Time, Broken Stuff, Engineering, Systems, My Audio Career,

and Other Musings on Six Decades of Thinking About it All

by Winn Schwartau
Design by Kayley Melton

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 5 6/20/2018 12:44:33 AM

 WHAT “THEY” ARE SAYING ABOUT
ANALOGUE NETWORK SECURITY
“It is all about the Architecture. Analogue Network Security presents a wide variety of first principles,
models, and frameworks that security architects, software engineers, and programmers should pay
attention to. Analogue Network Security is a treasure trove of tools for improving the security of
every system you encounter.”
Dennis Groves, Co-Founder of OWASP

“Winn’s ANS framework will really make you wonder why the rest of the security world hasn’t
*already* structured itself around time-based security, feedback loops, and taking a probabilistic
view of everything. Do yourself a favor and study it now.”
Clarence Ciao, Neuroscientist and Co-Author of Machine Learning & Security

“You don’t have to take my word for it, but if you do, you won’t be disappointed: This book will melt
your brain and reset your visions back to base. It is so hard, yet so terrifyingly simple. Yes, it can be
a tough ride, but if you get it, you’ll feel reborn. So study this, visualise this, and map it to all you
thought you knew, and prepare to be utterly surprised!”
Edwin van Andel aka @yafsec, Grumpy Old Hacker and CEO @Zerocopter

“Another Winner! Winn again addresses fundamental misimpressions the cyber-security

community has by contributing to the future of the field in unexpected ways.”
Dr. Fred Cohen

“As Winn is quick to point out, we’ve had 50+ years to work out the kinks in the digital world that
surrounds us, however, we’ve managed to do nothing more than tie ourselves in ever-increasingly
complex knots from which we know no escape. I put it to you that this book is the Holy Hand
Grenade of Antioch that our industry needs. The chapters DO need to be approached carefully
as there’s a wealth of knowledge and experience that takes time to absorb. I’d keep a pencil and
paper close as well as your favorite Whiskey to help ease the WTF moments that you will surely
go through. Winn has masterfully managed to take a series of complex ideas and boil them into
something we can ALL use. Enjoy.”
Chris Roberts, Co-Founder, HillbillyHitSquad.com

“This book will make you rethink your security strategy, make you ask fundamental questions, and
force you to re-evaluate your beliefs. You can always disagree with Winn’s conclusions, but the book
will improve your results.” (ALT-QUOTE: “Read the f****** book, and form your own opinion. I
did.”)
Spencer Wilcox, Executive Director Technology and Security, PNM Resources, Inc.

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 2 6/20/2018 12:44:21 AM

 “Binary is just dumbed down analogue. Winn explains, and you learn.”
Gregory Carpenter, Ret. Military Officer & Chief of Security Testing, Titania Solutions Group

“Winn continues to challenge the security industry. If you’re looking for a new perspective on
security, read this book! It’s provocative - you’re going to rethink some of your preconceived
notions about security.”
Tim McCreight, President/Owner, Risk Rebels

“Analogue Network Security is a refreshing look at how we begin to measure dynamic cyber
technical debt and the negative externalities injected by standards groups, product companies, and
decisions of managing computing devices in a connected world composed of people and nations
with evil designs on your data.”
Joe Klein, CISSP, Lead Computer Scientist at [REDACTED]

“This is a new book by Winn Schwartau - the first in I don’t know how many years - with each of his
previous ones being decades ahead of their time. I mean, why on earth wouldn’t you want to buy it
and read it?”
Eric Green, Security Strategist, CyberadAPT

“A few decades ago I came across a thin paperback with the intriguing title Time-Based Security.
It contained some ideas that the IT security world was not ready for at the time, but are now
implemented from monitoring systems to SOCs and more. Now Winn is back with an even more
concise description and I can only wonder when our industry will be ready to implement those
ideas as well.”
Hans “Quux” Van de Looy — Unicorn Security

“Winn Schwartau once again challenges the status quo in his latest book, Analogue Network
Security. This book explores the fundamentals of network security, from its inception to current
day implementation, which is clearly ineffective and needs to be rethought from the ground up.
Schwartau argues that analogue methods can deliver meaningful metrics leading to stronger and
better managed security controls, which ultimately raises the economic cost to adversaries and
reduces cybersecurity risk in an increasingly connected world.”
Dr. John D. Johnson, CEO/Founder, Aligned Security

And last, but not least…

“This is truly a book. I believe that Winn has put a lot of words into this book. He has also put in
punctuation marks. I couldn’t put it down. That may be because my copy had glue on it. Exercise
caution — he is a prankster.”
Professor Eugene H. Spafford, Purdue University CERIAS

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 3 6/20/2018 12:44:24 AM

 Written by Winn Schwartau.
Designed by Kayley Melton, with the mathematical expertise of Mark Carney, artistic assistance of Alissa Phillips, services of
Brenda McClearen from McClearen Design, and editing skills of Erica Rodgers. Oh, Yeah! My bride and partner of 40 years,
Sherra, has been at the core of keeping me on track with this insanely complex project. And, boy, can she edit!

1. Computer Security. 2. Information Security. 3. Network Security. 4. Internet Security. 5. Application Security. 6. Network
Management. 7. Information Warfare. 8. Critical Infrastructures. 9. National Security. 10. Deep Learning. 11. Neural
Networks. 12. SCADA. 13. ICS. 14. Analogue Systems. 15. AI. 16. Machine Learning. 17. Social Engineering. 18. Phishing.
19. Feedback. 20. OODA Loops. 21. Hackers. 22. Denial of Service. 23. Defense in Depth. 24. Network Defense. 25. Data
Protection. 26. Phishing.

ISBN: 978-0-9964019-0-6

© 2018 Winn Schwartau, LLC. All rights reserved.

No portion of this book may be reproduced in any form without written permission from the publisher, except: Some
portions of Analogue Network Security can be found at http://www.winnschwartau.com/analoguenetworksecurity/ and
may be freely copied and distributed in both electronic and hard copy form as long as no content changes of any form are
made, and full credit is given. For all other reproductions, reprinting, translations, and uses, prior written permission from
the publisher is required. Fees may apply. Private labeled, company branded, and customized versions of this book are also
available. Portions of the content of this book describe inventions that are currently patent pending. Contact us at
Rights@WinnSchwartau.Com for details.

