Security by obstinacy

Submitted by Hannes Schmidt on Thu, 12/13/2012 - 19:28.

The mechanism we employ to increase the security, integrity and privacy of systems and the communication between them are never absolutely effective. They evolve over time, some are abandoned, others are hardened incrementally, yet others are replaced by supreme alternatives. The encryption algorithms deemed secure today may become obsolete with a new mathematical break-through or with the advent of computational devices that are orders of magnitude more performant compared to their predecessors. Security, as a goal, requires continued effort, and, as a property of a system, can be measured on a scale. It involves making trade-offs: only if the prize is high, do we need to go the extra mile, otherwise we do get away with compromising on security, pun intended.

I recently was exposed to an example of the all-or-nothing approach to security. Google suddenly (as in 'without notice') dropped support for self-signed certificates when fetching mail from external POP3 accounts over secure connections. Granted, self-signed certificates do compromise the security of TLS. But that doesn't justify someone deciding for us that we shouldn't be using them. Interestingly, the suggested mitigations involve abstinence (as in "you can always leave Gmail") and ignorance (as in "you can always use unencrypted POP3").

( categories: Geek )