Security Portal: Why We Don't Need Perfectly Secure SystemsOct 04, 2000, 19:52 (5 Talkback[s])
(Other stories by Kurt Seifried)
"People constantly discuss the issue of secure systems and often get it wrong. Comments like "once an attacker has physical access, your security is useless" are wrong because no security measure will protect you 100% from all attacks."
"Consider a server that is secure against network attacks by being physically separated from any networks. Plus, all the machines that can access it are similarly secured. The OS is secure and the users are all vetted and non-hostile. This network resides on the floor of an office building, with armed security guards and multiple layers of physical access protection. The network has it's own UPS's and generators, and all the machines are in heavy hermetically sealed containers that are EMP hardened. Attacking this network to steal data might be very difficult, but it is still possible for an attacker to deny your access to it."
"Security is never black and white - rather it's one big ugly shade of gray. A machine running ancient software with poor passwords that is physically secured and not attached to any networks can be far more secure then an up to date machine with all the latest security software, on a public network. Security is about risk management. Are you willing to risk an elite commando unit of trained sysadmins breaking into your building at 3 a.m. to steal your data? Most people probably are, since the chances of this happening are slim and the cost of protection is high. On the other hand, if you want to prevent someone from breaking into your mail server via the Internet, a reasonably common occurrence, then investing in a firewall and keeping software up to date is probably a cost effective strategy."