« Friend of the Devil and The Shostack Code | Main | Shooting Retirees in a Barrel - Impact of Stock Spam »


Cormac Herley


Thanks for the flattering write-up. Glad you find the stuff interesting. Most of the time people start talking about passwords it feels to me like I stepped through a portal into an alternate universe.

For all the talk about how urgent it is to get rid of passwords, most of the attempts to date seem unserious. For all the talk about how important usability is, there's been more effort put into bullying users into treating low-assurance applications as high-assurance than into coming up with usable alternatives. We'll get there eventually, but we're probably going to have to get a lot more serious first.


@Cormac - of "bullying users into treating low-assurance applications as high-assurance" -- trenchant. there is no other word for that summary.

I would characterize the overall approach a bit different. Serious, as in seriously haphazard with a few exceptions.


@Cormac - one more - how many legs does a three legged dog have if you call a tail a leg?

answer: three. just because you call a tail a leg doesn't make it a leg.

Related: What level of assurance does a low assurance solution have if you call it high assurance?

Cormac Herley


Yes, there may be a "No true Scotsman" elastic qualifier here. What I mean is that if we assume the value of the asset is infinite, then "do this impossibly long list of things and neglect nothing" seems reasonable. However, while most people acknowledge that for low value assets this isn't appropriate, nobody is explicit about which of the impossibly long list of things we can neglect.

So we acknowledge the exception, but don't handle it. In pseudo-code:

If (value is infinite) then
do everything;
{code-block we decline to write}

We're so desperate to avoid writing or thinking about that code-block that pretending everything has infinite value is the easiest way out.

The comments to this entry are closed.