Published by:

SCHWARTAU HAUS

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 6 6/20/2018 12:44:38 AM

 QUICK DISCLAIMER, DEDICATION,
& ERRATA
Analogue Network Security is a suite of ideas, not Regarding my ideas, call me out if you want,
solutions. It’s just a different way of looking at the please! But do so with constructive feedback on the
cyber world we have created. ANS thesis, not on academic minutiae I have avoided
By any academic standards, I fail at pointing to by choice or error. There WILL be errata. Please let us
every single reference, source, and citation. I chose know – gently – where we messed up.
this approach to make the topic more accessible, And yes, I do hope to invoke analogue nostalgia.
encourage new thinking versus pure regurgative- Plus, some of my stories might trigger you to delve
EDU, and besides, links do expire. I give credit where deeper into ‘ancient engineering’. Not everything new
I am aware of it; any such omissions are my fault and is always better. Just sayin’.
not intentional. Analogue Network Security is first dedicated to
I also did not attempt to define every term or my wife, Sherra. F**k Cancer. She is my rock and a
acronym. I assume a basic level of technical awareness survivor. She has tolerated me working on this project
and the ability to learn on the fly. Wiki is an easy go-to for the last 17 years. She has worked relentlessly with
starting place. (Please remember to contribute $.) me as editor and critic, inserting clarity as necessary,
and this book is now far better than the first 100 drafts.
Finally, I dedicate this book to the Hacking and
Security Communities of which I am proud to be a
part. You all have been incessantly, constructively
You will notice, occasionally, some “Gear
critical in calling out my bullshit when needed,
Boxes” like this one, with seemingly random
contributing and adding where appropriate, and
comments which may appear to have no
tolerating how long this process has taken. You are
reference to any associated text. Please
equally friends, colleagues, and family.
consider them as side thoughts, points of
interest, facts, etc. I akin them to Bright Blue
Shiny Objects floating by, which just cannot With deep respect,
be ignored. So I wrote them down. Winn

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 7 6/20/2018 12:44:43 AM

 CONTENTS

0 Why Analogue Security?

Read It Your Way... But, HARK! .................................................................. ii
Analogue Network Security is a Bear ......................................................... iv
The Analogue Genesis ............................................................................ v

1 50 Years of Security
Walled Cities and Other Battles Lost ......................................................... 2
Deterrence ....................................................................................... 5
The Yardstick ........................................................................................ 6
The Guarantee ........................................................ ......................... 8
A Brief History of Security Models ............................................................ 9
Symmetric Security ............................................................................... 13
Profile of a Security Model ..... ................................................................. 17
Synergy ............................................................................................... 20
Lessons Learned ................................................................................... 21

2 The Basics of Time-Based Security

Time-Based Security Genesis .................................................................. 24
The Pawn Shop .................................................................................... 25
It’s a War Out There ........................................................................... 28
Jesse James ......................................................................................... 31
The Vault ............................................................................................. 33

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 8 6/20/2018 12:45:01 AM

 It’s About Time ....................................................................................... 37
Analyzing the Time-Based Security Formula ............................................... 40
IS Time Analogue? .............................................................................. 40
There is No Protection ............................................................................. 43
E(t) Phone Home: Exposure ...................................................................... 45
An Extremely Extreme, Yet Unwise Case ................................................... 47
Reactions .............................................................................................. 48
Physical Time-Based Security Metaphors.................................................. 52
Divide by Time ....................................................................................... 54
Padding ............................................................................................ 55
Compressors & Limiters ........................................................................... 56

3 WTF, Analogue?
The Brain............................................................................................... 60
Analogue 101......................................................................................... 61
Square Waves are Analogue...................................................................... 63
Digital is Not Binary................................................................................. 65
Is It Analogue?..................................................................................... 67
The Ladies’ Room................................................................................. 69
The Fastest Computer............................................................................ 70
Granularity in Digital Audio....................................................................... 72
You Can Add Them Easily....................................................................... 74
Smoothing Functions............................................................................... 75
The Power of Perception........................................................................... 77
Flatland............................................................................................ 79
Trending............................................................................................ 80
Fractals................................................................................................. 81
Static vs. Dynamic................................................................................... 84
Electronics 101....................................................................................... 88
Analogue Computers in History................................................................. 91
The Inequality of it All.............................................................................. 94
On the Quantum Nature of I.T................................................................ 96

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 9 6/20/2018 12:45:06 AM

 4 Let’s Kill Root
The Buck Stops with Root ....................................................................... 98
I Have Trust Issues.................................................................................. 102
The Case of the Sole Admin.. ................................................................. 109
The Case of Multiple Admins................................................................. 111
The 2-Man Rule 101............................................................................... 113
The 2-Man Rule 201............................................................................... 116

5 Feedback
Feedback ............................................................................................ 120
Feedback in Nature ............................................................................ 124
SCADA & ICS ........................................................................................ 126
Dutch Dikes ...................................................................................... 128
Time & Clocks ...................... ................................................................. 129
Flip-Flops ............................................................................................ 132
Step in Time: Boolean Relays ................................................................ 133
Memristors .......................................................................................... 134
The Basic Building Block of ANS: The Time-Based Flip-Flop........................... 138
My Wife’s Car .................................................................................... 143
When Bob is No Alice ............................................................................. 153
Degrading Trust ................................................................................ 157
Trust Factor Feedback ............................................................................ 159
Top 10 of Analogue Network Feedback ................................................... 161

6 OODA, TCP/IP, & OOB

Getting Loopy ...................................................................................... 164
Green Furry Things ................................................................................ 166
OODA Everywhere ............................................................................. 169
The Trust Engine From an OODA View ...................................................... 171
Squeezing the Loop .............................................................................. 174
Sub-OODA Loop ................................................................................ 176

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 10 6/20/2018 12:45:12 AM

 OODA in Security .................................................................................. 178
TCP/IP & OOB: Putting the Pieces Together................................................. 180
TCP/IP: The Best & the Worst of Times........................................................ 181
Out of Band (Not a Rock ‘n Roll Term...)...................................................... 182
Negative Time................................................................................... 186
My Bank............................................................................................... 187
OOB & Negative Time......... ................................................................. 190

7 Detection in Depth

Carbon Units Before Silicon..................................................................... 192

Defense in Depth................................................................................... 195
Detection in Depth Factoids.................................................................. 197
Defense in Depth: The Time-Based Security Way......................................... 198
Graceful Degradation............................................................................. 205
Pen-Testing Analogue Style..................................................................... 207
The Vanishing Chip............................................................................. 208
Detection Limits.................................................................................... 209
Behavioral Algorithms............................................................................ 213

8 ANS Applications
Ping, McFly!............................................................................................ 216
Measure Your Security.............................................................................. 217
The Horror of It All (Time-Wise)................................................................ 227
A Short Form....................................................................................... 228
Damn! Stop It!........................................................................................ 230
Social Media, Bikini-Grams, and NSFW..................................................... 236
Anti-Phishing.......................................................................................... 240
Fake News is Bullshit............................................................................. 242
DDoS.................................. .................................................................. 243
Stopping Spam & Saving Granny ............................................................ 264
Detection/Reaction Protocol..................................................................... 267
Time-Based Security and I & A .................................................................. 268
Miscellaneous Application Thoughts.......................................................... 271

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 11 6/20/2018 12:45:17 AM

 Encryption........................................................................................... 274
Time-Based Deception........................................................................... 277
The Many Facets of Deception.............................................................. 280
Honey................................. ................................................................ 282
Privacy................................................................................................ 283
Metamorphic Networking...................................................................... 284
Offensive Time-Based Security................................................................ 285
Offensive Time-Based OODA................................................................ 287
Inside the Attacker’s Loop.................................................................... 289
Security Awareness............................................................................... 290
ANS, OWASP, & Software Programming.................................................... 293

