It’s fun to name a law after yourself, especially because it encapsulates a simple concept.
No system that exists is impenetrable.
As an attentive reader, you might be asking, “If this idea was so simple, why are you writing an enitre blog post about it?” And to that, I might applaud your wit, because unlike most things, there are no limtations to this theory (cuz it’s a theory).
Let me explain.
The Power of Networking
The Internet is a wild place, a bit of a double-edged sword, it can be a useful tool with lots of wholesome content. On the other side, there are lots of content that are decidedly unwholesome. The gist of it is that it allows a massive amount of computers (servers are coomputers too) to communicate with each other and send information back and forth. The most common use case is loading websites, generally through a secure protocol (HTTPS). Your computer requests some code from another computer, the browser runs the code, and voila, you have got a nice functioning webpage. It’s a lot more complicated than that, but the idea is that another computer can send some malicious code to your computer and your browser will be able to run it.
Yeah, there are some steps that browsers take to protect your laptop, however, it’s impossible to keep a system completely isolated without losing something essential to the app in the process. I don’t mean something like losing a small feature or two (although that could happen), i’m talking things that could (and probably will) make said app unusable, like incredibly slow performance (turtle mode 🐢), or lack of connectivity.
Limitations?
What if we took the network of computers above and we removed all but one computer, isolating that computer (let’s call it Larry, Larry the Lonely Laptop). In practice, this would mean removing the Bluetooth and Wi-Fi devices so that Larry cannot talk with other computers anymore. It would also mean that we are unable to send or recieve any malware, making our computer completelely secure.
Unfortunately for security (and Larry), the last sentence of the previous paragraph is completely false, as people tend to mistake isolation for security. After all, if I am holed up in my own house by myself, I won’t have to go outside and therefore I won’t get sick, and therefore, I won’t die. No, there is always the random chance of a flood taking my house and me along with it.
So no, Lonely Larry is not completely secure, a random person could wreak havoc on it’s software by injecting a USB stick full of malware into poor Larry, or much simpler, one could just physically damage (or steal) the computer and be done with it.
Ok, so?
This doesn’t mean that security is not of importance, it’s the difference between knowing that death is an inevitable part of life, and forgoing food altogether because sooner or later we all die. In summary, no computer system is completely secure.
Comments