Free/Libre & Open Source Software and When Disclosure Helps Security Peter P. Swire Ohio State University Western Ontario: Free/Libre and Open Source Software.

Slides:



Advertisements
Similar presentations
The Web Wizards Guide to Freeware/Shareware Chapter Six Open Source Software.
Advertisements

Security Market: Incentives for Disclosure of Vulnerabilities Peter P. Swire Ohio State University Houston/Sante Fe Conference June 4, 2005.
A Model for When Disclosure Helps Security: What is Different About Computer & Network Security? Peter P. Swire Ohio State University George Mason CII.
Better Security and Privacy for Home Broadband Peter P. Swire Moritz College of Law The Ohio State University Morrison & Foerster LLP Privacy 2002 Conference.
Elephants and Mice Revisited: Law and Choice of Law on the Internet Professor Peter P. Swire Moritz College of Law Ohio State University Penn Law Review.
Security Through Obscurity: When It Works, When It Doesnt Peter P. Swire The Ohio State University DIMACS, Rutgers January 18, 2007.
From Real-Time Intercepts to Stored Records: Why Encryption Drives the Government to Seek Access to the Cloud Peter Swire Moritz College of Law Ohio State.
What Should be Hidden and Open in Computer Security: Lessons from Deception, the Art of War, Law, and Economic Theory Professor Peter P. Swire George Washington.
Lessons for Biometrics from SSNs & Identity Fraud Peter P. Swire Ohio State University National Academy of Sciences March 15, 2005.
A Model for When Disclosure Helps Security Peter P. Swire Ohio State University Stanford Cybersecurity Conference November 22, 2003.
Transparency and Domestic Regulation Mina Mashayekhi Division on International Trade UNCTAD.
Negotiating Technology License Agreements Tamara Nanayakkara.
Security Through Obscurity: When It Works, When It Doesn’t Peter P. Swire The Ohio State University DIMACS, Rutgers January 18, 2007.
ETHICS AND SOCIAL RESPONSIBILITY IN MARKETING C HAPTER.
Lecture 02. Overview of Lecture 01 Course outline Types of Businesses Types of Business Organizations Formation of Corporations What is MNC and Goals.
INDIA.
Cyber Metrics in the DoD or How Do We Know What We Don’t Know? John S. Bay, Ph.D. Executive Director.
VM: Chapter 5 Guiding Principles for Software Security.
Encryption and Globalization Professor Peter Swire IP Scholars Conference Chicago August 11, 2011.
Strategy in the Global Environment
Copyright © 2008 by Nelson, a division of Thomson Canada Limited ENTREPRENEURSHIP A PROCESS PERSPECTIVE Robert A. Baron Scott A. Shane A. Rebecca Reuber.
Why a Right to Data Portability Likely Reduces Consumer Welfare Professor Peter Swire Ohio State University IP Scholars Conference August 10, 2012.
Lecture 1 - Introduction 1.  Introduction to Game Theory  Basic Game Theory Examples  Strategic Games  More Game Theory Examples  Equilibrium  Mixed.
1 An Overview of Computer Security computer security.
Computers in Society The Computer Industry: Open Source.
Entrepreneurship Intellectual Property: Protecting Your Ideas 11.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
M A N A G E M E N T M A N A G E M E N T 1 st E D I T I O N 1 st E D I T I O N Gulati | Mayo | Nohria Gulati | Mayo | Nohria Chapter 3 Chapter 3 ETHICS.
Slides prepared by Thomas Bishop Chapter 11 Controversies in Trade Policy.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Economic Systems.
Why Cryptosystems Fail Ross Anderson Presented by Su Zhang 1.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Part 4 PowerPoint Presentation by Charlie Cook Copyright © 2003 South-Western College Publishing. All rights reserved. All rights reserved. The Role of.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
1. 2 Learning Objectives To understand: the elements or stages of the strategic management process the different perspectives on strategy development.
Open Source Software An Introduction. The Creation of Software l As you know, programmers create the software that we use l What you may not understand.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
PAPER PRESENTATION: EMPIRICAL ASSESSMENT OF MDE IN INDUSTRY Erik Wang CAS 703.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
Resource-Based and Property Rights Perspectives on Value Creation: The Case of Oil Field Unitization Jongwook Kim and Joseph T. Mahoney Managerial and.
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Transnational Politics Drug trafficking: The power of network analysis.
Chapter 6 Business Torts and Cyber Considerations.
Software Industry Issues Mark Lange Microsoft EMEA March 1, 2005.
1 8 Strategy in the Global Environment. 2 Related Concepts/Theories Theory of comparative advantage – a country is ahead, and all other country’s benefit,
Legitimate Vulnerability Markets By: Jeff Wheeler.
Market Failures. Pop Quiz 1.) List three types of monopolies? 2.) List the 4 types of market structures discussed in class. 3.) There are more monopolies.
Mario Čagalj Sveučilište u Splitu 2014/15. Sigurnost računala i podataka.
A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.
Proprietary vs. Free/Open Source Software
Participation in OS projects: Commercial and Individual motivation.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
Ethical Decision Making , Ethical Theories
The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.
Computer Security By Duncan Hall.
AB209 Small Business Management Unit 3 – Planning the Business and its Products or Services.
High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran.
© PAPERHINT.COM. The word “ethics” is derived from the Greek word ethikos meaning custom or character. © PAPERHINT.COM.
Security Mindset Lesson Introduction Why is cyber security important?
Approaches to Intrusion Detection statistical anomaly detection – threshold – profile based rule-based detection – anomaly – penetration identification.
2  ETHICS IN MARKETING MEANS DELIBERATELY APPLYING STANDARDS OF FAIRNESS OR MORAL RIGHTS AND WRONGS TO MARKETING DECISION MAKING,BEHAVIOUR AND PRACTICE.
Security in Opened versus Closed Systems – The Dance of Boltzmann, Coase and Moore Presented By Chad Frommeyer.
The Individual, The Government, and Mixed Markets Limited Government.
Open Innovation Co-creation of innovation
STRATEGIC DECISION MAKING
Which slows more? Java or C++?
Presentation transcript:

