[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dailydave
Subject:    [Dailydave] Trust is a fractal
From:       dave <dave () immunityinc ! com>
Date:       2009-04-29 15:05:03
Message-ID: 49F86C9F.5010905 () immunityinc ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

One thing I always like to watch is how organizations struggle with
trust - typically in two ways:

1. They assume data can be "classified", but then fall down when trying
to figure out how to classify A or B when unclassified datas A and B can
be combined to deduce classified data C. This is great for when Anti
Data Leakage vendors are trying to solve any problem greater than "My
source code is being emailed out via GMail".

2. They apply single sign on to web applications. It's basically
impossible to secure Sharepoint once people decide they want single sign
on. So those are easy and fun gigs for the whole family! Sharepoint's
not easy to secure under the best of situations (hello blacklists!), but
add single sign on to it and you get entire new realms of insecurity.

In the end, for any level of scale, you always end up with "I don't even
know who I trust". This is not a comfortable place for a CSO to be in.

- -dave
Is it too early in the morning for kerberos jokes? :>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkn4bJ8ACgkQtehAhL0gheqcdACffbOA/wLosfUz2zkl5VZP8NDI
2NAAn2pHFep8TqPDnjl08o5Da11Kdllo
=IDqc
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave@lists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
[prev in list] [next in list] [prev in thread] [next in thread]