Monday, December 9, 2013

Security - What is it and what is it good for ?

Security - What is it and what is it good for ?


Disclaimer, I am NOT a security expert.  This commentary is more focused on the societal and social concepts then any particular technology - from the perspective of a normal reasonably educated and informed human.  In fact I suggest that you miss the forest through the trees if you focus on security-as-technology.

"Security" is a simple sounding word that most people think has an obvious meaning.  It doesn't.  "Security" is complicated, its not black and white, and there aren't even enough colors in the rainbow to fully describe it.   The Industry tosses around the word as if it had tangible meaning because, well, who doesn't want to be "Secure"?   Security is good, right ? Everyone wants it, everyone needs it so if you sell a product or service slapping "Secure" on it is a no-brainer.   Its good.

Possession is ownership

First off, generally physical items can be characterized by their tangible nature.  You can touch them, you can hold them, you can own them.   Generally physically possessing something is synonymous with ownership.  So if you can secure possession you can secure ownership.  And if you secure ownership you secure value.
But what is "Security" ?  Security is often used as a placeholder for "Protection".  But protection from what?  For physical things, security usually means protection from loss of ownership.   Since there is only one of a particular thing, loss means taking something away depriving you of it.  Loss of possession becomes loss of ownership which becomes loss of value.

Protection

  A "Bank Vault" is a typical image of physical security.  You put things in it so people can't take them.   But if something is in a vault you can't use it.    If you put your car in a vault you couldn't drive it.   If your money is in a vault you can't spend it.  If your physical life needs to be secure should you lock yourself in a vault? 
Physical security is at direct odds with usability.    If something is perfectly secure its generally completely unusable.   So what good is owning or possessing something if you can't use it?   Sometimes securing something for future use is sufficient, such as saving money to spend later.  But often you want to secure something AND use it.   And in either case the moment you remove your item from the valut it is no longer protected so it may simply be reducing the window of opportunity for loss not total protection from it.

Usability

This leads to comprises in security in order to have a measure of usability.   Instead of putting your car in a vault, you put locks on the doors so you can drive it.  Its not as secure, but its more usable.   Another way of compromising security with usability is using a proxy for the item.  You put your real jewlery in the vault but wear glass and knowing you actually own the real thing you feel like you're getting the benefit of it without putting it at risk.   You can associate trust with a proxy vendor.  For example  you create Bank Notes, Checks, Credit Lines, Certificates of Ownership  etc which you can use to buy things without actually putting at risk your actual money (or gold or gems).   This lets your money stay safe but still be used.   But now the recipient has lost some security.  How do they know the check you wrote is good since its not 'the real thing'?  This is where the Proxy comes in.  You are trading on a promise based on a shared faith (the proxy).   Both parties have faith that you really have the money in the bank and the check is a proxy for transferring money from one party to the next.    You both have faith in the proxy vendor (the bank in this case) to honor the transaction - to mirror the transaction of the proxy with an equal transaction of the real thing.
Getting complicated isnt it?

Trust

But now not only have you added a layer of trust (and hence risk) but because the instrument of the proxy (the check) is not the real thing it can be copied!  How do you know your getting the original ? In the case of money which itself is yet another proxy for value, it itself could be copied (counterfeited) so now we have multiple levels of trust and risk and even less security all in the name of usability.

Insurance

How is this solved ?  Insurance.   You add another party to the transaction which is neither the of the parties of the transaction nor the proxy for value.  This party ”insures" the system still works by guarenteeing a replacement in kind or value if the system breaks down.   You leverage insurance at many levels.  At the bank, if your money is stolen it is insured against theft by the bank.  If the currency itself is copied (counterfeit) you are insured by the treasury.  If a check is duplicated you are insured against loss by the bank or a seperate insurance agency.   If your car gets stolen you are insured by car insurance for replacement.
By now the system is so complicated you have absolutely no security of the actual physical items themselves but only their value (declared in some currency or unit).   None is promising to give your your same car back only something of equivalent value.   
And what if the original item is truely irreplaceable - say a one of a kind painting, or your life, or health.  These things have no intrinsic value; you must declare one and agree on the replacement.  How much is your life worth to you ? How about that rare coin ?

