Game Development Community

Ignorance is bliss- Security and software

by Edward Gardner · in General Discussion · 01/15/2005 (7:57 am) · 3 replies

I subscribe to a list called "Cryptogram" as part of my professional need to remain educated on security issues. My day job is information security, so, subscriptions of this nature are to be expected ;)

This was in the most recent newsletter, I am reprinting it without permission, but with credit, as I believe it holds an academic lesson for ANYONE concerned with computers and security

Quote:
Burglars and "Feeling Secure"




This quote is from "Confessions of a Master Jewel Thief," by Bill Mason
(Villard, 2003): "Nothing works more in a thief's favor than people
feeling secure. That's why places that are heavily alarmed and guarded
can sometimes be the easiest targets. The single most important factor
in security -- more than locks, alarms, sensors, or armed guards -- is
attitude. A building protected by nothing more than a cheap combination
lock but inhabited by people who are alert and risk-aware is much safer
than one with the world's most sophisticated alarm system whose tenants
assume they're living in an impregnable fortress."

The author, a burglar, found that luxury condos were an excellent
target. Although they had much more security technology than other
buildings, they were vulnerable because no one believed a thief could
get through the lobby.

The book:
37-0872933> or

The newsletter author is Bruce Schneier, you can subscribe to cryptogram at:

http://www.counterpane.com/crypto-gram.html

There are (sometimes) conflicting lessons to learn here. One, that the appearance of security makes people feel secure, and contributes to the prevention of the casual person not committing and act, which probably increases security of a system slightly.

However, the far greater threat is from those who already intend to commit the act, as they 1) can have the information they need to overcome the window dressing and 2) the people paying attention to the systems are overconfident in their own systems. Which dramatically DECREASES security.

Thoughts on how this applies to game development?
NextNext Thread
PrevPrevious Thread
More from General Discussion


Torque Owner Mark Neff
#1
01/15/2005 (9:05 am)
That actually makes a great tool for a tactical/espionage type game, like the MG series or 007, or maybe a sim corporation game where you have to eliminate competition and keep employees from getting over confident, I would use it as the former probably, what better way to heighten the feel of a game environment than using real life psychology, really.

Torque Owner Edward Gardner
#2
01/15/2005 (9:47 am)
Not really talking about it as game ideas. More as overall software architecture, the actual development we do, not the gameplay.

If you follow. Sorry for being opaque initially ;)

Torque Owner Jak Fearon
#3
01/20/2005 (9:46 am)
I think a lot of developers, myself included, apply this line of thinking to their releases. I spend very little time (and thus money) devising anti-piracy methods, and more time just being alert for problems. It's a pretty common realisation that the more protection you try to place into a software project, the more incentive there is for someone to break into it.

Building in just a little bit of protection (a cheap combination lock) and just being more aware of who your users are, where cracks and warez copies are appearing on the web (they always do, no matter the protection), etc. will generally do the trick. Some people get overly caught up and spend countless time and money in developing "ultra-security", which ultimately goes nowhere. Fast.