want to lock behind your security system is essentially "all economic value in the world", such as "we'll solve all identity problems on the internet by just having the government provide identities", that means you need to create a security system that is more expensive to break than "all economic value in the world". However, you can't. Any conceivable security system is easier to break than that. There is a sense in which it is simply necessary that there be a wide variety of independent identification systems, each individually covering sufficiently small amounts of value that they are possible to exist at all, and with a diversity of costs and strengths to cover the various cases. |
|
|
Do I really?