Monday, March 19, 2007

Rethinking Security

I've recently found myself reconsidering my paradigm on security. The traditional model is to put so many defenses on your house/car/web server/whatever that anyone contemplating breaking in decides the effort and risk is too great . . . and moves on to another target. For example, a would be burglar sneaks into my back yard, triggers the motion light sensor, and runs away when the back yard is suddenly brightly illuminated. He then goes and finds a different house that doesn't have the motion light sensor.

Strangely enough, ever since my house was burglarized last December, that last part of the paradigm has bothered me in a quiet, unsettling way. It smacks of "I'm safe, and screw everyone else."

A superior paradigm should be, I think, a system that responds to efforts to gain illegitimate entry with "proactive pursuit." For example, the same burglar sneaks into my back yard, triggers the motion sensor-- but this time, no bright lights come on to scare away the burglar. Instead, the sensor triggers a security surveillance/remote notification system which records our would be burglar's identity and their illegal activities. Hell, if you wanted to get downright Batman about it, you could design a system that allows the burglar to break into the house, and then locked them in until the police arrived. ;)

Although I made that last suggestion in jest, there are actually some police departments that use "honey pot" cars to catch car thieves. It's not very practical for houses, of course. But computers should be even easier to turn into "proactive pursuit honey pots" than cars. It's just a matter of having the right tools and knowing how to install and configure them.

No comments: