Stay Current And Ahead
Home - About » Computer Science - Industry Work - Publications - 2002
Computer Science
Research, Industry Work,
Programming
Community Service
Hillside Group, CHOOSE,
Stanford GSA
The Serious Side
Business School,
Learning Chinese
Humorous Takes
Switzerland, United States,
Software, Fun Photos
Travel Stories
Europe, United States, Asia
  
Living Places
Berlin (+ Gallery), Zürich
Boston, S.F. + Bay Area

Synopsis: Stay current or ahead.

Attacks are ever-changing, and even the patterns in this language may get out of date or constitute bad advice in an ever changing and evolving security and technology context. Thus, no scheme is perfect. However, many times, an attack may not be directed specifically at you or your accounts, but it may be geared towards gaining access to a system in general, and for the attacker, another person's account is as good as yours.

Therefore, stay current with respect to password attacks and what crackers to do gain knowledge. Choose your password scheme to be more difficult to crack than the average. This way you reduce the likelihood that you fall prey to an attack before some other account is cracked. How your password scheme relates to the average depends on your security needs.

To say it with Andy Grove: Only the paranoid survive.

Previous pattern: Security Context

Next pattern: Lay It Open

Contributors: Dirk Riehle, Joe Bergin

Is this pattern really just about being more complicated than usual? The idea of staying ahead of the pack implies an awareness of what's current, in particular about crackers' strategies for breaking passwords and the like. -- EugeneWallingford

Yes, I agree. Do you think this makes this pattern invalid? -- DirkRiehle

Not necessarily. You could broaden the pattern to address both complexity and current technique, which may result in a new pattern downstream. You could create separate patterns to deal with complexity and techniques. Or you could decide to maintain this pattern's focus on complexity, perhaps expanding on it, and simply choose a more representative name. -- EugeneWallingford

Not sure what you mean. I renamed the pattern, but I'm still not happy. The key issue is simply to detract attackers by letting them suspect/have easier prey some place else. -- DirkRiehle

There exists a very old method to hide important information. It was used by wise men to inform others. They used stories, which referred to daily events, but hidden in them was information for the knowledgeable persons. This method was used by the Sufis for instance. Using modern computer technology one could use a large piece of text and put into it the information, which one wants to hide. The algorithm for hiding could be very simple. -- AnonymousContributor
Copyright (©) 2007 Dirk Riehle. Some rights reserved. (Creative Commons License BY-NC-SA.) Original Web Location: http://www.riehle.org