On Tue, Dec 17, 2024, 12:24 PM <to...@tuxteam.de> wrote: > On Tue, Dec 17, 2024 at 12:37:33PM -0500, Jeffrey Walton wrote: > > On Tue, Dec 17, 2024 at 12:29 PM <to...@tuxteam.de> wrote: > > > > > > On Tue, Dec 17, 2024 at 10:59:40AM -0500, Michael Stone wrote: > > > > On Tue, Dec 17, 2024 at 06:45:05AM +0100, to...@tuxteam.de wrote: > > > > > Do you have a reference? > > > > > > > > > > I ask because I'm in the middle of a discussion (and that was my > advice, > > > > > too). Seeing what Schneier has to say on that would be very > interesting. > > > > > > > > All of this advice is overly simplistic. The right answer depends on > > > > understanding your threats and making a conscious decision what > risks you > > > > want to mitigate [...] > > > > > > I know, I know. My introductory sentence is almost literally yours. > > > > > > As times shift, threat models shift accordingly. Back then, when > > > computers and environments were more shared, post-its and shoulder > > > surfing were the main password leak threat, in-between it was the > > > (clear text) transport, these days it's probably phishing and > > > server-side breaches, which -- hopefully! -- yield a database of > > > salted hashes, in which case strong passwords are vital. > > > > > > I'm still very interested in those references, not to follow them > > > blindly, but because they may contain insights I haven't had myself. > > > Especially in the case of Schneier, I'm doubly eager to listen. > > > > Schneier is security on training wheels. (Not to impune his work). It > > is a good introduction, but it is written for a different audience >
His earlier book on cryptography was for a while the best source for people who wrote code. I guess his BlowFish cipher has not stood up so well over longer time. He started his career in the Chicago area at ATT. Perfect for my purposes. I'm trying to get people to understand that > security is relative (to everything else around it, i.e. the famous > "threat model"). If they end up digesting Schneier's "process, not > product", I'm happy. > Reading the US DoD Orange Book in 1990, we realized that a server secured at the A level was essentially unusable for its purpose. At best a single-user single-purpose machine. And that physical security is the foundation of all other security, without it all else is meaningless. So from a certain perspective, all of our efforts were futile :-) The "Rainbow Books" have been freely available online for some years. > If you really want to satisfy your security related hunger, then read > > Gutmann's Engineering Security[1] or Ross Anderson's Security > > Engineering.[2] I prefer Gutmann because it is so well cited. I often > > pull the cited papers and read them for myself. > Papers by Bell and LaPadula on MAC and DAC are foundational, they used to be freely available online. The original theoretical basis of the SElinux model. Gutmann was mentioned in this thread. Anderson wrote in CACM's "Inside > Risks", right? > > Cheers > -- > t >
