11/21/2002

homeland security through obscurity?

I strongly disagree with Steven Den Beste's assertion that when it comes to homeland security, the best action is to "keep your mouth shut". He harshly critiques the decision by a researcher in North Carolina to reveal how vulnerable our agricultural industry is to bio-economic terrorism (such as cultivation of foot and mouth disease).

The best analogy is software security. When an exploit is discovered by outsiders, they usually announce it immediately and publicly. The reason is that this creates immediate pressure upon the software company to react quickly and patch the hole. Without that outcry, the tendency would be for the software company to sit quietly on it and hope for "security through obscurity". Microsoft actively bribes software developers to be silent about holes in MS software, for example, because they perceive the PR reputation of the company as more important than the security concerns of their users. Such as this gaping hole in Passport which leaves users' credit cards vulnerable to hackers.

Note that Eric Raymond has a definitive Jargon File entry on "security through obscurity". Another must-read essay on the topic was penned by Bruce Perens, posted to Slashdot.[1]

This "play it loud" approach is even more critical when lives are at stake. It is nonsense to imagine that terrorists will not eventually deduce the existence of security holes in our society, and exploit them. They effeciently managed to exploit the "placation-centric" attitude of airport security towards hijackers on 9-11, for example. Had someone raised an outcry - publicly - that this is no defense against a SUICIDE hijacker, there might have been simple measures taken to prevent an exploit and 9-11 could have been averted.

In general, a security hole in software takes hours to exploit. But a terrorist organization might need years to prepare an exploit of a homeland security hole. Quick outcry as soon as such holes are detected is essential to keeping the country safe.

UPDATE: Jane and NZ Bear weigh in. With respect to Jane's point, she makes the same assumption that Steven does, namely that there do actually exist terrorist attacks that are truly unstoppable. As long as her entire argument rests on this thesis, it's unsound. There is always a solution. Sometimes there may be no technological solution, but there certainly could be a POLICY solution.

Case in point - agriculture. Its easy to point out how our mass-produced genetically non-diverse feedstocks are vulnerable. And maybe the current Big Aggie way of doing farming is inherently vulnerable in certain ways that cant be solved. The answer then becomes, CHANGE that method. This is already happening with micro-farming and the rise of smaller more varied farming cooperatives. By introducing variety into the genteic stock and by decentralizing the production of food we can achieve not just increased security (ie, removing a single point of massive failure) but actually get tangible results in terms of healthy and tasty foods. (Aside. Did you know there used to be thousands of different species of chickens? Each with a unique flavor. The very concept of "tastes like chicken" used to be meaningless.)

The point is, there are always solutions. Jane and SDB both posit that there do exist unstoppable attacks. But the assumption of "unstoppable" is always based on assumptions that are not universal.

Eric also has related bloggage, but seemes to have bizarrely descended into self-inflating paranoia. From the comments thread in NZ Bear's post, comes this link to an essay written in 1857 (!) on the same topic, as applied to locks. There are a number of other useful links in there for those further interested in the topic.


[1] I must apologise to both ESR and Bruce Perens for using their names together in the same paragraph. But they actually DO agree on some things.

No comments: