Trust Is For Suckers: Lessons From the RSA Breach 79
wiredmikey writes "Andrew Jaquith has written a great analysis of lessons learned from the recent RSA Cyber Attack, from a customer's perspective. According to Jaquith, in the security industry, 'trust' is a somewhat slippery concept, defined in terms ranging from the cryptographic to the contractual. Bob Blakley, a Gartner analyst and former chief scientist of Tivoli, once infamously wrote that 'Trust is for Suckers.' What he meant is that trust is an emotional thing, a fragile bond whose value transcends prime number multiplication, tokens, drug tests or signatures — and that it is foolish to rely too much on it. Jaquith observed three things about the RSA incident: (1) even the most trusted technologies fail; (2) the incident illustrates what 'risk management' is all about; and (3) customers should always come first."
Re:Trust is required (Score:5, Informative)
No, what it means is that you don't blindly trust anybody, but you do verify periodically that the trust hasn't been abused. It's like granting a business the right to take money out of your checking account to cover expenses, like say a CC company. You trust them not to put things on the bill which you didn't authorized. And you verify at least once a month that everything that's on the bill was authorized by you.
Same thing here, the problem with RSA was that people trusted them, but there was no particular manner of verifying that the trust was well placed.
Re:Trust is required (Score:2, Informative)
I don't hate anyone
Bullshit.
Two Words: Yubikey (Score:4, Informative)
Yubikey [yubico.com] has secure tokens that you can "seed" yourself, for use with your own authentication servers. The scam is that RSA made some idiots think think there was no way to do this without their auth servers; Thereby fooling fools into using a less secure system with a mandatory recurring payment for RSA (to access the auth servers).
Additionally, I prefer the model that has RFID for physical access.
Relying on an outside source to have our cryptokeys is just adding another point of failure. EVERYONE relying on them is just creating THE BIGGEST point of failure possible... Every time I talked to security minded folks that used RSA tokens, I asked them, "So. How secure are RSAs severs? You do any security audits on them lately?" The blank expressions were priceless.