Free/Libre & Open Source Software and When Disclosure Helps Security Peter P. Swire Ohio State University Western Ontario: Free/Libre and Open Source Software as Democratic Principle April 7, 2007

Dueling Slogans Open Source mantra: No Security Through Obscurity Secrecy does not work (or at least we shouldnt depend on it) Secrecy does not work (or at least we shouldnt depend on it) Disclosure is good (virtuous) Disclosure is good (virtuous) Military motto: Loose Lips Sink Ships Secrecy is essential Secrecy is essential Disclosure is bad (treason) Disclosure is bad (treason) Both cant be true at the same time

Overview Three papers complete, at search Swire 1. A model for when each approach is correct -- assumptions for the Open Source & military approaches Key reasons computer & network security often differ from earlier security problems and favor disclosure Key reasons computer & network security often differ from earlier security problems and favor disclosure 2. A Theory of Disclosure for Security & Competitive Reasons: Open Source, Proprietary Software, and Government Agencies Incentives for secrecy & openness to be used, even in Open Source, for both security and competitive reasons Incentives for secrecy & openness to be used, even in Open Source, for both security and competitive reasons 3. Privacy & Information Sharing in the War Against Terrorism All concern when disclosure helps security We can identify where openness most likely to succeed

I. Model for When Disclosure Helps Security Identify chief costs and benefits of disclosure Identify chief costs and benefits of disclosure Effect on attackers Effect on attackers Effect on defenders Effect on defenders Describe scenarios where disclosure of a defense likely to have net benefits or costs Describe scenarios where disclosure of a defense likely to have net benefits or costs Utilitarian in approach Utilitarian in approach Economics & computer security, not law Economics & computer security, not law

Open Source Perspective & Disclosure Helps Defenders Attackers learn little or nothing from public disclosure Attackers learn little or nothing from public disclosure Disclosures prompts designers to improve the defense -- learn of flaws and fix Disclosures prompts designers to improve the defense -- learn of flaws and fix Disclosure prompts other defenders/users of software to patch and fix Disclosure prompts other defenders/users of software to patch and fix Net: Costs of disclosure low. Bens high. Net: Costs of disclosure low. Bens high. [This is not a discussion of proprietary v. FLOSS – focus is on when disclosure improves security] [This is not a discussion of proprietary v. FLOSS – focus is on when disclosure improves security]

Military Base & Disclosure Helps Attackers It is hard for attackers to get close enough to learn the physical defenses It is hard for attackers to get close enough to learn the physical defenses Disclosure teaches the designers little about how to improve the defenses Disclosure teaches the designers little about how to improve the defenses Disclosure prompts little improvement by other defenders. Disclosure prompts little improvement by other defenders. Net: Costs from disclosure high but few benefits. Net: Costs from disclosure high but few benefits.