Cost Compromise

None of this comes for free.   All the physical security, third party proxies, records of transactions of ownership and insurance all cost.   The cost could conceivably be more than the value of the item you want secured.  Or maybe just more then you are willing to spend.   Maybe it simply isnt worth the cost or effect and you take your chances and you weight the cost vs benefit of "security" and decide  what cost is worth the benefit to you.

Intellectual Property

What about "Intellectual Property" ... Thats a funny term.  Think of IP as a thought, or rather the recording of a thought.  It might be a recipe, a picture, a movie, software.    Like physical, tangible, items, IP has a value.   Unlike Physical items however, the cost of copying the property is generally small compared to the cost of creating the original.   A copy of intellectual property may be  completely indistinguishable from the original.  This is an interesting property that some tangible items share.  An extremely good copy of a say a gold coin may be just as valuable as the original.   But then there is no such thing as a copy of your life.   There is also the issue of theft vs copying.   If I take a physical item from you, I deprive you of it.    If I *copy* an item I may or may not deprive you of its value.    If I even *see* something I may deprive you of its value (for example a photo of you committing a crime).
So what is "security" of intellectual property mean?  Is it similar to tangible items ? 

Start with Nothing

Lets take for example a simple IP - an event.  For example you ran a red light.   If you want to secure this event whats the best way?   Dont do it.   If you dont do something then it can't be taken from you.  It is secure.    "Freedom is nothing left to lose".   And if you do run the red light certianly dont take a picture of it!  Learn from our congressmen.    Any events that dont occur you dont need to secure.  Any events that arnt recorded are secure.
Simple right ?  Or is it.
What about the traffic cam you didnt see ? Simply not recording something yourself doesnt secure you, it can be recorded by others.   So not recording something yourself is not sufficient.  You must make sure it is not recorded by anyone.  Ever. 
But what if there was no recording?
Suppose the police *claimed* you ran the red light.  You are not secure!  You have no proof that you didn't do it.  But if you had a picture of the light at the time claimed and it was green, you are secure.  Or if you have a record of you at a different place at the same time you are secure.
So for security against events that never even occurred you need IP!  This is why many people in Russia have camera recorders going all the time.  To protect themselves from events that didn't happen.
So to secure an event, you need both records of it happening (to assert the positive) AND records of it not happening (to assert the negetive).   This may ultimately be why "life bloging" devices start getting used - Not just to record events we want to remember and share later, but to protect ourselves (and others) against accusations of events that didnt occur or occurred to others who were not currently recording them.

Pictures

What is the classic example of a record of an event?  A  Picture.   How would you protect it ? First off, what are you protecting against ?  Do you want to make sure noone gets it without your consent? Or do you want to make sure it is never lost?   Or both?
To make sure a picture is never acquired the best solution is to never take it in the first place.  Second best is to destroy it and all evidence of it and that it ever was taken.   If there is evidence that a picture exists or existed that may be less secure then either the picture itself or nothing at all.  Amazing, but consider this.  If during the security checkpoint on a trip the boarder patrol finds encrypted files on your disk, you may be under more suspicion (less secure) then if they found the pictures and they were clearly of your sunny vacation from Mexico.     The absence of a murder weapon from its case may be more suspicious than finding the weapon itself (unused).

Privacy

The above examples of the modern world lead to some uncomfortable conclusionsThe same with tangible items where you trade value and usability for security, for your life You may willingly trade security for privacy.   In fact you already are giving up your privacy, likely unknowingly or unwillingly, by the existence of omnipresent surveillance.  Every time you go into public, make a purchase (even with cash), travel, almost every action leaves a trail of electronic bits.    You simply cannot prevent this.  Even trying to "leave the grid" will leave a trail of your absence.
Since you cannot stop the collection of data about your every life, one way to combat some of the negative consequences is to collect your own.   The more evidence you collect about your daily life  and control  yourself  the more secure you are against misuse of information and the more control you have over your digital life.    Securing yourself against events you are willingly involved in which you dont want others to find out about is a different topic entirely.   But protecting your life against misuse of information collected by others can be improved by collecting as much information you can yourself and securing  it.  And at the same time you may also be protecting others by providing an independent information source.

