Slashdot Mirror


Security for the Paranoid

Stephenmg writes "In Security for the Paranoid, Mark Burnett talks about his computer security methods after other Security profesionals say he is too Paranoid. 'Paranoia is the key to success in the security world. Is it time to worry when other security professionals consider you too paranoid? I require my kids to use at least 14 character passwords on our home network and I'm considering issuing them smart cards.' I don't see anything wrong with his methods."

10 of 449 comments (clear)

  1. Mark is Paranoid, but Trusting of Microsoft? by xmas2003 · · Score: 5, Interesting

    While being paranoid is argueably good (although Mark may be a bit extreme compared to most), I did wonder a bit about one comment near the end of the article which was: "And I install hotfixes the day Microsoft releases them" which seems to put an awful lot of trust in Microsoft (or any other vendor for that matter) not to release a patch that has problems.

    --
    Hulk SMASH Celiac Disease
    1. Re:Mark is Paranoid, but Trusting of Microsoft? by pegr · · Score: 5, Interesting

      Beat me to it. I was just about to post "He runs Windows, the fucking pouser."

      Precisly correct. He does all this to "feel good" without understanding the threat. Does he check his firewall logs daily? Did he disable LM hashes on his Windows box? (If not, the 14 char password is really just two sevens...)

      I've always maintained that strict adherence to protocol is the last bastion for the truly evil and truly stupid...

  2. smart cards? by VolciMaster · · Score: 5, Interesting

    for a home network? Paranoia is understandable, but smart cards on a home network? and 14 character passwords inside your house. OK, on the outside, that makes some sense. But what kind of secrets do you internally that you need that level of paranoia. If the entire network is open to the outside world, that a different matter, but what could possibly be so important that your kids need 14 character passwords to protect it inside your home?

  3. Not quite right by norfolkboy · · Score: 4, Interesting

    Well, I can see the guys reasons.

    However, information security has to be appropriate to the data you wish to protect.

    A system that annoys users by making it hard to access the information (long passwords changed weekly for example) will just leave you with a static store of information.

    The information will never be *USED*. There will be no point in having it.

    Use security appropirate to your data. He IS paranoid, and - offtopic: sounds a bit of a nob.

    I know for sure if I was one of his kids, I wouldn't WANT to connect to his network!

  4. what a pseudo-fool (in a nice way) by yagu · · Score: 4, Interesting
    ..., No one else, not even my wife, knows my network password....,

    ... is about the only part of his screed that could make sense to me. Not because one should not divulge a password to one's wife, but because keeping passwords entirely private is good policy. Almost everything else about his life strikes me as goofy. If you read any of the "hacker" books, hacking and gaining access to people's stuff isn't about cracking passwords, it's about social engineering and dishonest behavior, most of which the author's behaviors won't prevent. But, if it makes him feel better.... (I wouldn't want to live on his network.)

    I worked at a large company and called the administrator of their unix mainframe and complained that /usr/bin and /bin both didn't even have execute privelege so I couldn't even see what commands existed. The administrator dressed me down and explained they did that for security reasons so people couldn't hack in. He went on to tell me about the giant breach on that system from outside hackers and hence, the very tight "security". I gently reminded him the "breach" actually occurred with those very same directory permissions.... and they didn't prevent the hack. Sigh...

  5. paranoid my ass by wardk · · Score: 5, Interesting

    mark me troll if you must. but I see this as a legitmate question....

    if he's so damn paranoid, what the hell is he using windows for?

  6. too paranooid by MetalliQaZ · · Score: 3, Interesting

    I think you can be too paranoid. I seem to remember a story a while ago about security measures that were overly invasive. Require 14 character password with non-alpha characters, and get your users putting their passwords on their monitors with post-it notes.

    Its true, you never seem to realize your folly until its too late and your data is gone, but in my case, my home network isn't so important to me that I think its worth so much security that it interferes with my enjoyment or productivity.

    Usually my stance is that I let the foil-hat wearing scurity gurus have their toys, but I continue to look for the solution that is "good enough" and that conforms to MY wishes, not theirs.

    -d

    --
    "Here Lies Philip J. Fry, named for his uncle, to carry on his spirit"
  7. Security,,,for the average user? by nebaz · · Score: 4, Interesting

    The guy uses 5 passwords for his laptop, and I am sure that is fine for him.

    Security for the sake of security, for example, can sometimes backfire.

    For example, a company I used to work for had this policy that you had to change your password every 30 days, have at least 1 special character, one capital, one number, etc.

    This was on an intranet, and most people hated this feature.

    Most people ended up using a system like
    Jul@1996 for their password. Mon

    Kind of defeats the whole purpose of security.

    I tend to think one should use security proportional to sensitivity on certain matters, knowing that nothing is perfectly secure.

    But enforcing 'security' for the sake of security, especially random, and unsupported 'security' can make the average user resentful, and the process much less secure.

    --
    Rhymes that keep their secrets will unfold behind the clouds.There upon the rainbow is the answer to a neverending story
  8. Read Dawkins, any studies on altruism... by John+Seminal · · Score: 5, Interesting
    And this guy is set up very secure.

    Is he mentally ill? Let's just say he doesn't sound like the type of person I'd want to have a beer with.

    In fact, he sounds a lot more like the type of person who has food, water & weapons buried in the woods for the coming Apocalypse.

    In any population, you will have a percentage of people who are very alturistic, they will sacrifice for everyone else. And you have some people who are so paranoid they will always hide and run. This is required for a species to continue.

    For example, say you have birds. Say that 5 out of 100 birds will signal when a predator comes in range. Chances are greater those birds will be eaten, since it is making itself more known to the preditor. Now in that same 100 birds, say you have 5 that always hide, run, and are very paranoid. They have the greatest chance of continuing the species line.

    If we all get soft, and say nuclear war does break out, in any form, the guy who has a chamber 50 feet under the ground with a room filled with water and food, and another room with oxygen tanks, he might be what's left to start the gene pool over again.

    Instead of critisizing him as mentally ill, maybe you can add some of your distinct expretesse and help build a better shelter. One where 2 people can hold out longer, maybe making some filtration system for well water, adding lights with the correct wavelegnth to let plants grow underground and make natural oxygen. Then you will both survive, and your altruistic genes will get passed on too.

    --

    Rosco: "If brains were gunpowder, Enos couldn't blow his nose."

    1. Re:Read Dawkins, any studies on altruism... by Fjornir · · Score: 3, Interesting

      You forgot the greedy birds which signal predator when there's no predator in order to get at the food first. People do it too -- just look at Bush/Cheney signaling Iraq with WMDs just so Halliburton can eat well...

      --
      I want a new world. I think this one is broken.