First Paper: Effects of Disclosure Low Help Attackers High Open Source: No security through obscurity Military/Intel: Loose lips sink ships Help Defenders Low High

Effects of Disclosure -- II Military/Intelligence Public Domain InformationSharing Open Source Low Help Attackers High Help Defenders Low High

Why Computer & Network Systems More Often Benefit From Disclosure Hiddenness & the first-time attack Hiddenness & the first-time attack N = number of attacks N = number of attacks L = learning from attacks L = learning from attacks C = communicate with other attackers C = communicate with other attackers Hiddenness helps for pit or for mine field Hiddenness helps for pit or for mine field Hiddenness works much less well for Hiddenness works much less well for Mass-market software Mass-market software Firewalls Firewalls Encryption algorithms Encryption algorithms

What Is Different for Cyber Attacks? Many attacks Many attacks Each attack is low cost Each attack is low cost Attackers learn from previous attacks Attackers learn from previous attacks This trick got me root access This trick got me root access Attackers communicate about vulnerabilities Attackers communicate about vulnerabilities Because of attackers knowledge, disclosure often helps defenders more than attackers for cyber attacks Because of attackers knowledge, disclosure often helps defenders more than attackers for cyber attacks

III. Incentives to Disclose A Theory of Disclosure for Security & Competitive Reasons: Open Source, Proprietary Software, and Government Agencies A Theory of Disclosure for Security & Competitive Reasons: Open Source, Proprietary Software, and Government Agencies Security reasons to disclose or not Security reasons to disclose or not Competitive reasons to disclose or not Competitive reasons to disclose or not Actual disclosure is a function of both Actual disclosure is a function of both Distinct models needed to analyze security & competitive incentives Distinct models needed to analyze security & competitive incentives

ProducerSecurityCompetition Open Source Ideologically open; Some secret sauce (Case 1) Ideologically open; Apparently high use of trade secrets (Case 2) ProprietarySoftware Monopolist on source code; disclosure based on monopsony and market power (Case 3) Monopolist on source code; disclosure based on how open standards help profits (Case 4) Government Information sharing dilemma (help attackers & defenders); public choice model (Case 5) Turf maximization, e.g., FBI vs. local police for the credit (Case 6)

Case 1: Open Source/Security By ideology, by definition, & under licenses, open source code is viewable by all By ideology, by definition, & under licenses, open source code is viewable by all Based on interviews, secrecy still used: Based on interviews, secrecy still used: For passwords and keys For passwords and keys Stealth firewalls and other hidden features that are not observable from the outside Stealth firewalls and other hidden features that are not observable from the outside Secret sauce such as unusual settings and configurations, to defeat script kiddies Secret sauce such as unusual settings and configurations, to defeat script kiddies In short, rational secrecy is used to foil first-time and unsophisticated attacks In short, rational secrecy is used to foil first-time and unsophisticated attacks

Case 2: Open Source/Competition Interviews with O.S. devotees, they smile and admit that they dont publish their best stuff – whats going on? Interviews with O.S. devotees, they smile and admit that they dont publish their best stuff – whats going on? Stay six months ahead of the curve – a form of trade secrets Stay six months ahead of the curve – a form of trade secrets Users and widgit manufacturers wont want to disclose their internal software activities Users and widgit manufacturers wont want to disclose their internal software activities

Open Source/Competition Services dominate over products in many Open Source business models Services dominate over products in many Open Source business models Systems integrators: We take very valuable OS software, and build it into a suite of services that is event more valuable Systems integrators: We take very valuable OS software, and build it into a suite of services that is event more valuable GPL 2.0 applies to any work distributed or published, but not to services provided by one company GPL 2.0 applies to any work distributed or published, but not to services provided by one company Conclusion: trade secrets used in services have become a key competitive tool Conclusion: trade secrets used in services have become a key competitive tool Consistent with IBM and other major players services activities Consistent with IBM and other major players services activities

Case 2: Open Source/Competition Debate on GPL 3.0 Debate on GPL 3.0 Apparent defeat of earlier proposal to require publishing of code used internally Apparent defeat of earlier proposal to require publishing of code used internally Services companies (including large commercial players) sticking with secrecy of their non-distributed GPL 2.0 software to protect their trade secrets and business models Services companies (including large commercial players) sticking with secrecy of their non-distributed GPL 2.0 software to protect their trade secrets and business models

Case 3: Proprietary/Security Initially, the owner of closed-source software is in a monopoly position about flaws in the software it wrote Initially, the owner of closed-source software is in a monopoly position about flaws in the software it wrote An externality leads to under-disclosure: software company loses reputation and risks liability with disclosure but harm on the 3 rd party user An externality leads to under-disclosure: software company loses reputation and risks liability with disclosure but harm on the 3 rd party user This description was likely more true several years ago, before computer security was so important This description was likely more true several years ago, before computer security was so important Size of externality depends on the degree to which the sellers reputation suffers due to security flaws Size of externality depends on the degree to which the sellers reputation suffers due to security flaws Over time, outside programmers gain expertise, the 1 st party loses its monopoly position in knowledge about vulnerabilities, & reputation effect is greater Over time, outside programmers gain expertise, the 1 st party loses its monopoly position in knowledge about vulnerabilities, & reputation effect is greater

