[Home]UnlockedDoors

MeatballWiki | RecentChanges | Random Page | Indices | Categories

GuidePosts delineate physical space (aka territory), but they don't do anything to break up visual space. Instead, to do that, you need to put up walls that people can't see through. However, this is oppressive and it violates OpenProcess, so leave the doors unlocked. This is akin to closing your office door to prevent being disturbed or when conducting an interview. It's not as if you are keeping people out; you are merely suggesting that they don't enter unannounced or sneak a peek.

Let's examine both of those in detail. By erecting a wall, you prevent random intrusions. By providing a doorway, you control the means of entrance. That way, you are aware of who enters or leaves a room, if you choose to be. If someone uncomfortable enters, you can keep quiet. An example online would be on InternetRelayChat channels: when people enter a channel, their presence is announced to everyone.

Similarly, without explicitly entering a channel, one cannot read what is going on on IRC. This is how we avoid random voyeurism. Moreover, there is certain material that people shouldn't or don't want to know. They should make a conscious decision to know that information. In that case, the data is merely hidden until uncovered. An excellent example of this is RotThirteen.

An unlocked door also has the advantage of quickly becoming a locked door if necessary. This quick transition is not possible with a wall or an open space. Network firewalls are often used as unlocked doors until an attack occurs, and a good firewall will lock only what is needed to resist the attack.

We leave our front door unlocked, but there is a pit-bull in the front yard. The idea is, if they can get past the dog, they have sufficient karma to come into the house at any time. This works surprisingly well. I believe that the deterrent aspect is of minimal significance, it is the real threat of injury that makes all the difference. The dog has a very good memory for people, so there is small chance of error. A network implementation might involve DNS hijacking... - PhilEhrens


CategorySoftSecurity

Discussion

MeatballWiki | RecentChanges | Random Page | Indices | Categories
Edit text of this page | View other revisions
Search: