[Opensim-users] Banning "bad" viewers was Re: Can this be done?

Wed Jan 13 17:48:28 UTC 2010

On 01/13/2010 01:45 AM, Anders Arnholm wrote:
> On Tue, Jan 12, 2010 at 04:55:10PM -0800, John Ward wrote:
>
>> account in the first place, another similar layer.  If a grid operator
>> wants a little better protection by checking the string the client
>> identifies itself with would seem a reasonable additional layer.
>
> The grid operator may give any stupid ideas to the user, but i would not
> call it security. Like there is no security in making a web-site that
> only works in IE. If the operator calls this a security thing, it's
> obvius that person don't know squat about security or is lieing. Either
> case lowers the trust for the operator to me.

If one takes a step that thwarts an attack, has security been improved? 
  I say it has.  Does thwarting an attack make a system secure?  Not 
necessarily.

If you have stupidly written a web site that only securely works with 
one browser should you try to restrict access to your web site to that 
one browser?

>> So, is the system secure?  If one's goal was to prevent casual
>> non-compliance then it probably is reasonably secure.  If one wants to
>> prevent anyone from ever running a bad client on their grid then one's
>> grid is not secure.
>>
>> "Security through obscurity" is quite valid.  That's why we (hopefully)
>> choose obscure passwords. If one understands what the obsfucation gets
>> them then is just another layer.
>
> A good random passphase is not security by obsurity.

If a password is not obscured it's not effective.  If I can guess it or 
figure it out it's not secure.  The very point of a password is for 
others not to know it.  The more obscure it is to others the more secure 
it is.  The security relies on this very obscurity.

 > It's a part of authentication of the user.
 > In security reserach one have identified
> three elemetrs thet is needed for an authenitcation of a person.
> "ownership", "knowledge" and "inherence". The passphase is the
> "knowledge" part, the harder something is to know the better thius leg
> of authentication. For example we couls say it you in phone can state
> when year you are born, I think you are you. This knowledge is quite
> easy for someone else to figure out so this leg is quite easy to break.
> By makeing the knowledge some kind of long obsure string I made up my
> self. It's much harder for someone else to figure this out and the trust
> is me is me gets better, Still is just the knowledge element. To make a
> good authentication one need atleast two elements. verifying the two
> other elements of authenitcation over the internet is almost impossible
> even if some atemts have been done.
>
> The passphase only lets you to some extent be sure of the person in the
> other end is the person he or she clames to be. It have nothing with
> securing what he or she can do.

Determining who can do what is often called authorization.

>> I think having lots of easy to setup and use layers is a good thing even
>> when some of them are easily defeated. :-)
>
> The big risk is that no security chain is stronger that it's weakest
> link. And having a loot of staong links in one part makes the user feel
> secure. Feeling secure whan one isn't could be fatal.

I think of security in terms of layers not chains.  If one technique is 
subject to spoofing or man-in-the-middle attack I may need to add other 
layers.  I don't necessarily stop using those techniques because they don't.

John.