Software comes of age

TalkBack 4 of 8:

Next »

« Previous

• Thread View
• Flat View

Advocating the Maginot line again.

The argument:
even specialized defenses and best practices can fail, and faulty or malicious code can afflict a system.
The answer is to include separate protections for essential components of the system.


The Maginot Line works well as a metaphor for perimeter defenses.

The purpose of the line was to prevent a successful invasion of France, and in that sense it certainly failed.
But in the sections in which it was completed and operational, it worked. No one even tried to attack those sections.

The enemy pinned down those manning the line to prevent the mobility of those troops, but the real attack came in two sectors.

First, Belgium, which had been an ally of France, then declared neutrality. The French plan had been to aid the Belgians in the event of invasion with troops, so no wall was needed. When the political situation changed, the French tried to build up a version of the Maginot line there, but time was insufficient.

Second, the Ardennes forest, which French military planners had thought impenetrable. Therefore, the wall was weak and few defensive resources were available.


The biggest weakness in the Maginot Line was thus an inability to conceive what people might do, either politically or in penetrating difficulties.


How good is any system going to be when the user can be induced to change sides and help gain access to the system?
I'm impressed by the worms which came through in a zip file which could be opened only with a password. Users applied the password enclosed in the email and proudly gained access to the infection.
We all know a lot of other social engineering.

Then, just as any code can be cracked, any fixed protection can be overcome by someone with a skill equal to that of its creator. Or sometimes just dumb luck.
Believe that there's something people cannot do and people will gain advantage from doing it.

The article mentions certain protections of essential software. Why should those be any less susceptible to human intelligence than the fixed perimeter protections already defeated?


So this approach will fail.
But worse, it will prevent what I think the best counter.

I agree with de Gaulle.
The Maginot line was a compromise between two defensive views of how to fortify France. The people at the time liked perimeter security because it prevented France from suffering the miseries of invasion.
de Gaulle's alternative was rejected. He wanted an active defense, based on the speed and mobility of tanks, able to pursue the enemy, even across borders.

I think the model should be white blood cells; able to key in on and respond to any unusual behavior.

This kind of aggressive behavior has advantages, if only in attitude. As one article about the Maginot line puts it:

Commentators claim that this 'Maginot mentality' spread across the French nation as a whole, encouraging defensive, non-progressive thinking in government and elsewhere. Diplomacy also suffered - how can you ally with other nations if all you are planning to do is resist your own invasion? Ultimately, the Maginot Line probably did more to harm France than it ever did to aid it.

http://europeanhistory.about.com/library/weekly/aa070601a.htm

But that's a different discussion.

Posted by: Anton Philidor   Posted on: 10/11/05 You are currently: a Guest | Members login | Terms of Use

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

SponsoredWhite Papers, Webcasts, and Downloads

• Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now
• Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now
• Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now