[cap-talk] The Limits of POLA's Utility - Social Engineering

Toby Murray toby.murray at dsto.defence.gov.au
Thu Jun 8 21:06:05 EDT 2006 

Stiegler, Marc D wrote:

>Granma's Rules present a very simple risk management algorithm: if you
>want to be safe (within Granma's threat model), follow these rules.
>Breaking these rules leaves to you exposed to danger. The rules make no
>finer distinction. Break the rules, accept some unknown (possibly
>unbounded) risk.
>  
>
My scenario specifically doesn't require Gramma to break any of the 
rules. The virus does not ask to be embedded as part of the OS. It only 
asks for authority to access a single remote machine (Alice's in the 
original example, Gramma's neighbour in the cooked up scenario). Maybe 
I'm misunderstanding the rules but I would have thought that granting 
the virus this small amount of authority wouldn't break Gramma's rules.

>Granma, like everyone else, can choose to accept such possibly unbounded
>risk if she has a purpose she considers compelling enough. 
>
>In the actual scenario, with the additional context you just gave,
>Granma would probably ask her grandson Bobby to help her. 
>
I grant that this is a real possibility. It's less likely if Gramma 
isn't violating her rules though, which I contend she' s not. Can I get 
your opinion Marc, on whether you think that granting the virus the 
authority to access the machine of the person who Gramma will be spying 
on would break her rules?

( I think we must be splitting hairs now, but I do appreciate the 
debate. :) )

>The fact that one is violating
>Granma's Rules to do the installation would serve as the kind of
>heads-up notice that IMHO would be enough to get them to get a second,
>better opinion of the details of the risk. Even poor "experts" ought to
>be able to recognize that a program demanding it be installed as part of
>the OS kernel is a full-breach sitting on the doorstep.
>
>  
>
I agree that if Gramma were breaking her rules that it becomes very 
unlikely that she would be vulnerable to this virus. But if she need not 
break the rules in order to install the virus then I think she's still 
(potentially) vulnerable.

I don't think that this virus is really a concern for Gramma in 
practice, of course. Like I said earlier, it's just an extended thought 
experiment.
Thanks again.

-- 
Toby Murray
Advanced Computer Capabilities Group
Information Networks Division
DSTO, Australia

IMPORTANT: This e-mail remains the property of the Australian Defence
Organisation and is subject to the jurisdiction of section 70 of the
Crimes Act 1914. If you have received this e-mail in error, you are
requested to contact the sender and delete the e-mail.

More information about the cap-talk mailing list