Copyright 2001 Sunir Shah. All rights reserved. Meatball Soft Security Safety in Numbers Sunir Shah...

Copyright 2001 Sunir Shah.All rights reserved.

Meatball

Soft Security

Safety in Numbers

http://usemod.com/cgi-bin/mb.pl?SoftSecurity

Sunir Shah

[email protected]


Meatball

“I think that security measures of a purely technological nature, such as guns and crypto, are of real value, but that the great bulk of our security . . . derives from intangible factors having to do with the social fabric. . . . Those who wish to use the Internet as a tool for enhancing security, freedom, and other good things might wish to turn their efforts away from purely technical fixes and try to develop some understanding of just what the social fabric is, how it works, and how the Internet could enhance it.”

Neal Stephenson, Computers Freedom and Privacy 2000 (Toronto)


KEY OBSERVATION


MeatballPARANOIA

http://usemod.com/cgi-bin/mb.pl?DefendAgainstParanoia

SITE

ATTACKER

ATTACKER

ATTACKER

ATTACKER

ATTACKER

ATTACKER ATTACKER

ATTACKER

ATTACKER

ATTACKER

ATTACKER ATTACKER


Meatball

SITE

ATTACKER

VANDAL

http://usemod.com/cgi-bin/mb.pl?AssumeGoodFaith

MORE GROUNDED . . .

USER

USER

KLUTZ

USER USER

USER

USER

USER

USER USER

transient

angry user

mistake


Meatball

KLUTZ

SITE

VANDAL

http://usemod.com/cgi-bin/mb.pl?HardSecurity

HARD SECURITY

POLICE

POLICE

•Passwords•Trust metrics•Rating systems•Moderators•Kickban

Ignored userbase. . .

POLICE

POLICE

REALLY?!

ATTACKER

USER

REALLY?!


Meatball

http://usemod.com/cgi-bin/mb.pl?QuebecCity

CYNICISM IS EASY...


Meatball

SITE

ATTACKER

VANDAL

http://usemod.com/cgi-bin/mb.pl?MetcalfesLaw

SAFETY IN NUMBERS

USER

USER

KLUTZ

USER USER

USER

USER

USER

USER USER

Anyone can help! Even klutz (attacker?)...


MeatballWIKI

http://tavi.sourceforge.net/index.php?WhatIsAWiki

•First is Ward Cunningham’s WikiWikiWeb (http://c2.com/cgi/wiki)

•Anyone can edit any page (usually)

•You can and are encouraged to edit or delete words written by others.

•Special syntax like the LinkPattern.

•WikiNow: The Communal Estate vs . . .

•RecentChanges: The Active Commons.


MeatballSOFT SECURITY IS A SYSTEM

http://c2.com/cgi/wiki?PatternLanguage

Reversible Change

Peer Review

Audit Trail

Open Process

Plus many, many more Patterns.

I’ll only talk about those primarily peer to peer.


MeatballOPEN PROCESSDo things in public.•Secret actions aren’t accountable. (Peer Review)•Information vacuums disenfranchise users.

•New users need role models to learn the community expectations. Lurk before you leap.•Maybe enforce it technically. e.g. Audit Trail.•Online diaries give personal context to Internet.•The Case of Badvogato. Magic algorithms suck.

But

•Democracy moves slow. Without leadership, open processes encourage vehement debate.

http://usemod.com/cgi-bin/mb.pl?OpenProcess


MeatballREVERSIBLE CHANGE

http://usemod.com/cgi-bin/mb.pl?ReversibleChange

Anything that can be done can be undone.•It’s all in software. We control every bit. •White hats will fix damage by reversing it.•Doesn’t punish people. Maybe it was a klutz..?

But• Attackers also can revert legitimate changes.

•Have patience. More white hats than black.

•Bad feelings hard to reverse. (e.g. flame wars)•Some changes are irreversible. (Deleted pages.)


MeatballKURO5HIN HIDDEN COMMENTS

http://www.kuro5hin.org/comments/2001/4/4/51324/29511/50?showrate=1#50

Anything 1.0 is invisible

Reverted!

Audit Trail . . .


MeatballKEPT PAGESHow to prevent a vandal from damaging a wiki? •Naïve sol’n 1: Keep every version. (TWiki)

•Violates forgive and forget. (Flame wars.)•Naïve sol’n 2: Keep the last author’s version (WikiWiki)

•Make two changes (from different IPs/user names).

•Naïve sol’n 3: Keep N previous versions. (PHPWiki)

•Make N+1 changes. Also violates forgive and forget.

•Getting closer: Keep the last two weeks of changes.

•A change to an old page will delete/lose it!!•Solution: Keep only the last two weeks of changes, but start counting time when it is replaced. (UseModWiki)

•Page deletion easy via “DeletedPage”.

http://usemod.com/cgi-bin/mb.pl?KeptPages


MeatballKEPT PAGES EXAMPLE

http://usemod.com/cgi-bin/mb.pl?KeptPages

Spam . . . but revertible

Taken August 4, on the page “MeatballWiki”.

Replaced July 26, 2001, so not expired.

Klutz fixed it himself!

Audit Trail . . .


Meatball

Accountability creates trust.•We can watch our neighbours.•Imperfect: black ski masks.

Online systems are under our control.•We can record who did what, when.•Use peer pressure to induce expectations.•Show what leaders do, create role models.

But •Violates privacy, forgive and forget. Expire logs.•Pseudonymity? Serial identity, IPs/domains

http://bankguys.homestead.com/

AUDIT TRAIL

http://usemod.com/cgi-bin/mb.pl?AuditTrail


MeatballRECENT CHANGES

http://usemod.com/cgi-bin/mb.pl?RecentChanges

Limited duration

Audit Trail User names don’t hide IPs/domains.<a href="mb.pl?SunirShah" title="ID 1003 from

cr824441-a.rchrd1.on.wave.home.com">...</a>


MeatballPEER REVIEWMany eyes, many hands.

•Peers make up for each other’s weaknesses.

•Be aggressive. Continuously maintain stability, quality, sanity through aggressive peer review.

•Couple with Reversible Change, Audit Trail.

•Message boxes are a must!

But

•Reviewers need review.

•Slashdot Metamoderation. Metameta(...)mod?

•Treat reviewers at same level as subjects.

http://usemod.com/cgi-bin/mb.pl?PeerReview


Meatball

“The ITS machines had... the ‘spy’ feature, where anybody could watch what anyone else was doing. ... Tourists loved to spy, ... but ... if any tourist starts doing anything that causes trouble there's always somebody else watching him. ... His friends would get very mad because they would know that the continued existence of tourism depended on tourists being responsible. So usually there would be somebody who would know who the guy was, and we'd be able to let him leave us alone.” Richard Stallman,

Lecture at KTHhttp://www.gnu.org/philosophy/stallman-kth.html

INDIRECT PEER REVIEW


MeatballDIRECT PEER REVIEW

http://c2.com/cgi/wiki?WhatColorIsYourParachute


Meatball

Edited

DIRECT PEER REVIEW (CONT’D)

http://c2.com/cgi/wiki?WhatColorIsYourParachute


MeatballFINAL WORDS

•Give power to your users.

•Fixing mistakes is better than punishing them.

•Allow everyone to pitch in: barn raising.

•Technology should enable not disable.

•Technology provides tools to white hats.

•No one technique works in isolation.

•There is much more to soft security than this.


Meatball


[email protected]

ACKNOWLEDGMENTS

Everyone at MeatballWiki

Clifford Adams (UseModWiki)

Ward Cunningham (WikiWiki)

Rusty Foster (Kuro5hin)

Copyright 2001 Sunir Shah. All rights reserved. Meatball Soft Security Safety in Numbers Sunir Shah...

Documents

Transcript of Copyright 2001 Sunir Shah. All rights reserved. Meatball Soft Security Safety in Numbers Sunir Shah...