tag:blogger.com,1999:blog-4088979.post6186575454070788403..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Five Reasons "dot-secure" Will FailRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger14125tag:blogger.com,1999:blog-4088979.post-44610388791500445472011-07-28T12:49:23.076-04:002011-07-28T12:49:23.076-04:00This is exactly right. It'll start out secure...This is exactly right. It'll start out secure and a month later someone will have connected something. This happens all the time - people are in a hurry, or they need to recharge a mobile device and plug it in, or they add COTS. I'm surprised the idea is still around.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-66783635002812903522010-10-12T13:58:50.192-04:002010-10-12T13:58:50.192-04:00Would a MAJOR communications company by considered...Would a MAJOR communications company by considered part of the critical infrastructure that would have to be protected on this secure network? What about all their customers, many of which would not be considered part of critical industries, would they also be brought under this secure network? What communications would be regulated/controlled/monitored within this secure network?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-81352541970235983262010-10-01T22:34:03.620-04:002010-10-01T22:34:03.620-04:00All,
I left a long comment describing why I feel ...All,<br /><br />I left a long comment describing why I feel isolation is an effective control, but this was indeed a fool's errand. Apparently it was too long for the form and I lost it all - ha!<br /><br />I reproduced my thoughs in my blog <a href="http://blog.cloppert.org/2010/10/why-there-shouldnt-be-dot-secure.html" rel="nofollow">here</a>. I welcome any comments, feel free to leave them here in Richard's blog, or in mine (or both).<br /><br />MikeAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-34292846320410706322010-09-30T16:00:20.603-04:002010-09-30T16:00:20.603-04:00Mr. Bejtlich,
As a Reuters reporter on deadline,...Mr. Bejtlich, <br /><br />As a Reuters reporter on deadline, I'd like to speak to you by telephone if possible regarding your interesting dot secure points. It's for a piece on this subject. <br /><br />Please ping me if you have a free moment: jim.wolf at thomsonreuters.com <br />Thank you very much in advance,Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-22718260696445236602010-09-29T16:00:15.658-04:002010-09-29T16:00:15.658-04:00I called separation a fool's goal because, whi...I called separation a fool's goal because, while it's a nice idea, it will totally fail. It will be as real and effective as the "air gaps" between industrial control systems and the Internet. Oh wait...Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-64723013260332142652010-09-28T12:32:27.587-04:002010-09-28T12:32:27.587-04:00>How many hundreds of millions, or billions of ...>How many hundreds of millions, or billions of dollars of taxpayer money could be wasted on "dot-secure," only to see DoD report to the Secretary or the President in 5 or 8 years that the network is also thoroughly compromised. Oops!<br /><br />You know... Something about this scheme reminds me of this: http://www.youtube.com/watch?v=T2PdyxMtiYM<br /><br />"If we built this large wooden badger..." <br /><br />Indeed.Dannoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-59476414675329510932010-09-28T12:25:47.295-04:002010-09-28T12:25:47.295-04:00I have to agree with Bob, separation is NOT a &quo...I have to agree with Bob, separation is NOT a "fool's goal". Air-gaps provide actual security - they are one of the few things that do. If air-gaps are being foiled by the lazy and/or incompetent - that is a totally different issue. We'd be better off with more air-gaps not less. (Why exactly are civilian power control networks connected to the Internet?)<br /><br />If we built a "dot-secure" why would we be hooking all of these disparate organizations to it? Does the DoD really need to share a secure link to the civilian power infrastructure? Does the DoEd need to talk to the military on a secure network with any frequency? The value of a network does not always increase as the numbers of participants increases. Sometimes the value of a network is dependent on it NOT being ubiquitous. <br /><br />It's appropriate that this presentation was given at the cryptologic museum - because the thinking behind it certainly belongs in a museum.Dannoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-43339217853486017382010-09-28T10:59:44.533-04:002010-09-28T10:59:44.533-04:00Please respond to Bob's comment about separati...Please respond to Bob's comment about separation. Separation is a fundamental security control that is a part of defense in depth.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-35092346825685312892010-09-27T15:05:11.950-04:002010-09-27T15:05:11.950-04:00I think item #3 is the biggest issue. We can alrea...I think item #3 is the biggest issue. We can already see a problem with scope in the excerpt you included which goes from power grid to banking, aviation, etc. And that's not even to start digging into what capabilities they want to build into this...which itself certainly won't be pretty. We'll go from "simple" networking requirements to piling on everything anyone can think of. It just won't ever get going. Everyone will be interested in building it perfect the first time, which can't happen, rather than a long-term evolution.<br /><br />What about a bank that ends up being owned by someone else we maybe shouldn't trust? You pretty quickly need the same amount of protection inside this secure area as you do in the general Internet.<br /><br />This sounds like a path backwards from the trend of interconnectivity.<br /><br />-LonerVampAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-16396554994840924942010-09-27T13:10:07.895-04:002010-09-27T13:10:07.895-04:00Step 1: Buy/Hack/Use a company that is already in ...Step 1: Buy/Hack/Use a company that is already in the dot secure to acces other companies in the same zone.<br /><br />Step 2: Hack<br /><br />Step 3: ???<br /><br />Step 4: ProfitLaurent Dnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-23945526504813537202010-09-27T12:40:06.595-04:002010-09-27T12:40:06.595-04:00Money better spent convincing "military and s...Money better spent convincing "military and state hands?" Unfortunately, threats do not necessarily come from countries with an organized army, or diplomats...remember 9/11?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-29251300189455074622010-09-27T10:18:53.844-04:002010-09-27T10:18:53.844-04:00Bob has a good point. Richard, please respond.
Ro...Bob has a good point. Richard, please respond.<br /><br />Robrigtenzinhttps://www.blogger.com/profile/07753944603301426002noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-28976070405706277212010-09-26T13:29:09.451-04:002010-09-26T13:29:09.451-04:00'"Separation" is a fool's goal&#...'"Separation" is a fool's goal' .. really?? Them there are fighting words. I know you are a major advocate of threat based security, but limiting system's communications to the minimum amount necessary sounds an awful like fundamental good practice to me. Giving one example where separation didn't completely work (do you have any metrics on whether it helped to reduce the impact?) doesn't mean you should completely write a control off, surely? <br /><br />BobAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-5316244030651083912010-09-26T08:15:45.108-04:002010-09-26T08:15:45.108-04:00Richard,
I totally agree with you, particularly w...Richard,<br /><br />I totally agree with you, particularly with respect to #5. <br /><br />"...<i>allow the government to impose greater protections</i>..."<br /><br />Oh, no you didn't! ;-)H. Carveyhttps://www.blogger.com/profile/08966595734678290320noreply@blogger.com