Chris's Wiki :: blog/tech/WeCanAllBeCompromised Commentshttps://utcc.utoronto.ca/~cks/space/blog/tech/WeCanAllBeCompromised?atomcommentsDWiki2016-12-03T09:22:16ZRecent comments in Chris's Wiki :: blog/tech/WeCanAllBeCompromised.By Aristotle Pagaltzis on /blog/tech/WeCanAllBeCompromisedtag:CSpace:blog/tech/WeCanAllBeCompromised:ebd5059ec499d1ed7a0c255a0157268a7c41ca7bAristotle Pagaltzishttp://plasmasturm.org/<div class="wikitext"><p>There is a nuance to this that is sort of implied in your phrasing but it’s unclear to me how much you are specifically accounting for it here.</p>
<p>Namely, attackers aren’t going to have perfect knowledge of your vulnerabilities, so in a narrowly local sense, increasing your exposure has some of the nature of a binary secure-to-insecure transition: some attackers would not have found your much more easily exploited vulnerabilities, but will now find this one. And we’ve been seeing a trend of attackers chaining vulnerabilities together more.</p>
<p>Basically, while the risk calculus is never binary, it’s also highly non-linear. The question isn’t simply “how much does this increase our exposure”, but something more akin to “how much does this amplify our risk through other exposures (not just current but also unforeseen future ones)?” Much <a href="https://utcc.utoronto.ca/~cks/space/blog/tech/YouDontKnowPerformance">as in performance</a>, it’s at best hard to reason about the behaviour of the system as a whole. So absolutism is not helpful, but conservatism is advisable.</p>
</div>2016-12-03T09:22:16Z