Lists Home |
Date Index |
That used to be called the 'mosaic problem' in
security circles years ago. Enough 'no's outline
the shape of the thing. If you need to protect
the thing, you have to return an answer of
"I cannot confirm or deny.." and then they
know something is important but not exactly what.
Meanwhile, the repeated attempts and negative
answers emit a pattern of behavior that can
be detected which is why we have time/node
stamps on queries and all of that metadata
is sucking up cycles. So yeah, hardware indeed.
Sigh... so much spy vs spy work.
From: Hunsberger, Peter [mailto:Peter.Hunsberger@STJUDE.ORG]
It's got nothing to do with content, rather it's the problem that
privacy rules (business rules) can be violated by negative responses.
To work around that requires that you understand the context of the
query and the results in combination with each other. This is one of
those areas, where if you have to solve the problem, you can likely
justify throwing non-trivial amounts of hardware at it...