Re: [Model-t] model-t@iab.org list description
Bret Jordan <jordan.ietf@gmail.com> Sat, 03 August 2019 04:24 UTC
Return-Path: <jordan.ietf@gmail.com>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6675B12006D for <model-t@ietfa.amsl.com>; Fri, 2 Aug 2019 21:24:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZgWkztAWUroE for <model-t@ietfa.amsl.com>; Fri, 2 Aug 2019 21:24:34 -0700 (PDT)
Received: from mail-pl1-x629.google.com (mail-pl1-x629.google.com [IPv6:2607:f8b0:4864:20::629]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2772212001A for <model-t@iab.org>; Fri, 2 Aug 2019 21:24:34 -0700 (PDT)
Received: by mail-pl1-x629.google.com with SMTP id az7so34341476plb.5 for <model-t@iab.org>; Fri, 02 Aug 2019 21:24:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:subject:date:references:to:in-reply-to:message-id; bh=SpuipgL9e46E5LV0raFaqsvEZwF7oxt+2MWbnTvxLVc=; b=f1fACzZkDqhEN5arCd9wEGrmbAEQVPto2OzQlHjKeoHQcun5TzafSATftTKnOYR59D +yHp8kY39PlKwTWw3opP3pz2bCLMTlydpFEqg7Cohmm7L7QqT6pFEZrOmUUdu2QETmYQ QhQK7BYmJKEIWnMxkeC2l5KPkUhjFcle4BnGeqae6vHWZEGlP+sBDKhb+4pcDlyhJ4T3 hL57iV2OFqLTeXUKfcEypy/HEuto0aipErFeCgdGs/nopJt3cdavp19yo6kaTl9sOJ1g nSR5FxOpH5mZdvQa1oxXYiajRoSyP1yJiOdbr6EIXuK2TmRU8ioQmEhpGANBlv5QkeK7 AKaA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:references:to :in-reply-to:message-id; bh=SpuipgL9e46E5LV0raFaqsvEZwF7oxt+2MWbnTvxLVc=; b=miR+UnpstVaH+HoU7hXi51enVAG2Iy7u+blqaDAoMZZdoQoLJPyWfptRRb2XCcM4Hu 9oWOpKnMJT8xL6NCVBKFrJTX4ZjKbqgNoQFoIa777cbY2k9KNCMqf/Q/cuku4pQJDrPg QbwCBMTawMhPk98dShYtAzLrkk2eHghDpz630ZZNVdiVyl9PBQtKEbhxWLm+uo2jrRLK 5lxWu3diRtQzUTXIsgGKeMHJ5K9BtkZa1oUGjhTSU4MyqDh0HCivzlifALs3g742eKQx gFaJlt1ESwVsuqH253+lOORVm2XDs/e0vR+MrSe6f2Yn7udW7Cs738aCy2BAD9gaR9MC 2yxQ==
X-Gm-Message-State: APjAAAVuG1Hqc5SZ3zccR5aEtKzKAPZbPrl8J6UDU8ODQvHggZIF/tdR Kf9Pu0798bLeHHSS2rcRLksUFpzy
X-Google-Smtp-Source: APXvYqw0zgGqigtC7evb+EsZzjRsxyJRCrernDbHGnT+GGUHusN+59NZ2T+D7+LfFtKopj/2X7JGiQ==
X-Received: by 2002:a17:902:b944:: with SMTP id h4mr57759971pls.179.1564806273587; Fri, 02 Aug 2019 21:24:33 -0700 (PDT)
Received: from [10.128.64.149] ([136.60.227.81]) by smtp.gmail.com with ESMTPSA id 11sm76808969pfw.33.2019.08.02.21.24.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 02 Aug 2019 21:24:32 -0700 (PDT)
From: Bret Jordan <jordan.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_B609EC99-7039-48AD-959E-69B4670CFAFD"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Fri, 02 Aug 2019 22:24:29 -0600
References: <c3a112ba-baab-1cb0-97ad-21ff9999a637@cs.tcd.ie> <29756028-95f1-e6e5-b3ea-562cbc635df0@sandelman.ca> <5ef15ad2-5b20-e871-0d01-17cf906051c1@cs.tcd.ie> <22633.1564768705@localhost> <e7c02d44-353f-406c-818e-06a2e49ee212@www.fastmail.com>
To: Martin Thomson <mt@lowentropy.net>, model-t@iab.org
In-Reply-To: <e7c02d44-353f-406c-818e-06a2e49ee212@www.fastmail.com>
Message-Id: <5879878A-7CEA-4030-BB72-108CC4122719@gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/MR5kkak5vL_qDFu3yazL6X3sqtM>
Subject: Re: [Model-t] model-t@iab.org list description
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Aug 2019 04:24:36 -0000
To borrow your words… “If we are going to take security seriously”… we need to understand and document the full attack surface. So let us start listing them out. Here are four. Attack: Active remote attack Exposure: Full compromise of system and data Client Knowledge: Potential indicators may be visible Protection Possibilities: Deploy both client and network level protections Headwinds: Client based protections are usually inadequate Severity: High Kill-Chain Phase: Lateral Movement Attack: Active in-band attack Exposure; Full compromise of system and data Client Knowledge: Potential indicators may be visible Protection Possibilities: Deploy both client and network level protections, user awareness training, content and DNS filtering Headwinds: Client based protections are usually inadequate Severity: High Kill-Chain Phase: Delivery and Exploitation Attack: Passive monitoring of