The Tradeoff for Securing IP

For whatever reasons you have collected a lot of intellectual property (pictures, videos, emails, software, documents, sales reciept etc).    And for whatever reason you've decided that securing this IP is important.  As with physical items there is always a tradeoff, always a cost, and always side effects.

Delete it

As mentioned before, one way of protecting  IP is getting rid of it.  None can take what you dont have. For some, that is a good idea.  It takes a lot of effort to do however, and actually its impossible to completely eliminate your e-trail.   Its even extremely hard to do a half-decent job.  But suppose you could, and you delete all your emails, all your photos, even destroy your old hard drives, phones etc.  Lets forget for the moment that copies of most of this stuff is still lying around somewhere on internet servers and the NSA's private vault.   But for your purposes you have secured your  IP by deleting it.  But now it is unusable.   If you've done your best to get rid of things so noone can use them, then certainly you cant either.  Thats one way to go, but in fact you have not really protected yourself against dedicated e-hungers but you have completely removed all value to yourself.   Thats generally not the compromise most people want.

Encryption

Encryption is a false god.  It is often touted as a panacea of IP security.   The idea is good.  You encrypt your data then no one else can get it but you.    The problem is in the details.  In one way encryption is like a safe.   Only you (with the key) can get in.  But also like safes, there are safe crackers and there are lost keys.   In order to use the data you need the key.  The harder the key is to find (or remember) the harder it is to use the data.   Roughly, encryption can be thought of like locks.  The better the encryption the harder the lock to open but the less accessible the data.  Some locks, like your car or front door,  are to prevent casual thieves but wont deter a persistent professional.  On the other hand, if you lose the key you can call a locksmith or look under the mat for the spare.   Really good locks can be like Fort Nox.  Really hard to use, really expensive and noone is going to get your data - probably not even you because if you lose your key your toast.
Consider also what is the purpose of securing your data? Is it to prevent it from being accessed ? or is it prevent it from being lost ?  Encryption can be a good tool, but needs to be used with care because it actively makes it harder to get at your data and a higher risk of losing it all together.

Duplication

Sometimes the  best kept secret is the one you tell everyone.     This is actually used by security agencies if they discover a skeleton in your closet.  You write a letter to everyone you care about admitting to it then you no longer are at risk for blackmail.   Your secret is no longer a security problem because its not a secret.
IP can be the same.  If you copy your data all over the place you are less likely to lose it.  You are secure against data loss.   Interestingly you can actually improve ownership by giving it away.   If you embed in your data your claim of ownership (for example a copywrite notice)  then it becomes harder for anyone to claim it was theirs.  They can remove the notice themselve  but it is very hard to remove it from all copies all over the world.    Similar to Life Event, by trading privacy (hiding) for security you are actually increasing your security against misuse of information.    The security you gain is both security against physical loss and at the same time the security against misuse of information.
But like Life Events, you probably shouldn't use this technique to secure IP  you dont want people to know about.

Insurance and IP Law

Like physical property, IP can be secured with insurance.   Like physical items, complete loss may not be recoverable by identical data, but loss of value may be recovered by forms of insurance.  This might be insurance from a IP provider against loss, copyright infringement lawsuits for stolen data or actual IP insurance from an insurance agency.    Loss by either physical loss or loss of value can be mitigated.  And like with physical property everything has a cost and it is up to you to decide if your IP is worth the cost of the security or insurance and how to make the right compromise.

Conclusion

There is a lot more to security then can be covered in this discussion but there are some important takeaways.
·         Security is not a simple concept.
·         Security can be protection from loss or protection from discovery. These are often at odds with each other.  
·         There are intrinsic tradeoffs of security vs privacy vs costs vs usability.
·         Information security has similar properties to physical security.
·         Collecting information yourself and managing it can help protect against misuse of information collected about you by others, adding to your personal security.
·         There is no single solution but there are methods and considerations to maximize protection and mitigate loss.