[PLUG] Encrypting LPR data

Ronald Chmara ron at Opus1.COM
Thu Apr 7 09:12:45 UTC 2005


On Apr 7, 2005, at 12:03 AM, Keith Lofstrom wrote:
> Any other ideas?  I guess if my physical network is penetrated, I am
> Owned anyway.  Time to upgrade the security alarm ...

Physical? The so-called traditional "physical" layer stopped mattering 
a *long* time ago. Remember the 386?

One word:
Tempest.

Okay, maybe that's a bit short and alarmist, and I should use more 
words.

Let me put it another way:
If your data needs *require* more security, the less your systems emit, 
the better, be it WiFi or simple UTP....

Oh, and since most breaches occur inside, you should monitor their drug 
use, credit records, social life, politics, and sexual history of all 
of your employees, and EMP and de-and-re-magnetize them on every 
entrance and exit from their cages....

As you may (should?) have noted by now, I am postulating an argument of 
extremes. Creating security in a network cannot ever be about making a 
network "totally secure", unless you have unlimited resources and an 
unlimited budget. Since *nobody* has that (and yes, I do mean nobody), 
it becomes a question of balance.

Bops rule (somebody *should* have a prior rule....) of secrecy:
#1: Every secret has a cost, be it in losing, or keeping, the secret.

If you spend 50k guarding something that has a 10K cost, that's, well, 
silly.

Getting back to LPR... if you're worried, run cable! I've seen some 
sites where the CEO is STP to their officers, and where I have guns 
trained on me while I worked. So what.

It's a very simple formula:
Security < Value of secret: Less security
Security > Value of secret: More security

If the LPR data matters enough to protect the things "on the wire", 
it's a done deal.

-Bop




More information about the PLUG mailing list