9 Analogue Epilogues
The Analogue Epilogues’ Prologue........................................................... 296
Real Math Behind ANS and Detection in Depth by Mark “Math Bitch” Carney.......... 298
Infinity Begets Chaos............................................................................. 316
What Does Security Look Like?................................................................ 319
Security Management Porn.................................................................... 322
Visualizing Security............................................................................ 326
Policy Makers: Your Turn........................................................................ 328
Speed of Signal................. ................................................................ 329
Wall Street Bitches at Me..... ................................................................ 330
Errrorrz............................................................................................... 332
Six Sigma in Networking........ ................................................................ 334
3 Domains of ANS Interaction................................................................. 338
AI & ANS.............................................................................................. 340
Predicting the Future.......................................................................... 344
Hiring the Unhireable............................................................................ 345
Prison in the Cloud: My Outrage.............................................................. 346
How Much is that Data in the Window? ................................................... 348
ANS Design Tools Cheat Sheet ............................................................... 353
This is the End...................................................................................... 362
Bibliography........................................................................................ 362

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 12 6/20/2018 12:45:22 AM

 0
WHY ANALOGUE
SECURITY?

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 1 6/20/2018 12:45:23 AM

 READ IT YOUR WAY...
BUT HARK!!
Please, do not try to sit down and just read engineering (and a hint of quantum) context
this book. It won’t work. At least it didn’t for me. for the way the world worked (indeed, works!)
Some of my thoughts may not initially seem This is also where I get to have some fun,
to have a relevance to security. Please bear with recalling my first career as a sound and
recording-engineer/producer during the
me. We are going to cover a lot of topics.
rock’n’roll heyday.
First, as a foundation, a little history. It will
For those of you who grew up thinking
be brief. After all, we are talking about security
“digital is God”, I will attempt to show you
models, so a little context would be useful.
the error of your ways. Or at least, show you
Some medieval network security thinking,
another way of looking at networks. The idea
ancient models that fail us, and a high level
of binary vs. analogue spectrum has hurt our
view of how we got into this mess.
field, as well as real-politiks globally. I will stick
Next, I will re-introduce the traditional to the tech aspects, I promise.
basics of the TBS (Time-Based Security) Then, we travel to the early 19th Century
model, from the 1998 book of the same name and re-meet George Boole for a refresher on
(http://amzn.to/1MAv8Qz). I’ll position it with Logic 101. You will learn that Boolean algebra
additional metaphors and add a bit more to is powerful, but time-static. I will attempt to
complete some current thinking about it, with solve that limitation with a new way of viewing
a dose of analogue terms thrown in to get your Boolean logic using min-max and TBS-
analogue neurons stirring. conditioning.
Since I propose that “digital is not binary” The Two-Man Rule (aka Four Eyes) – and
as a core tenet necessary for revised network this escapes me entirely – has been almost
security thinking, a brief look at “WTF, completely ignored in security. I don’t get it.
Analogue?” (Chapter 3) will provide some Maybe you can help me understand how we

ii

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 2 6/20/2018 12:45:26 AM

 Why Analogue Security?

messed up, and created one of the foulest four- In audio engineering, we mostly used Out-
letter words in the English language: ROOT. of-Band (OOB) methods for control and
Trust is, unfortunately, often viewed as communications. In network security, we have
a binary function. I want to examine how an another example of a failure to adapt a model
analogue view of trust will give us a more which already works - TCP/IP. It is the best of
accurate approach to trust in an ever-connected protocols; it is also the worst.
world. Yes, I mean the IoT or whatever current I will finally glue those ideas together, into
term is popular. one massively reimagined architecture to be
Then, some really cool stuff, as I begin to tie used as the basis for networks, applications, and
some of these thoughts together. Feedback is a all things security. By combining many of these
decidedly analogue concept that I will approach concepts, I believe we find new approaches
in all three security domains and from differing to solve DOS, DDoS, spam, and a significant
fields of expertise. It permeates engineering, percentage of ‘internet noise’ - read, security.
yet is not actively used in network security. Led I believe we can mitigate risk by granularizing
Zeppelin taught me a lot about feedback. I will Root. I believe that by looking at security
pass-on those lessons as they relate to network controls with an analogue eye and mindset, we
security, as well as why the Netherlands is still a can develop far better network security tools
country - only because of feedback. and solutions than those with which we are still
With the discussions of feedback we will tinkering.
explore how to launch nukes, address some Much of what you will read may seem
of women’s equality issues, and drastically obvious once you have read it. I hope that is
increase the efficacy of network security. true, because then it will be easier for you to
Instead of doing the same things over and first accept, then apply these concepts into
over and expecting different results, Analogue products, operations, processes, controls, and
Network Security will give you the strategic of course, security.
concepts and some tactical tools to get a
I hope you can read a section and think
provable improvement in any network or data
security effort. about it for a while before plunging ahead.

I do hope that some of my proposed ideas I do not claim to have solved anything.
around Detection in Depth will supplant gut Rather, I am proposing a new way of thinking
reaction traditionalism. about networks and security. I probably have
lots of things wrong… so, no hating; only
The OODA Loop has been relegated, constructive synergistic critique, please.
unfortunately, to military thinking. Since
Information Warfare (http://amzn.to/1LTZeL), Our industry needs a massive rethink. So,
we have been at war, but we behave like let me attempt to explain Analogue Network
everyone else is playing fair. In fact, one Security.
popular network security view is that we have
to assume our networks have already been Winn Schwartau
completely compromised. Ergo, we continue (I first started this project on a beach on the Indian
to lose. But perhaps, the OODA loop offers Ocean. I finish it at the top of ski mountain.)
some direction.

iii

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 3 6/20/2018 12:45:26 AM

 Why Analogue Security?

ANALOGUE NETWORK SECURITY

IS A BEAR
Two men are walking through a forest.
Suddenly, they see a bear in the distance,
running towards them. They turn and start
running away. But then the first of the men
stops, takes some fancy running shoes
from his bag, and starts putting them on.
“What are you doing?” asks the second
man. “Do you think you will run faster than
the bear with those?”
“I don’t have to run faster than the bear,”
he says. “I just have to run faster than you.”

The Bear Formula, measured in speed:

Man 1 > Bear > Man 2

he first key to survival and autonomy

is the ability to adapt to change
he second key to survival is the ability
to accurately predict the future

This is the basis of Analogue Network Security.

iv

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 4 6/20/2018 12:45:28 AM

 Why Analogue Security?