traffic Exposure: Information about where traffic is going and potentially details of the content being shared Client Knowledge: No, it is very hard to detect passive monitoring tools Protection Possibilities: Encrypt traffic Headwinds: Global adoption of better encryption Severity: Low Kill-Chain Phase: Reconnaissance Attack: Active in-band monitoring and tracking Exposure: Information about what the user is doing and where they are going Client Knowledge: Generally no Protection Possibilities: Client and network level protections Headwinds: Some clients are making it hard to deploy client side protections Severity: Low Kill-Chain Phase: Reconnaissance Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." > On Aug 2, 2019, at 9:18 PM, Martin Thomson <mt@lowentropy.net> wrote: > > On Sat, Aug 3, 2019, at 03:58, Michael Richardson wrote: >> What I'm trying to say is that there are some threats that we deal with >> on the Capital-Internet that are far more manageable in the small. > > Like a red rag to a bull... > > I don't think that this is a sustainable attitude. If we are going to take security seriously, we have to consider every networked device to be exposed to a hostile environment. Now that doesn't mean that you can't take steps to limit hostility in networks, and there might be sound reasons to believe that the degree to which you have to expend resources in defense of certain attacks is different as a result. But the notion of a gooey middle remains a big part of the problem statement. > > This isn't really on-topic for this list as I understand it, and I wasn't planning to say much here until someone said this. Sorry Michael :) > > -- > Model-t mailing list > Model-t@iab.org > https://www.iab.org/mailman/listinfo/model-t
- [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Michael Richardson
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Joseph Lorenzo Hall
- Re: [Model-t] model-t@iab.org list description Michael Richardson
- Re: [Model-t] model-t@iab.org list description Martin Thomson
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Eric Rescorla
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Jim Fenton
- Re: [Model-t] model-t@iab.org list description Ted Lemon
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Christian Huitema
- Re: [Model-t] model-t@iab.org list description Watson Ladd
- Re: [Model-t] model-t@iab.org list description Carsten Bormann
- Re: [Model-t] model-t@iab.org list description Ted Lemon
- [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Watson Ladd
- Re: [Model-t] What are we trying to protect Eric Rescorla
- Re: [Model-t] What are we trying to protect Dominique Lazanski
- Re: [Model-t] What are we trying to protect Eric Rescorla
- Re: [Model-t] What are we trying to protect Dominique Lazanski
- Re: [Model-t] What are we trying to protect Stephen Farrell
- Re: [Model-t] What are we trying to protect Eric Rescorla
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Watson Ladd
- Re: [Model-t] What are we trying to protect Ted Lemon
- Re: [Model-t] What are we trying to protect Dominique Lazanski
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Ted Lemon
- Re: [Model-t] What are we trying to protect Stephen Farrell
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Stephen Farrell
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Stephen Farrell
- Re: [Model-t] What are we trying to protect Christian Huitema
- Re: [Model-t] What are we trying to protect Ted Lemon
- [Model-t] Primer Bret Jordan
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Christian Huitema
- Re: [Model-t] Primer Bret Jordan
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Watson Ladd
- Re: [Model-t] What are we trying to protect Thomas Hardjono
- Re: [Model-t] What are we trying to protect Ira McDonald
- Re: [Model-t] What are we trying to protect Thomas Hardjono
- Re: [Model-t] What are we trying to protect Watson Ladd
- Re: [Model-t] What are we trying to protect Thomas Hardjono