undefined | Better HN

0 pointsR0b0t14y ago0 comments

As you increase the number of systems in series you increase the likelihood of failure. In this case failure is "there's an exploit." When you have A->B->C it's possible that exploiting B, the middle layer, is both possible by going through A but also allows you to pass traffic through C that lets you launch an attack or exfiltrate from the network.

In practice it may be different, but it seems like security theater to just put a bunch of firewalls in series.

0 comments

3 comments · 1 top-level

vlovich1234y ago· 2 in thread

The security failure rate here cannot drop below the weakest link in the chain. In other words in your example A -> B -> C is no different than just B.

The likelihood of failure of independent systems in a series is defined as 1 - product(1 - p(failure of one component)) [1]. It only degraded to the probability of one of the links if the systems are correlated which they’re not here.

I don’t think regular failure analysis applies here (more components = more failure) because the security failure rate gets better with more components and worst case is that of your weakest link. In the traditional failure analysis you’re arguing for, the best case is the failure of the weakest component and it gets worse from there.

[1] https://www.sciencedirect.com/topics/engineering/failure-pro...

R0b0t1OP4y ago

> because the security failure rate gets better with more components

[citation needed]

This isn't obvious to me, and as I explained (in a way that agrees with your first paragraph) more components could just mean more opportunities to get hacked. You'd have to go out of your way to prove that the security does overlap, and you can't trivially go around one component if the other is hacked.

vlovich1234y ago

If hacking one component gives you full access, then yes, more components is worse. If hacking one component means you need to hack the next as well, then security gets better. This is the very definition of defense in depth.

1 more reply

j / k navigate · click thread line to collapse