THE ANALOGUE GENESIS

My parents were both analogue engineers.
Dad worked on radar development in WWII. My
mother was a voice actress, then trained as an audio
engineer at NBC’s 30 Rock while men were off fighting
the war.
Weekends with my dad were chock-full of
engineering. I’d help him wire up the audio in
Along I came, and I was fixing TVs Greenwich Village speak-easy-like clubs by hauling
by age five. Don’t be so impressed. wires and crawling through the ceilings. We’d build
In those days, it meant removing model engines. Then we built an analogue computer
all of the vacuum tubes from the
back of the set, trundling down to
– yeah, more about that later. All the while, I received
the drug store, and testing them a non-optional, comprehensive education in analogue
one by one until the faulty one electronics by age 11.
failed. Hell, it was a paying job!
My mom had a small recording studio at home, and
I was paid 50¢ per afternoon to cut and splice 1/4”
magnetic tapes by the tens of thousands from 1st to
6th grade or so. When I was 12, we spent 4 months in
Yeah, we had the 60s equivalent
Europe recording sound effects for my mom’s clients.
of a portable recording facility.
That same year, the New York World’s Fair opened and
it was absolutely necessary for me, obviously, to build a
scale model of it, add audio, and roughly synchronize a
barely adequate light show.
I learned how to solder and build radios alongside a
fellow nerd and it wasn’t until 2010 or so, that I realized,

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 5 6/20/2018 12:45:29 AM

 Why Analogue Security?

that same childhood neighbor, Dickie, grew up to be

Richard Stallman of GNU fame.
At 16, I went to work for MiraSound Recording
Studios. (Yes, all analogue.) Bob Goldman took me
under his wing and taught me vinyl mastering (analogue
electronic and mechanical audio) and systems design
philosophy (his, anyway), and at 17 I was the lead
engineer to build Studio-C .
My first digital audio experience was at the Nashville A few years prior, I had ventured
factory for Harrison Systems (where I met my future into building an automated
assembly system for U.S. Army
bride, Sherra), and its disastrous audio automation
training material. The design was
system called Auto-Set. Neve Electronics (don’t worry, fine. The problem was I wired all of
you never heard of them) introduced its automated the boards. And, being color blind,
audio system by attaching DC-motors to the faders I used Green instead of Orange as
(volume controls on a mixing desk) and Nashville’s my exponent in the color coded
pull-up resistors.
Valley People introduced VCAs (Voltage Controlled
My wiring career
Amplifiers) as the audio industry attempted to early- ended abruptly.
adapt the fusion of analogue and digital audio.
I resisted. I fought the first generation digital audio
systems on both aural and engineering grounds. I
abhorred the total lack of discipline that this new audio
engineering technology seemed to bring along with it.
That’s why I left professional audio in 1981.
2012 was a conceptual watershed year for me in
security. Disparate, seemingly unconnected ideas were
falling into their proper places with clarity. I became
absorbed in systems, processes, quantum consciousness,
memory, chaos, unpredictability, and predictive
modeling. I discovered I was re-establishing many of
my analogue roots and felt the first waves of an inchoate
synergetic calmness.
This book is the result of some of that thinking.
It doesn’t matter whether you agree with these ideas
or not. All I ask is that you think about them. Add
your own flavor or twist to them. Or, discard them.
And please, let me know your thoughts. As long as
they’re analogue, of course.
vi

0-ANS_WhyAnalogueSecurity_2018-6-19_K-FINA.indd 6 6/20/2018 12:45:30 AM

 6/20/2018 12:50:19 AM
Back in “the day,” as a broke audio-kid, I used to
get utility bills with a punch card, a corresponding
paper bill, and a pre-stamped return envelope. I
discovered several blank (null) spaces (punch
card fields) to the left of the amount I owed and
asked myself, “What if I punch a minus sign in
that vacant field?” I got monthly refunds for the
amount of services I used for almost two years.
50 YEARS OF

(Statute of limitations is up.)

SECURITY
1

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 1
50 Years of Security
 WALLED CITIES &
OTHER BATTLES LOST
Let’s just admit it. Information, Computer,
and Network Security is abysmal.
Nation-states, NGOs, and organized crime are kicking
our butts.
When business and government must operate
on the assumption that their networks are P0wn3d,
common sense says we’ve been doing something very P0wn3d : you have been
wrong for decades. When entire populations can compromised by hostile forces
who have established an
suffer for security failures beyond their control, we
electronic beachhead.
know we have failed to build-in balanced protection
and remediation mechanisms. When we deploy
billions of mobile devices designed for function over
security and privacy, one must question and consider
the motivations.

Let’s step back to the 1970s to consider the

original thinking behind computer security.

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 2 6/20/2018 12:50:19 AM

 50 Years of Security

It was based upon an older physical model; the

protection of sensitive hard copy information entailed
placing armed guards in front of a locked room
containing a padlocked file cabinet. Info-guards of the
The Trojans defended their walled Cold War. Only the good guys (Trusted Insiders) could
acropolis for years by closing the enter the building, access the locked room, and unlock
gates to the city. The Mycenaean the secret filing cabinet. So, why not apply the same logic
invaders were forced to wait to information security? Maybe firewalls will fit the bill.
outside on the wide plain, in the
slim hopes of starving out the The concept is an old military one: fortress mentality.
defenders. So, as Homer tells us, We keep the bad guys out by building the walls higher
they found another way. and higher and making the moats wider and deeper. For
thousands of years this mentality has been a consistent
theme. But no matter how high you build a wall, the bad
guys can still fly over it, dig under it (as they did with the
Berlin Wall), or drive around it (the Maginot Line). No,
there is no perfect static defense.
The Chinese attempted to protect
their empire with a physical While security modeling has traditionally attempted
firewall 1,500 miles long. to keep the bad guys out, in both the physical and virtual
worlds, businesses have always wanted and needed to let
the good guys in to conduct commerce and encourage
window shopping. The problem the store owner has is,
“How can I identify the good guy from the bad guy?”
The Athenian Acropolis. It’s tough, with some even resorting to constitutionally
questionable stereotyping. The answer I remember from
my teenage supermarket and drugstore jobs was to watch
a customer’s behavior. We used mirrors and secret codes;
we’d have to monitor the potential offender’s activity in
the store while pretending to sweep up, then report it
when appropriate.
Wall Street in New York protected
the European immigrants from The same problem has persists in the electronic
the native “savages” of Northern world, and we have to ask ourselves the same question:
Manhattan Island. how do we tell the good guys from the bad guys? A
corollary question is, “How can building higher walls
around my electronic place of business secure an
open system whose fundamental goal is to encourage
informational/data/commercial exchange amongst
A useless Maginot Line in World
lots of people in various locations with different
War II. interests, behaviors, and agendas?”

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 3 6/20/2018 12:50:20 AM

 50 Years of Security

In the original 1970s security models (Ross Anderson’s

Security Engineering; the Bell-LaPadula Model; the Biba
Integrity Model, etc.), mediation of process requests
generated audit trails of varying granularity. An analysis
of these past-datum logs will show prior activities. One
systems administrator from a government agency (who
should know better) said to me in an open audience
forum, “Oh, we have security. We check our audit trails
at least once every two weeks.” Clearly, there’s a problem
in both attitude and implementation.
However, that security model was based upon
another antique premise: computers operate in Internet security is like the Maginot
isolation – there is no such thing as a network. Line; just pushing attackers above,
under, and around our protective tech.
When the Trojans let down the drawbridge to admit
the horse, they were “networking” with the outside
world. When the Germans bypassed the Maginot Line,
they created a network with the French, using Belgian
routing. When people sailed over or around the Berlin
Wall, the network connection was made.
When security pioneers began to develop security
models, they took a similar approach, because the
network had not yet begun to live and expand as an
independent entity. And then criminal hackers arrived.
Based upon Fortress Mentality, our network defense
program began. And the result? Use firewalls. Use
passwords. Use Access Control Tables.
Do you know which security companies guarantee
their products or will provide a warranty which Hackers are good. Evil, criminal
states, if you use their products, they will accept legal hackers are bad.
responsibility for any losses you suffer if their products I want this
important
are compromised? Some won’t release source code to
distinction
permit verification on how well their products work. made clear,
Even algorithms of dubious efficacy are carefully before we
guarded, yet at the heart of many security initiatives. go any
further.
Generally, security vendors do not and cannot
guarantee their products. I don’t like it, but I
thoroughly understand it. That’s where Analogue
Network Security enters.

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 4 6/20/2018 12:50:21 AM

 DETERRENCE
Some security folks propose to renew
the Cold War concept of deterrence, MAD
(Mutual Assured Destruction), in some cases.
I am not a fan. Never was.
It implies that the defensive actor is
willing to take significant deterrent action
when all else fails. That’s called escalation,
which is fine, if you have the political will
and the ability to defend and gracefully
degrade. At the private level, active defense
is illegal in most places. Strike back, active
defense, vigilantism; different spins on the
same theme.
We just don’t know the fine print in an
escalatory conflict spectrum. Where is the
tipping point between cyber and kinetic
conflict? Is it a clear manifestation of
policy, or – as are so many tipping points any other weapon and use it against you. The
– the result of chaotic analogue functions? key point is, I am allowed to remove your
Where so many indefinable variables create weapon.
instability, even the smallest system change In this case, I also have a reasonable
inadvertently triggers an unexpected and degree of attribution, versus the anonymity
probably unwanted action. of well-crafted cyber attacks.
• You can’t go half-asymmetric. In the online world, however, that is
• Our adversaries don’t care about rules. illegal. The possibility of consequential
• Our lawyers do. collateral damage, or inaccurate attacker
identification, is the oft-cited rationale for
However, I have asked lawyers and
the current legal posture. I will later suggest
politicians for years to solve the following
a model on how, with global cooperation, I
problem. (Thus far, they have not.)
believe many such attacks can be mitigated
In the physical world, if you attack me before they become damaging. Additionally,
on the street, I can use any weapon at my like with Dridex C2 servers or Mirai infected
disposal to defend myself. I can also, if IoT devices, the victims become part of the
capable, take away your knife, bat, gun, or aggressor, against their will.

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 5 6/20/2018 12:50:24 AM

 50 Years of Security

THE YARDSTICK
How secure is your network?

Use any scale you want.

Perhaps, you like scales from 1-10, with 10 being
completely, perfectly secure. On that scale, how secure is
your network? Or perhaps you prefer an academic-style
grading system. Does your network get an A? B-? C+ or
an F?
I see so much cringing whenever I ask that question.

How do we measure security?

What is the risk of a particular network action,

security choice, or hiring decision? Each one relies
on some degree of trust which influences the macro-
security of an enterprise versus the micro-security of a There are a lot of trust discussions
particular device or data-set. So, what scale do we use? coming up, I assure you.

In so many cases, we tend to boil down our level of perceived

security to a binary answer:
✓ Acceptable
X Not Acceptable

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 6 6/20/2018 12:50:25 AM

 50 Years of Security

But what scale and what metrics do we use to get to

that binary decision? That’s fairly arbitrary, and certainly
not an agreed upon reference or standard.

So, let’s ask the vendors. (Makes sense.)

“Mr. Firewall, how long can your solution sustain a [specific attack method and vector] before
the protective security fails? In weeks, days, or hours, please.”

“Ms. Crypto, what guarantees do you offer that your key

management system is bulletproof?”

“Mr. Anti-Virus, what is your guarantee that

my networks will never be infected with your
published list of malware?”

“Mrs. Vendor, can you please supply me with an

EULA that provides performance and security
guarantees instead of excuses?”

We can’t measure security. Or, so goes the

conventional wisdom.
I disagree.
I know this is a bit harsh, and I do understand the
vendor position. But these questions are fundamental
to finding a new approach to network security. In my
honest opinion, metrics are key to this effort.

These same arguments can well be

No, we cannot measure all aspects of security to
made regarding software vendors the nth degree. But this book should help provide you
and hardware vendors who with some new tools to measure many quantifiable
depend upon software. Security is characteristics of our networks.
merely a vertical application.

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 7 6/20/2018 12:50:26 AM

 THE GUARANTEE

THREE THINGS:
1. No matter how many firewalls and access controls you install,
passwords and policies you enforce, or upgrades and patches you
apply, it’s almost a 100% sure bet that you won’t be 100% protected.
(There is no silver bullet, right? Besides, you can’t patch a person, can you?)
2. Security vendors don’t guarantee their products. (I don’t like it but I DO get it.)
3. We operate under the assumption that we cannot measure the efficacy of security products
or protective systems.

I largely disagree.

So what yardstick can we use?

(We’ll get to that in Chapter 3, Fractals.)

Cyber-insurance – a growing
industry – should benefit from
adding time dimensions to its
risk approaches.

An awesome locked gate protecting an

ancient Roman fortress in York, UK.

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 8 6/20/2018 12:50:29 AM

 50 Years of Security

A BRIEF HISTORY
OF SECURITY MODELS
It all began with a military funding effort from the
Department of Defense and some very smart people who
were hired to think about computer security. (Back then
TCSEC (Trusted Computer Security networks were still experimental. Think pre-dial-up.)
Evaluation Criteria) or the Dept. of
Defense’s “Orange The outcome was the TCSEC, the first formal
Book” from information security methodology. First offered as a
1983. document in 1983 and formalized 2 years later, TCSEC
became the guideline by which we were to secure the
commercial and government sectors from bad guys
breaking into our computers. The way we told everyone
to proceed was with a classification system from a fairly
insecure D level, to the top, best of breed A-1, which
included mathematical proofs plus years and years of
analysis. There was a problem. One A-1 system, SCOMP,
a mainframe security system, assumed on power-up
that the guy flipping the switch was 100% trusted.

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 9 6/20/2018 12:50:30 AM

 50 Years of Security

TCSEC employs the concept of the Reference Monitor

via access controls to provide information protection.
It was originally conceived by Ross Anderson (1972), I suggest that the interested reader
embellished by Bell & LaPadula (1973) with huge examine other models: ISO/IEC
help from security pioneer Dr. Roger Schell, and later 27000, RBAC, Zero Trust, Clark-
interpreted as an integrity model by Kenneth J. Biba Wilson. Don’t forget newer data-
centric approaches, including the
(1977).
use of blockchain technology.
With this approach and model, system requests are
to be mediated by a so-called traffic cop - the Reference
Monitor (below) – before executing.
Whether at the application layer, with the Operating
System, or even at lower network and hardware levels,
the Reference Monitor creates a range of problems for
both the security engineer and the systems user.

Remember, this was 1970-era tech.

