Technical/Physical Reality

A few days ago I was outside grilling some food with my family. My son, now 2ish, hadn’t ever been outside during this process– so we obviously wanted to keep him safe from the grill. After some verbal queues, I decided to take some chalk and drew two foot(ish) circle around the area I was grilling.

Why? Physical reality.

At 2 feet or so, in order for my son to touch the hot grill, he would need to take a full step to reach it. Any closer and I am simply not quick enough to stop him. But, because of the circle, his speed was diminished by the proximal distance to the grill. One of his primary assets was removed.

In my youth, I used to talk to people about physical reality by asking them what prevented me from punching them in the face at any given moment. They’d often quote things such as morality, legality, need/desire, etc… but at the end of the day, it’s really a question of physical reality. Inside of a certain difference the answer is not much. ¬†Everything else is out of your control.

I’ve been thinking about this with relation to computer systems. Lots of people talk a great deal of game about why attackers wont do xyz, or throw up barriers of obscurity and complexity as means to slow them down… but the reality is that the only mitigation at some point is technical reality. If it’s possible, it can happen*.

This concept of technical reality should be the first practice of anyone who seriously wants to protect their systems. It’s not only the most reliable skill for fixing issues, it’s also the same skill that allows you to turn things to your advantage. If you know what MUST happen for an attack– you know where pick battles. Attackers are bound by technical reality just like you.

In short, relying on statistics and well wishes won’t protect you when wolves come to your door. There is a concept of too late, and you should know it.

* possible and realistic are also two different things–know the difference.

Advertisements
Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: