[Cryptography] The Laws (was the principles) of secure information systems design

[Ron Garret]

On Jul 12, 2016, at 1:30 PM, Peter Fairbrother <peter at m-o-o-t.org> wrote:

> Law 11: Security is a Boolean

I vehemently disagree with this.

Security is only meaningful with respect to a threat model.  Something can be completely secure against a casual hacker and totally insecure against a nation-state with a supercomputer and the ability to decap chips.  Moreover, the boundaries of the “something” that is secure (or not) with respect to a threat model can vary widely.  These boundaries can be physical or virtual.  I can draw a security perimeter around my account, around my computer, around the safe in my basement, around my house, around my company, around my cage in the datacenter, around the datacenter itself, around my nation-state…  Furthermore, the effort that you put into making an asset more or less secure has to be weighed against the value of the asset.  I care a lot more if someone breaks in to my on-line bank account than if they break in to my Reddit account.

Law 11 is not merely wrong, it is *dangerously* wrong, the exact opposite of what we should be telling people.

rg