A Curmudgeon in Redmond

Using and abusing software since 1966

Computer Security At Home

When I start thinking about system security at home, I find it useful to consider the lock on the bathroom door. It's an extremely weak lock, and any ten-year-old knows how to defeat it. However, in practice, it's quite effective on a wide variety of levels. Consider:

  • It's strong enough to prevent accidental intrusions.
  • It's a powerful symbol of expected behavior.
  • It's impossible to bypass the lock invisibly and anonymously.
  • When the need arises, it's easy to defeat it.

Now, consider the typical access controls on a computer system: They do a reasonably good job of preventing accidental operations. But they're quite different in the other aspects:

  • They're mis-configured often enough that an access denied error isn't a symbol of antisocial behavior; instead it's an invitation to try something else.
  • If you've gotten in, you might as well be invisible and anonymous. Sure there might be a security log, but nobody will ever look at it.
  • The access controls are completely binary -- you're in or you're not. There's no concept of bypassing the lock if the situation warrants it.

The binary nature is especially troublesome when you have kids. They push boundaries by nature; the all-or-nothing behavior coupled with the lack on consequences for getting into something they shouldn't, means that kids tend to learn that if the computer let you do it, it must have been OK. This is completely the wrong message!

The absolute nature of the controls also renders the computer system less useful than it ought to be. While I don't want my kids poring through my tax files, I do want the option of calling a kid up and asking him to retrieve a file and deliver it to my accountant. And I really don't want to give him my password to make this happen.

Putting all this together, here's what I want:

  1. I still need absolute protection against Internet-based attackers.
  2. Within my home, I want a system that prevents casual or accidental access to off-limits data.
  3. In unusual cases, I want anyone (inside the home) to be able to bypass the controls as needed. This should require an explicit action, that can't be undertaken accidentally or unconsciously.
  4. I want to be alerted each time that someone bypasses the security, and I want the alert to include details of what was done.
  5. If access to something is being repeatedly denied, I want to know that, too.

So, if a kid is systematically probing for weaknesses, I can teach him about the difference between what's right and what you can get away with. Or I can apply discipline as needed.

And what I really want is something that will automatically notify me when anything unusual is happening. A device I've never heard of appears on my network? I want to know. A computer suddenly starts sending dozens of emails per second? I want to know. Someone starts a dictionary password attack? I want to know.

But if everything is operating normally, and doing the same thing it did at this time yesterday, I want it to keep quiet.

Is this too much to ask?

 

Posted: Aug 09 2008, 10:45 PM by jim | with 2 comment(s)
Filed under: ,

Comments

ColinWH said:

Becoming even more relevant with the inter-connected home and it's multiplicity of 'standards'.

Colin

# August 10, 2008 9:56 AM

Parent said:

Great post! I totally agree.

Also, what happened to support for white lists in Internet routers? Some routers support black lists, but I had to look around to find a router with support for white lists (I found a D-Link router with some white list support, but it is very archaic, and is way too limited). My teenage kids have their own computers in their bedrooms, but can only access a very short white list of Internet domains from those computers. We have a central, shared, "family" computer that is used by all for general Internet browsing.

I have been looking for a router/firewall that could easily manage rules for white lists (i.e. Internet IP and/or domain) as well as separate black lists, for each local computer (by IP, MAC address, or "DMZ"), that would also provide full logging of all Internet access for identified computers on my network and then send those logs (or possibly configurable "alerts") to another computer on my network (i.e. my computer).

# August 10, 2008 1:22 PM