Case 3: Proprietary/Security What pressures force disclosure of vulnerabilities? What pressures force disclosure of vulnerabilities? Large buyers, who have a taste to know the code in their system Large buyers, who have a taste to know the code in their system Especially governments, who can (and do) require disclosure of vulnerabilities (Air Force) Especially governments, who can (and do) require disclosure of vulnerabilities (Air Force) To the extent there is competition based on software security, then disclosure may be profit-maximizing To the extent there is competition based on software security, then disclosure may be profit-maximizing Over time, have seen substantially greater openness about vulnerabilities in proprietary software Over time, have seen substantially greater openness about vulnerabilities in proprietary software

Case 4: Proprietary/Competitive Hidden source code as a trade secret and possible competitive edge Hidden source code as a trade secret and possible competitive edge Countervailing incentive to have at least partly open standards in order to get broad adoption, network effects, & first-mover advantage Countervailing incentive to have at least partly open standards in order to get broad adoption, network effects, & first-mover advantage At least share with developers & joint ventures At least share with developers & joint ventures Complex game theory on when to be open Complex game theory on when to be open

Open Source & Proprietary Greater secrecy in Open Source than usually recognized Greater secrecy in Open Source than usually recognized Secret sauce for security Secret sauce for security Trade secrets in services Trade secrets in services Greater openness in proprietary than usually recognized Greater openness in proprietary than usually recognized Large buyers, governments, reputation Large buyers, governments, reputation Financial gains from at least partly open standards Financial gains from at least partly open standards Convergence of the two approaches when it comes to disclosure? Convergence of the two approaches when it comes to disclosure?

Case 5: Government/Security Summary – incentives for government to disclosure often weak Summary – incentives for government to disclosure often weak Unclear when to do information sharing: Unclear when to do information sharing: Disclosure helps both attackers & defenders Disclosure helps both attackers & defenders 1 st party wants to share only with trusted third parties 1 st party wants to share only with trusted third parties Other 3 rd parties may want/need information to protect their own systems/jurisdictions Other 3 rd parties may want/need information to protect their own systems/jurisdictions Examples such as terrorist watch lists, terrorist modes of attack, alerts based on intelligence Examples such as terrorist watch lists, terrorist modes of attack, alerts based on intelligence

Case 5: Government/Security Not good market mechanisms for disclosure Not good market mechanisms for disclosure Thus a rationale for legal rules Thus a rationale for legal rules FOIA to create transparency, including risks to communities FOIA to create transparency, including risks to communities Executive Orders & congressional mandates to encourage information sharing Executive Orders & congressional mandates to encourage information sharing

Case 6: Government/Competitive Widespread view that law enforcement & intelligence agencies hoard data Widespread view that law enforcement & intelligence agencies hoard data Most famously, the FBI has not shared with locals Most famously, the FBI has not shared with locals Hoarding can protect turf – others cant use it against the 1 st party (the agency) Hoarding can protect turf – others cant use it against the 1 st party (the agency) Hoarding can garner credit with stakeholders – the arrest, the correct intelligence analysis Hoarding can garner credit with stakeholders – the arrest, the correct intelligence analysis Again, FOIA and Information Sharing mandates can seek to counter-act excessive secrecy Again, FOIA and Information Sharing mandates can seek to counter-act excessive secrecy

Implications for FOSS & Government Descriptive project – large zone where have a credible claim for security in Open Source approach to software Descriptive project – large zone where have a credible claim for security in Open Source approach to software Openness much more likely to help security for software than for physical security Openness much more likely to help security for software than for physical security Areas where claim for Open Source security are less strong Areas where claim for Open Source security are less strong Nuclear launch codes – few coders Nuclear launch codes – few coders First-time attacks – secrecy helps First-time attacks – secrecy helps Vulnerabilities that cant be fixed – obscurity may be the best among imperfect strategies Vulnerabilities that cant be fixed – obscurity may be the best among imperfect strategies

Conclusions Goal of describing when disclosure is societally optimal – does it help or hurt security Goal of describing when disclosure is societally optimal – does it help or hurt security Goal of describing incentives, for OS, proprietary, and government Goal of describing incentives, for OS, proprietary, and government I hope you can apply this to your setting, to see when each approach is most likely to achieve security I hope you can apply this to your setting, to see when each approach is most likely to achieve security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.