A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Analogue Network Security - Winn Schwartau BSides Las Vegas 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Analogue Network Security
Winn Schwartau

In 1973, the Bell-Lapadula security model was introduced and is fundamentally still how security is implemented: with static fortress mentality, In 1987, the U.S. Department of Defense published the Red Book; the Network Interpretation of the lauded Orange Book that set forth many of the principles for information security. The results were, essentially, ‘we have no earthly idea how to secure a network’. Today, we now assume our networks are ‘P0wn3d’ - already infiltrated by hostiles. We ‘know’ that by adding more technology, our security problems will go away. We think of ‘the network’ as a single ‘thing’ and attempt to protect it as such. It isn’t and we can’t. TCP/IP. It was just an experiment. Today, it is the inter-infrastructural foundation of civilization. The internet of things is adding so-called intelligence to some 50+ billion endpoints. Where's the security? Or privacy? Massive new projects using next generation, smarter, faster ways of doing the same old stuff all over again is the ultimate deja vu epic fail of security. Is this any way to run a business? Or a planet? I hope to offer a corrective view. Analogue Network Security. Geeky. Interdisciplinary. Exciting, emerging security model to fix our woes. Finally, three Memes for your consideration. 1. ROOT is the root of all cyber-evil. 2. Passwords will be the downfall of us all. The game is really about IdM. 3. Security requires a single, interdisciplinary metric for the cyber, physical and human domains. C’mon, 50 years of practice and we're still…? Well, screw it. You’ll see. I have a few ideas.

Back to Las Vegas 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast