Share via


Trust me if you dare...

Paranoia : baseless or excessive suspicion of the motives of others

What percentage of computers are compromised in some way? No-one knows for sure but there are estimates. Not many servers – but compromises of those tend to be critical. Some of the systems in an managed environment may be compromised by malware of some kind. Many home systems are – if your system connects to many home systems, you are going to have to assume that at least some of them have malware on. Given that some of the boxes are not trustworthy and you can’t tell which, you have to assume that any (which means all) of them are bad.

Is this excessive? Maybe. It depends what you are protecting. The cost of the protection should be less than the value of the thing that it is protecting or there is no point. If you are protecting grandma’s tomato soup recipe and your name is not “Heinz” then complex protections are unnecessary but some things have to be protected by law. If your system is protecting the identity of translators in a combat zone, it could be a matter of life and death.

In that case, you need to be as certain as you can be that nothing is widening the access to the data. A keylogger could be hardware or software. Something could be sniffing the network. There could even be a hidden camera looking at the screen (no, really, it has happened). In that case, the more control over the environment, the more certain you can be that your environment is clean. In practice, you may only have limited control and that puts you in the world of trying to limit risks. That gets interesting.

I will be talking about that in some future blogs

Until then, signing off

Mark

Comments

  • Anonymous
    August 29, 2007
    The comment has been removed