The Reference Monitor slows down the system by

requiring a process to be halted until the mediation is
complete. Such a slowdown can be negligible if only a
few processes are to be monitored. But, if a file opens,
closes, and every process is included in the Rules Table,
system performance can come to a seemingly grinding
halt. Add networking and the grinding halt permeates
throughout.
10

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 10 6/20/2018 12:50:30 AM

 50 Years of Security

Security models generally call for the generation of

an audit trail of system and process executions. The
granularity provided by the audit trail can, at times, be too
much and it creates immense, often unintelligible audit
trails, again using up system resources and time. Today
we call that big data, which many say is a good thing.
In 1990, my company designed and The Reference Monitor’s inherent philosophical
developed COMPSEC II for the C2 problems found in the Orange Book and other security
component of Novell Netware. models over the years, continue to hinder real world
security practitioners.

1. TCSEC was aimed at standalone computer systems, especially mini-

computers and mainframes. In addition, certain levels of physical
security were assumed to be protecting the computing resources –
such as fences, barbed wire, dogs, locked doors, and heavily armed
security forces. Largely, TCSEC was for government and military use.

2. In 1987, the National Computer Security Center (NSA-centric)

published the Trusted Network Interpretation, supposedly an approach
to apply Orange Book principles in a networked environment. This
effort was even more of a commercial failure as it offered few real
solutions. After two years of study, the paper essentially came to the
conclusion that we had no earthly idea how to secure a network.

3. Secured Operating Systems were the thrust of many TCSEC efforts.

The NSA accreditation of a secure operating system is an exhaustive
Moore’s Law roughly states that process that can take two or more years to complete. In the commercial
given constant dollars, the power world, this represents two or more generations of technology. Secure
of computing doubles every 18 operating systems (for standalone environments) were often so
months. Recent developments restrictive in their operation that much needed functionality was
by IBM and Intel have suggested stripped away. In the private sector, this was anathema. Internal staff
that this period might be need access to physically remote logical resources across external
reduced to less than a year.
public switched networks.
Alternatively, along comes a
disruptive tech that starts the 4. Secure operating systems often required applications to be specially
process all over again. Think of it written for that secure O/S, according to a revised set of rules.
as a reboot of Moore. This would necessarily increase the required efforts of software
development geometrically.

5. Development of applications, which meet TCSEC specifications, can

take just as long — an eternity in a world where Moore’s Law reigns
supreme. Obsolete, often useless applications become the rule.

11

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 11 6/20/2018 12:50:30 AM

 50 Years of Security

TSCEC has some effective, real-world applicability

and we must acknowledge its significant contribution to
the thought and evolution of computer security. Other
security approaches have been attempted over the years,
but have generally been found to be lacking, overly-
complex, resource intensive, and not abstract enough.
They tended to be pin-point, surgical strike attempts
at security versus an over-arching abstraction that can
apply to multiple domains.
The problems with these models became increasingly
clear as symmetric communications in distributed
environments became the norm. Translation: the
internet, intranets, email, and webification changed the
rules virtually overnight. For all practical purposes, our
approach to computer and network security has been
static and limiting.
The current (some say superior) approach is the
fourth revision of the evolving Common Criteria, a ATTACK SURFACE
mixture of the U.S. TCSEC, UK’s ITSEC, and Canada’s One of our book reviewers said
CTCPEC. The value to vendors of investing hundreds his family of six only uses:
of thousands of dollars for an evaluation is a subject iPhones (4)
of debate. Source code evaluation is reserved for only iPads (6)
the highest certifications, making the program less Android Tablets (4)
than common. Computers (6)
Media Servers (2)
As we learn more about Analogue Network Security, Video Gaming Systems (5)
we may find that, in some cases, a perfectly acceptable Televisions (5)
way to secure some electronic assets of an organization Blu-ray Players (4)
will be to eliminate protection devices and technology. Cable Boxes (2)
Routers/Firewalls/Switches (2)
Counter-intuitive, yes. Will it work? Wireless Access Points (2)
Children’s Toys (4)
We shall see.
Now, multiply by orders of
magnitude in homes, and by
some almost-impossible-to-
measure-factor in the enterprise.

12

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 12 6/20/2018 12:50:30 AM

 50 Years of Security

Credit: Pixabay.com under CC2.0

SYMMETRIC SECURITY
Firewall technology was an early contender in internet
security and its use continues to echo the fundamental
premises of access-control driven TCSEC and its flaws:
keep the bad guys out — definitely a military mindset.
Some firewalls and similar protective perimeter
approaches are meant to protect the electronic inner
sanctums of private networks from the ravages of the
internet.
They were then discovered to be useful as protective
devices on intranets within organizations to keep the
valuable resources of various departments, divisions,
campuses, and partners isolated from each other. Dr.
Just consider how much money Fred Cohen stated, “In this way, they have been, and
the DoD and the NSA invested in will continue to be, valuable for some time. Barriers
contracts to companies whose help, even if they are not perfect, because they allow
task was to design the ultimate you to focus other resources on the things the barriers
security protection device.
don’t stop.”
Their goal was to connect their
classified systems to the internet. The principle of the firewall was originally an
Devices such as SNS (Secure extension of the “Build a Higher Wall” mindset. But,
Network Server) have been put
very quickly, some of us realized that the security
into service in isolated cases -
tens of millions of dollars later. models in use at the time did not match the real-world
business models being practiced.

13

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 13 6/20/2018 12:50:31 AM

 50 Years of Security

I look back on the good ol’ days when information

security was so darned easy. Well, maybe not darned
easy, but one whole heck of a lot simpler. Really, it
was. And there are lots of security professionals and IT
managers who also recall how security used to be so
simple. (Simpler...)
“Trusted workers” sat at text-only dumb terminals,
which were hardwired to a mainframe where the data
was processed and stored. A reasonably simple access
control mechanism kept clerks out of the files where they
weren’t wanted. It kept salespeople away from payroll.
This was one-way street, or uni-directional, security.
Many of us remember the good ol’ days of RACF, ACF-
2, and Top Secret, along with their comparatively simple
access control lists which were manageable in groups,
function, or location.

In the early days, security vendors chose from one of two

basic binary defensive implementations: Herman Hollerith’s tabulating
▶ Controls denied permissions to users and had to be explicitly machine, used for the 1890
census.
defined, approved, and set.
▶ All users’ activities were permitted and needed to be explicitly
denied.

Think Windows for Workgroups

But today? Today our security control needs are
3.1.X, Windows 95, and protocol
terrifically complex. We find that, instead of simple binding of the day!
asynchronous connections to manage, we have to
deal with dozens of different real-world operating
environments that are simultaneously in use across
multiple physical and logical locations, with conditions
constantly in flux. See the list on the following page for
some examples.
This list covers only a few of the possibilities!
Complexify the landscape even further by 5! (that’s
five-factorial), given that each of us will have 5+ unique
(and, to a degree, quasi-intelligent) internet devices in
just a few years.

