Security is a state of mind, not a state of things.
Security of things cannot be achieved. Any system that is complex enough to be secured, is already broken. This is the same kind of broad sentiment as "we'll all die eventually", but it is true. Therefore, you should always start with the premise that your security is broken - then what ?
At this moment you should think about alternative plans and insurance. In a sense, insurance is the security decision that covers risks that cannot otherwise be covered, such as death.
From a technical perspective, that all security is broken, leads to two conclusions. First, you must know when to stop being paranoid and give up some of the steps that are hopeless anyway. Second, you should make your security partitioned / layered.
Partitioning a complex system into components / modules / what have you, is the ultimate analysis principle. It makes things observable, easier to reason about, modify and replace, and, in case of security, they back each other up. When you have a row of ten doors, the attacker has to break ten locks.
On the other hand, when you partition a system, any system, it only creates an illusion that complexity disappears. Complexity, like energy, never disappears, it only transforms from one state to another. Here, the complexity goes into the interconnections. It is good when you have ten doors one after another, but in reality the parts communicate with each other in a twisted and unpredictable way. And then, another, opposite, security maxim says that the attacker must break just one door, whereas the defender must protect them all. Therefore, the more parts, the more vulnerable the system is. Catch-22.
Good luck.
Top comments (0)