Is 100% Security Possible?

  • Steve Jones - SSC Editor

    SSC Guru

    Points: 720940

    Comments posted to this topic are about the item Is 100% Security Possible?

  • roger.plowman

    SSChampion

    Points: 10243

    And yet we rush to the cloud, increasing our attack surface to an unimaginable degree.

    The basic problem is two fold. One, the whole problem is far too complex. Developers pile complex systems higher and deeper and laugh madly at the tangle, rushing blindly to pile even more systems into the mix that were never designed to work together. At the same time ignoring the fact even one flaw can destroy the whole thing.

    Kind of like the pressure hull on a submarine, really.

    Second, NO ONE knows how security works. Or, more precisely, we have no idea how to implement security in a simple manner. In security complexity is lethal. It's far easier to secure a single locked room than it is an entire city.

    We cannot solve the current security Gordian knot. We have forgotten KISS and until we fundamentally change our approach we never will.

     

  • Rod at work

    SSC-Dedicated

    Points: 33412

    Unfortunately I see a fair amount of people not wanting to automate processes. 🙁

    Kindest Regards, Rod Connect with me on LinkedIn.

  • skeleton567

    SSCertifiable

    Points: 5101

    roger.plowman wrote:

    And yet we rush to the cloud, increasing our attack surface to an unimaginable degree.

    Second, NO ONE knows how security works. Or, more precisely, we have no idea how to implement security in a simple manner. In security complexity is lethal. It's far easier to secure a single locked room than it is an entire city.

    On the farm, we kept livestock in enclosed fields with a single gate that could be opened and closed.  When we wanted to move some of the livestock from one field to the other, we opened the gate, drove only the selected ones through, and closed the gate.  When we were finished working with the few, we opened the gate, drove them back in with the others, and closed the gate again.

    Rick

    The only thing worse than being an influencer
    is believing one.

  • franciscarr07

    Newbie

    Points: 1

    No, currently it is not possible to achieve perfect security.

    The current state of the art in information security is to grab some existing mathematical, technical or bureaucratic method to fix the issues we already have burning and at large.

    There is no structured theory of information security. The whole area touches too important philosophical questions to be structured, described and sorted out easily.

    For example, authentication is literally checking that user who knocks the door is the one by validating something that he has, knows or is! I guess the humanity as a whole is not ready to answer any of these questions with absolute and formally validated confidence, yet. Many managed IT service company in NJ provides robust security, but there is always chances of errors everywhere.

     

  • Matt Miller (4)

    SSC Guru

    Points: 124208

    Nonsense - there's always a way to achieve perfect security.

    step 1:  Collect all electronic devices.  Lay them out on a flat hard surface

    Step 2: go outside and find the largest heaviest rock you can find.  If you can't find a rock, any hammer or sledge hammer will do....

    Step 3:   watch Office Space...

    ----------------------------------------------------------------------------------
    Your lack of planning does not constitute an emergency on my part...unless you're my manager...or a director and above...or a really loud-spoken end-user..All right - what was my emergency again?

  • Steve Jones - SSC Editor

    SSC Guru

    Points: 720940

    Security is getting better, attacks are getting more creative and complex.

    Once we get rid of all these simple attacks, and many of them are simple and easily preventable, it will remain to be seen how hard it is to secure things.

    I just wish more companies that had RCA retrospectives would publish details that help us learn to be better.

     

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic. Login to reply