IETF Logo Mail Archive

Re: [Model-t] model-t@iab.org list description

Bret Jordan <jordan.ietf@gmail.com> Sat, 03 August 2019 04:24 UTC

Return-Path: <jordan.ietf@gmail.com>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6675B12006D for <model-t@ietfa.amsl.com>; Fri, 2 Aug 2019 21:24:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZgWkztAWUroE for <model-t@ietfa.amsl.com>; Fri, 2 Aug 2019 21:24:34 -0700 (PDT)
Received: from mail-pl1-x629.google.com (mail-pl1-x629.google.com [IPv6:2607:f8b0:4864:20::629]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2772212001A for <model-t@iab.org>; Fri, 2 Aug 2019 21:24:34 -0700 (PDT)
Received: by mail-pl1-x629.google.com with SMTP id az7so34341476plb.5 for <model-t@iab.org>; Fri, 02 Aug 2019 21:24:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:date:references:to:in-reply-to:message-id; bh=SpuipgL9e46E5LV0raFaqsvEZwF7oxt+2MWbnTvxLVc=; b=f1fACzZkDqhEN5arCd9wEGrmbAEQVPto2OzQlHjKeoHQcun5TzafSATftTKnOYR59D +yHp8kY39PlKwTWw3opP3pz2bCLMTlydpFEqg7Cohmm7L7QqT6pFEZrOmUUdu2QETmYQ QhQK7BYmJKEIWnMxkeC2l5KPkUhjFcle4BnGeqae6vHWZEGlP+sBDKhb+4pcDlyhJ4T3 hL57iV2OFqLTeXUKfcEypy/HEuto0aipErFeCgdGs/nopJt3cdavp19yo6kaTl9sOJ1g nSR5FxOpH5mZdvQa1oxXYiajRoSyP1yJiOdbr6EIXuK2TmRU8ioQmEhpGANBlv5QkeK7 AKaA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:references:to :in-reply-to:message-id; bh=SpuipgL9e46E5LV0raFaqsvEZwF7oxt+2MWbnTvxLVc=; b=miR+UnpstVaH+HoU7hXi51enVAG2Iy7u+blqaDAoMZZdoQoLJPyWfptRRb2XCcM4Hu 9oWOpKnMJT8xL6NCVBKFrJTX4ZjKbqgNoQFoIa777cbY2k9KNCMqf/Q/cuku4pQJDrPg QbwCBMTawMhPk98dShYtAzLrkk2eHghDpz630ZZNVdiVyl9PBQtKEbhxWLm+uo2jrRLK 5lxWu3diRtQzUTXIsgGKeMHJ5K9BtkZa1oUGjhTSU4MyqDh0HCivzlifALs3g742eKQx gFaJlt1ESwVsuqH253+lOORVm2XDs/e0vR+MrSe6f2Yn7udW7Cs738aCy2BAD9gaR9MC 2yxQ==
X-Gm-Message-State: APjAAAVuG1Hqc5SZ3zccR5aEtKzKAPZbPrl8J6UDU8ODQvHggZIF/tdR Kf9Pu0798bLeHHSS2rcRLksUFpzy
X-Google-Smtp-Source: APXvYqw0zgGqigtC7evb+EsZzjRsxyJRCrernDbHGnT+GGUHusN+59NZ2T+D7+LfFtKopj/2X7JGiQ==
X-Received: by 2002:a17:902:b944:: with SMTP id h4mr57759971pls.179.1564806273587; Fri, 02 Aug 2019 21:24:33 -0700 (PDT)
Received: from [10.128.64.149] ([136.60.227.81]) by smtp.gmail.com with ESMTPSA id 11sm76808969pfw.33.2019.08.02.21.24.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 02 Aug 2019 21:24:32 -0700 (PDT)
From: Bret Jordan <jordan.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_B609EC99-7039-48AD-959E-69B4670CFAFD"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Fri, 02 Aug 2019 22:24:29 -0600
References: <c3a112ba-baab-1cb0-97ad-21ff9999a637@cs.tcd.ie> <29756028-95f1-e6e5-b3ea-562cbc635df0@sandelman.ca> <5ef15ad2-5b20-e871-0d01-17cf906051c1@cs.tcd.ie> <22633.1564768705@localhost> <e7c02d44-353f-406c-818e-06a2e49ee212@www.fastmail.com>
To: Martin Thomson <mt@lowentropy.net>, model-t@iab.org
In-Reply-To: <e7c02d44-353f-406c-818e-06a2e49ee212@www.fastmail.com>
Message-Id: <5879878A-7CEA-4030-BB72-108CC4122719@gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/MR5kkak5vL_qDFu3yazL6X3sqtM>
Subject: Re: [Model-t] model-t@iab.org list description
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Aug 2019 04:24:36 -0000

To borrow your words…  “If we are going to take security seriously”…  we need to understand and document the full attack surface.  So let us start listing them out.  Here are four.


Attack: Active remote attack
Exposure: Full compromise of system and data
Client Knowledge: Potential indicators may be visible
Protection Possibilities: Deploy both client and network level protections
Headwinds: Client based protections are usually inadequate
Severity: High
Kill-Chain Phase: Lateral Movement 

Attack: Active in-band attack
Exposure; Full compromise of system and data
Client Knowledge: Potential indicators may be visible
Protection Possibilities: Deploy both client and network level protections, user awareness training, content and DNS filtering
Headwinds: Client based protections are usually inadequate
Severity: High
Kill-Chain Phase: Delivery and Exploitation 

Attack: Passive monitoring of traffic
Exposure: Information about where traffic is going and potentially details of the content being shared 
Client Knowledge: No, it is very hard to detect passive monitoring tools
Protection Possibilities: Encrypt traffic 
Headwinds: Global adoption of better encryption
Severity: Low
Kill-Chain Phase: Reconnaissance

Attack: Active in-band monitoring and tracking 
Exposure: Information about what the user is doing and where they are going 
Client Knowledge: Generally no 
Protection Possibilities: Client and network level protections
Headwinds: Some clients are making it hard to deploy client side protections 
Severity: Low
Kill-Chain Phase: Reconnaissance



Thanks,
Bret
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."

> On Aug 2, 2019, at 9:18 PM, Martin Thomson <mt@lowentropy.net> wrote:
> 
> On Sat, Aug 3, 2019, at 03:58, Michael Richardson wrote:
>> What I'm trying to say is that there are some threats that we deal with
>> on the Capital-Internet that are far more manageable in the small.
> 
> Like a red rag to a bull...
> 
> I don't think that this is a sustainable attitude.  If we are going to take security seriously, we have to consider every networked device to be exposed to a hostile environment.  Now that doesn't mean that you can't take steps to limit hostility in networks, and there might be sound reasons to believe that the degree to which you have to expend resources in defense of certain attacks is different as a result.  But the notion of a gooey middle remains a big part of the problem statement.
> 
> This isn't really on-topic for this list as I understand it, and I wasn't planning to say much here until someone said this.  Sorry Michael :)
> 
> -- 
> Model-t mailing list
> Model-t@iab.org
> https://www.iab.org/mailman/listinfo/model-t

v2.23.0 | Report a Bug | By Email