Re: [Air-l] metaphors for internet security
From: jeremy hunsinger <jhuns@vt.edu>
the problem with the body metaphor is that it is quite hard to seize total control of someone's body and mind... but it isn't that hard to take control of a computer, even without any virus, etc.
True, but I really liked the body metaphor, especially from the threat model perspective and looking at how people behave. I would venture that people approach computer security risks more from a hygiene perspective: * Many people have a vague idea of how [security flaws/illnesses] happen * There is a lot of misinformation, made manifest through behavior that an expert would consider irrational. * It's correlated to a degree of trust: we won't get infected by people we're close to * There are plenty of media scares that lead to * Over-estimation of rare risks (credit card theft, getting AIDS by using a public restroom), and an under-estimation of the damage from common behavior (not washing hands, opening an unexpected attachment) * The overall system has proven to be very resilient, but it's very easy to concieve of catastrophes. ...and we can even prescribe secure behavior in terms of hygiene: * Don't download or open files that you don't know to be clean * Use professional [security/medical] services every so often * Keep informed from _reliable_ news sites /\llan Allan Friedman Pre-Doctoral Candidate, Public Policy Kennedy School of Government, Harvard University
yes, i can see your point are valid at the atomic level of the individual machine, but i don't know if they can scale to a molar level analysis in terms of internet connections. Certainly some parts of the body metaphor scale because they deal with mass culture, social effects, but some parts of it, such as barriers, multiple systems, might not scale as well. for instance, while there are, in the current network, many nocs that could be seen as sort of a central nervous system of some sort, they function independently than the human body, perhaps we are just talking about a different kind of body in general. one concept and metaphor that I've been quite wary of is the idea of trust.... trust between computers, trust between humans and computers, etc. most of the time trust reduces to some form of security. On Tuesday, June 3, 2003, at 03:14 PM, Allan A Friedman wrote:
/\llan
Allan Friedman Pre-Doctoral Candidate, Public Policy Kennedy School of Government, Harvard University
_______________________________________________ Air-l mailing list Air-l@aoir.org http://www.aoir.org/mailman/listinfo/air-l
participants (2)
-
Allan A Friedman -
jeremy hunsinger