(no title)
tritium | 8 years ago
Yes, I get that electronic signaling is electronic signaling, and none of it is actually different, at the transmission layer. It's just more DSP and more fast fourier transforms under the hood.
Yes, technical barriers can be eroded with adapters and facades, but it's an added cost to attack, and reduces detective work in that you have to know someone to jump the learning curve and enter the attack envelope. That means detective work can happen within a smaller social graph, and that alone becomes a deterent from sharing information, because everything becomes need-to-know, and insider awareness is a give away for inside jobs.
It's also easier to stamp out, and ostracize insiders, if they have loose lips or have a tendency to lend and give away the car keys.
Not everything needs to be as cheesy as Encryption DRM for optical movie disks and video games. For critical infrastructure safety is important enough to warrant independent military-grade safe guards.
Do military protocols fail? Yes, we have the enigma machines sitting in enough museums to prove it.
This in not an XKCD "too many standards can be solved with one more standard" concept. Isolation and specialization can be effective defense concepts.
rsync|8 years ago
Thank you - appreciated.
Many people (unwittingly ?) argue against defense-in-depth because they look at individual layers of the defense and declare them inadequate. They are always correct.
What they are missing is that nobody ever proposed only using (port knocking, or stack obfuscation, or fake login banners, or whatever). They are always additive layers of security on top of the existing set of best practices.