[RndTbl] wireshark warning
Adam Thompson
athompso at athompso.net
Fri Jan 17 09:36:05 CST 2014
On 14-01-17 08:36 AM, Sean Walberg wrote:
> If you still like reading,
> https://research.microsoft.com/en-us/people/mickens/thisworldofours.pdf is
> actually pretty funny. There are a few themes, but the relevant one is
> "your security measures depends on your adversary. If the Mossad wants
> your data, there's nothing you can do. A good password is enough to
> keep your ex-boyfriend out of your computer though"
Thank you for that link, the reading of which made me snort a carbonated
beverage out through my nose!
If you are reading this message in the first place, you are not the
majority. You are not a significant minority. You are not a visible
minority. You are not the 1%. You are not the 0.1%. You are probably
not even the 0.01%, you're more likely [collectively part of the tier
that is] 0.001% of the world's population.
If you have everything triple-encrypted, you're defending against 0.1%
of the 0.001% - someone who simultaneously has the skills to defeat
ordinary passwords and good computing hygiene *and* cares about your
data *and* is willing to do illegal things to access it. In other words,
you're spending a measurable portion of your day defending against,
roughly, one or two other persons in the world, and you don't even know
who they are.
If you don't have an alarm system, a fog system, exploding dye packets
scattered randomly throughout your belongings, several guard dogs, bars
on your windows, and 24x7 CCTV coverage of your entire property to
prevent any and all unwanted intrusions to your home... then you're not
defending against 0.1% of the other 99.999%, which is a much more common
and likely threat than the Mossad wanting your data. We now know the
NSA does want your data, but mostly in a very impersonal way - kind of
like an obsessive collector, they simply feel the need to have
everything for the sake of having it. I'm unsure if the Mossad wants
everyone's data in the same way, but both organizations are perfectly
capable of hiring some local criminal (that's the 0.1%) to break into
your house and steal your computer.
On the other hand, the "organized crime" threat category is, IMHO, a bit
more dangerous than the author posits - that's not a huge bin of people,
but they do cast a very wide net, and you're now relying on 99% of the
0.001% to apply common sense when building and configuring *their*
servers, and we know that simply doesn't happen consistently.
Ultimately, I configure my systems correctly, I assume the vendors I
rely on aren't complete idiots (until proven otherwise), I don't
(usually) do blatantly stupid things online (usually, I said), and
beyond that, I *choose* to Not Worry About It, and I spend my life doing
more interesting, entertaining and pleasurable things.
Or, in reference to what James Mickens wrote: "what he said". :-)
--
-Adam Thompson
athompso at athompso.net
Cell: +1 204 291-7950
Fax: +1 204 489-6515
More information about the Roundtable
mailing list