14

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 14 6/20/2018 12:50:31 AM

 50 Years of Security

Common Synchronous Communication Endpoints

Which Can Affect Security

1. Internal staff with access to physically local, logical resources.

2. Internal staff with access to physically remote logical resources
across dedicated internal networks.
3. Internal staff with access to physically remote logical resources
across external public switched networks.
4. Internal staff with access control to remote logical resources
across external public switched networks.
5. Internal staff bringing remote data and information into the
internal networks.
6. Internal staff publishing to remote logical resources.
7. Internal staff removing internal electronic resources and sending
them to remote locations.
8. External staff requiring access to some, but not all, internal
network resources across public switched networks.
9. External staff accessing remote resources.
10. Internal and external staff with access control to remote logical
resources across external public switched networks.
11. External traveling staff requiring access to some, but not all,
internal network resources.
COMMUNICATIONS
12. Business partners requiring access to some, but not all, internal
1 to 1: Fairly easy to secure. network resources.
1 to Many: Radio, TV, social 13. Customers requiring access to some, but not all, internal network
media, blogs, websites. The only resources.
security is identity management
at the source. You want everyone 14. Customers requiring access to all public company publications,
to read/see/hear everything. but not any internal resources.
Many to Many: Facility first, 15. Potential customers requiring access to all public company
security second (or maybe last). publications, but not any internal resources.
We will revisit Many to Many in
Chapter 8 (see “Fully Connected 16. Anything mobile.
Networks”), as a view to solving 17. IoT ++++++++
DDoS.

15

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 15 6/20/2018 12:50:31 AM

 50 Years of Security

Today, real-world security

implementation must be
symmetrical in nature.

Security must be implemented in two directions for

each and every electronic nexus (and that includes the
Internet of Things): the information going both in and
out of the organization, the people accessing each of
the multiple possible endpoints, moving information
both in and out of each nexus, the myriad combinations
thereof… my math skills hit a roadblock.
So, how do we install Fortress Mentality security
mechanisms and models to reflect the business needs
of symmetric processing?

Aha! Therein is the conundrum.

The history of computer security has shown us why and

how Fortress Mentality has failed rather than succeeded.

16

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 16 6/20/2018 12:50:32 AM

 50 Years of Security

PROFILE OF A
SECURITY MODEL
Computer and network security, internet
safety, and privacy concerns have become
mainstream.
We live in a world where global cyberterrorism,
information dominance, nation-state cyberwar,
massive industrial espionage operations, perception
management, fake news, and a creeping global
surveillance society that strips individual privacy daily,
are the new realities.
Cybersecurity is a global meme, from the data center
to the smart phone, the power grid, SCADA/ICS systems,
your autonomous car, intelligent refrigerator, and WiFi-
enabled light bulbs that somehow communicate with
the National Weather Service. (Oh, boy. The internet of
things. So cool.)
Our jobs are clear.
All we have to do is make these new consumer and
prosumer devices secure. All we have to do is make
websites secure. All we have to do is keep the comm-
lines and network connections secure. All we have to do
is create a seamless, proof-positive identity management
system that works everywhere, all of the time. All we
have to do is…
I have asked many professionals over the years, in
both public and private fora:
How well do security products and services really
provide protection for untold trillions of dollars in
intellectual property value, personal privacy, and

17

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 17 6/20/2018 12:50:32 AM

 50 Years of Security

economic and physical national security? How many

hundreds of millions of people have had their privacy
and security violated through massive global data
breaches? ID Theft and privacy violations
I am not saying that any particular manufacturer of are known as Class I Information
Warfare.
security products is derelict, or that they produce bad
products. I mean to urge us to reconsider the overall
approach we take with information and network
security, as a professional industry endowed with
the responsibility to keep much of humanity and its
machinery running in smooth order.
We need models to achieve our goals. We need tools
to do our jobs. We need these tools and models to
protect our corporate assets, networks and enterprises,
and personal privacy. We require strong models and
products and services to protect the interdependent
critical infrastructures: transportation, finance,
communications, and power. The military, intelligence
community, and governments (federal, state, and local)
also require answers, tools, and modern approaches, to
adequately protect their resources; for national security,
public services, and day-to-day operations.
I hope that my thoughts on Analogue Network
Security will offer a few practical abstractions and
architectural concepts that can be built upon. In the
I use 1952 as the start of the
search for strategic (versus tactical, read: vendor modern computing world. Why?
products) approaches to information and network Because that’s the year IBM
security, I suggest we look for some basic, useful introduced the first commercial
characteristics that more than six decades of computing vacuum tube mainframe, the 700
series.
have taught us:

SIMPLICITY. Should be conceptually simple and offer utility to

developers, vendors, consultants, integrators, the customers, and all
vested stakeholders.

UTILITY. Should have minimal interference in network operations Think MLS (Multi-Level Security) of
or the ability of administration, management, and users to do the 1980s.
their job. Some security models have negatively affected network
efficiency and user productivity.

18

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 18 6/20/2018 12:50:33 AM

 50 Years of Security

SCALABLE. Should offer security from the smallest network,

app(lication), or single control process, to the largest of critical
infrastructures.

Interoperability is Overarching: MEASURABLE. Should be able to measure and quantify the

If we can’t talk to each other effectiveness of security and support security budget decision
about security with a common making and risk.
language, what’s the point?
QUANTIFIABLE. Quantifiable metrics should provide replicable
mathematical tools to measure the integrity of solutions to system
security problems.

PROVABLE. Should use simple, basic mathematics at its core, which

are replicable in disparate environments by non-mathematicians.

SUPPORTS MANAGEMENT. Should offer mechanisms to allow

management to make informed budgetary decisions on information
resource and systems defensive spending and risk.

BRINGS RISK TO THE TABLE. We are security professionals, not

accountants, financiers, or actuarial experts. But, we all need to be
talking to each other with some common lingua franca. To date,
our profession has brought few hard numbers to the analysis and
concepts of security. I hope Analogue Network Security will help.
At DefCon 22, I hosted a small
private event in a friend’s suite. ADDS VALUE. Of course, the security model must offer something
There was no location given on new to the practitioner, and something of value over, or different
the 2,000 invitations - folks had
from, current approaches. Based upon the reactions of people I have
to figure that out on their own.
About 30 showed up and for 4
spoken with over the years, Analogue Network Security has a chance
hours, we sat around a massive of helping.
dining table discussing the
principles of Analogue Network
Security. Over the last decade, I
made refinements in this manner,
in several cities around the world.

So, based upon all this... what do we know

about network security?

19

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 19 6/20/2018 12:50:33 AM

 Credit: Arte Fora do Museu (Conjunto Nacional, David Libeskind) [CC BY 2.0
(https://creativecommons.org/licenses/by/2.0)], via Wikimedia Commons
50 Years of Security

SYNERGY
“Synergy means the behavior of whole systems
unpredicted by the behavior of their parts taken
separately.” (Buckminster Fuller)

▶ 1 + 1 > 2, but how much greater?

▶ Combining an explosive metal and a poisonous gas unpredictably produces a harmless

white powder: sodium chloride, NaCl, or table salt.

▶ Iron, chromium, and nickel have tensile strengths of 60,000, 70,000, and 80,000 PSI
respectively and yet, combine to create an alloy with 350,000 PSI. This far exceeds the
strength of its weakest link, but counter-intuitively and unpredictably even outperforms
the sum of its components’ tensile capabilities.

▶ Digital + Analogue (hybrid) network security? Let’s see what happens!

