Sunday, June 19, 2005

Coming Soon...

The disadvantage of doing a content-only blog, or attempting one, is that content CREATION is vastly harder than content referencing, especially when one has a day job.

Nevertheless, there are some upcoming rants/topics that I plan on pursuing in the near term. This is a preview.

"Stupid VM Tricks", or why you should hold off on infrastructure upgrades. How to leverage upcomming VM-friendly x86s and open-source software to build Windows networks with quick recovery, built in security primitives, ease of managemement, and easy patch rollout and rollback.

"Stupid VLAN Tricks", or why you should make sure that your switches are VLAN capable. The use of VLANs as sophisticated management and response tools for intrusion response and prevention.

"Home Users and Worm Defense". The one page of recommendations for home users to make their systems more secure.

"Consumer-Grade High-Tech Weapons". We have seen "consumer-grade" (cheap, plentiful) weapons (AK47, RPG) in the hands of our enemies. Might there be high-tech consumer-grade weapons? What might they look like?

"Attacking Document Collaboration". What changes should be made easy to use in Word/Word Perfect to prevent some pretty insidious attacks during contract creation/other collaboration with possibly hostile parties.

"Passive Resistance to Stupid Security". So much 'security' these days is ridiculous theater. ID checks and a fair amount of the airport security screening process is one of them. I'll describe some experiments in very simple, by the book passive resistance against these stupidities.

Monday, June 06, 2005

Should We Close Reagan National Airport?

Matthew Dodd over at SFTT comments that a proposed policy allowing "private" planes to fly into Reagan National Airport represents another instance of Politics over Security.

I actually take an even more extreme view: I don't believe Reagan National should be open for ANY nongovernmental/nonmilitary flights.

The reopening of Reagan national to even commercial flights was a triumph of convenience over security: I guess senators didn't want to take a taxi from Dullis. The addition of "private" flights (read this as King Airs, Gulfstream IVs and Boeing Business Jets belonging to political contributors, not random Cessnas) is just an additional example.

My worry is not another hijacking to use a plane as a weapon, but an accidental (or ?faked?) deviation in flight which would cause the air defense systems around the White House and Pentagon to fire on a civilian airliner.

The landing aircraft pass so close to the White House that a quick-response air defense system must be in place to prevent a plane on final approach from being used against either the White House or the Pentagon. A flight deviation at the wrong time and some poor soldier is either going to have to shoot immediately or explain how he allowed a 737 to crash into the West Wing. Thus the air defense must be on a hair trigger during certain stages of a plane's approach. Mistakes can happen. And there could always be bug in the missile battery.

Yet imagine the disaster if the US military mistakenly shot down a civilian plane over Washington. Have the Iranians forgiven the US for the USS Vincennes shooting down Iran Air flight 655 back in 1988? Have the South Koreans ever really forgiven the Russians for Korean Air flight 007?

Lets say that an accident would be a One in a Million event for a given flight. With 800 commercial flights a day, that would be a 25% chance every year (1 - (1 - 1/1000000) ^(800 * 365)). Even if odds were 1 in a hundred million, thats still a .2% chance each year. Not wonderful odds, simply due to the sheer number of flights.

Combine both the non-negligible probability of such a disaster (there was at least one "near miss" with Kentucky Governor Ernie Fletcher's plane) with its impact, as well as the still existing possibility of a deliberate crash, and keeping Reagan National open becomes exhibit A in how security takes a back seat to the personal convenience of those running this country.