20

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 20 6/20/2018 12:50:36 AM

 50 Years of Security

LESSONS
LEARNED
In the U.S. alone, over the last half century or so,
we’ve collectively spent endless trillions of dollars on
impressive, often mind-boggling technology. Globally?
An IT-load more.
During the same period, we have invested hundreds
of billions of dollars on cybersecurity. That’s a mere
fraction of IT spending. A trillion or more dollars
spent on constructing security products and deploying
systems – some secret, some not-so-secret – and what
do we have to show for it? We’ve tried to build the virtual
walls around our computer systems higher and higher.
We’ve tried to make our systems impenetrable. We’ve
tried to adapt Fortress Mentality and Risk Avoidance in
a symmetrical world.

1. The internet is not a friend of security.

2. Networks blew security all to hell.

3. Vendors do not, and cannot, guarantee their products.

4. There is no such thing as 100% security.

5. As a species, we humans are not smart enough to build a

security system that is impenetrable. The two mutually
exclusive goals of protection and open access sit at opposite
ends of the spectrum.

6. We are not smart enough to build a secure distributed system

that will both keep the bad guys out, and let the good guys in.

21

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 21 6/20/2018 12:50:37 AM

 50 Years of Security

7. Based upon our collective experience, if we were smart enough

to build an impenetrable security system, it wouldn’t be
particularly useful or functional.

8. If we were smart enough to build one, we couldn’t afford it.

9. Fortress Mentality and its offspring, Static Defense-in-Depth,

are merely speed bumps in the road to strong attackers.

10. Computer security is extremely difficult.

Trillions later, and it’s still broken. Based upon those

experiences, I come to the following conclusions:

The old approaches to computer security

need to be put aside for bit.
Don’t ignore them. Don’t throw them out.

I will be arguing that an abstract strategic approach

to synergetic digital and analogue network security
thinking will bring us unpredictable results.
Let’s take a trip to Warsaw, Poland, in 1995. That’s
where, I recognize in hindsight, my foray into Analogue
Network Security began.

Please Visit Amazon.Com to get the full hard copy

version.

Thanks!

Winn
After being 97% razed, Warsaw
was essentially rebuilt from the
ground up after WWII.

22

1-ANS_50YearsOfSecurity_2018-06-18_K-FINA.indd 22 6/20/2018 12:50:37 AM

 This is the End!

OK. That’s the end of the book. Thanks for reading it.
My wife says this ending sucks, but I am done. I
really didn’t want to do a long summation of what
I wrote… that’s for you and we as a community to
talk about, and see how much of Analogue Network
Security can be effectively used to meet our needs.
Visit AnalogueNetworkSecurity.com to join
the discussion!

Bibliography

I often get asked what books I read. As it turns out, I don’t read much network security
stuff. I read lots of other things, -- yes, some weird stuff -- that spurs thinking in non-linear,
non-(counter)-intuitive and unpredictable ways. The rationale: I am not interested in “the next
generation” of security hardware/software-stuff, which is just New and Improved Detergent.
Faster. Smaller. Smarter. I like outlier thinking and seek it out.
You can find a sampling of what I think was well worth the read at WinnSchwartau.com.

A LITTLE ABOUT WINN

▶ Founder of The Security Awareness ▶ Voted one of the Top 5 Security Thinkers by
Company (and Interpact, Inc.) -- SC Magazine.
TheSecurityAwarenessCompany.com ▶ Honored as a “Power Thinker” and one of the
▶ Distinguished Fellow: Ponemon Institute 50 most powerful people by Network World.
2012+ ▶ He coined the term “Electronic Pearl Harbor
▶ Named one of the Top-20 security industry and was the Project Lead of the Manhattan
pioneers by SC Magazine. Cyber Project Information Warfare and
▶ Named one of the Top 25 Most Influential Electronic Civil Defense Team.
People by Security Magazine ▶ Founder of InfowarCon

362

9-ANS_Epilogues_2018-06-19_K-FINAfromSMS.indd 362 6/20/2018 1:27:49 AM

 BOOKS BOOK CONTRIBUTIONS AND SHORT STORIES
(find downloads on my site) (articles and white papers are on my site)

▶ Terminal Compromise ▶ The Toaster Rebellion of ’08

(1991) (Basis for Pearl ▶ CyberChrist Meets Lady Luck
Harbor Dot Com/Die ▶ CyberChrist Bites the Big Apple
Hard IV)
▶ Hactivism and CYber-Civil Disobedience
▶ Information Warfare: ▶ CyberWar I (AFCEA Press)
Chaos on the Electronic ▶ CyberWar II (AFCEA Press)
Superhighway (1993/4)
▶ CyberWar III (AFCEA Press)
▶ Information Warfare: ▶ Introduction to Internet Security (DGI/
Revised (1995) MecklerMedia, 1994)
▶ Internet & Internetworking Security
▶ Information Warfare: Handbook (Auerbach, 1995)
2nd Edition (1997) ▶ Ethical Conundra of Information Warfare
(AFCEA Press 1997)
▶ CyberShock
▶ Something Other Than War (AFCEA Press,
(1999/2000)
1998).
▶ Time Based Security ▶ CyberWars: Espionage on the Internet
(1999, Version 1) (Plenum, 1997)
▶ National Security in the Information Age
▶ Time Based Security (Olin Foundation, 1996)
(2000, Version 2)
SAMPLING OF MOVIES & VIDEOS OF NOTE
▶ Internet & Computer
▶ Hackers Are People, Too! (Exec. Prod. 2008)
Ethics for Kids and
Families (2001) ▶ DefCon Documentary (Self 2013)
▶ The History of the Future of InfoSec (2013)
▶ Pearl Harbor Dot Com ▶ Hiring the Unhireable (RSA-TV 2015)
(Die Hard IV) (2001)
▶ How to Make Your Security Awareness
Program - FAIL! (2016)
▶ The Analogue Prism (ACOD 2016)
▶ Applying OODA and Feedback Loops to
Security Processes (RSA-TV 2017)

363

9-ANS_Epilogues_2018-06-19_K-FINAfromSMS.indd 363 6/20/2018 1:27:51 AM

 THIMMK

THANKS!
Thanks to these intrepid souls whom I cajoled into spending their valuable time to
"comment with complete honesty." Your different viewpoints were invaluable. I am
honored to call you friends and colleagues.

Spencer Wilcox; Dennis Groves, MSc; John Johnson, Ph.D.; Eugene Spafford;
Robert Morton, Senior analyst CIA, and PhD student Purdue University; Chris
Roberts aka sidragon, Breaker of All Things; Tim McCreight, MSc CISSP CPP CISA
Dedicated security professional; Dr. Ph(c) Gregory “Junkbond” Carpenter, ing;
Hans Van de Looy/ Storyteller & IT Security Guru at UNICORN Holding B.V.; Edwin
van Andel aka yafsec (grumpy old hacker from Holland); Clarence Chio; Joe Klein;
and the inimitable Dr. Fred Cohen. And to my wife, Sherra, an incredible editor
and partner for forty years. XOXO

9-ANS_Epilogues_2018-06-19_K-FINAfromSMS.indd 366 6/20/2018 1:28:30 AM

 I had a local artist convert my vision of Information Warfare way back in 1989.

9-ANS_Epilogues_2018-06-19_K-FINAfromSMS.indd 365
6/20/2018 1:28:10 AM