why would you want to restrict users from anything, unless it’s yours and you dont want people to see it or something?
warn them that bunnies are not good for them. if they ignore you, they’ll suffer the consequences.
just don’t treat them like children.
want to see dancing bunny
create important content
undo dancing bunny
Not a problem, if the dancing bunny wasn’t in the same virtual machine as the important content. Of course the problem then is that people aren’t going to start up a new virtual machine just to see the dancing bunny (because it’s just so much extra hassle when I can just do it right here).
Dancing pig? Pass.
Dancing bunnies? …must…click
Maybe we cannot make the Odds zero. But, we can shrink them substantially. On Average, 114 security layers between an honest user and a Dancing Bunny should reduce the odds of success to only 1 person on the entire Internet.
As a simple model lets take the odds that an honest person would commit a trivial, unaccountable crime at about 17% – See Freakonomics for odds of white-collar honesty with bagels. Take R as .17.
Then, take N as the number of security barrier a user must circumvent in order to get the Dancing Bunny. No for a tiny bit of binomial theorem, ("with many cheerful facts about the square of the hypotenuse.”)
1 = 1**N = ((1-R) + R)**N
Let K be the times the user successfully reaches the Dancing Bunny.
Then, the odds of a Dancing Bunny Install, DBI, are as follows.
DBI = N! / (K! * (N-K)!) * (1-R)(N-K) * RN
Lets assume that even one download of the Dancing Bunny is toxic. K needs to be zero as a goal.
For K=0; DBI = (1-R)**N
Then, N is the number of security barriers that need to be in place to make the odds of Successfully Downloading the Dancing Bunny less than 1 person on the entire Internet. Assume the Internet has 1.7 Billion users that are all honest but otherwise tempted to download the Dancing Bunny.
1 / 1,700,000,000 = (1 - .17)**N
N is approximately, 114, security measures between the honest but tempted user and that Dancing Bunny Install.
To be honest, that is a lot of security steps. But, I think it illustrates that the Dancing Bunny Install problem is impossible. Or in classic Matrix Lines, “while assiduously avoided, it is not without a measure of control.” – the Architect.
A Slightly more realistic level of Dancing Bunny Security Controls:
The model may be imperfect, but it does illustrate the level of thought that needs to be put into the Security Measures that one does put in place.
Half the companies in the USA have 19 or less people in them.
If one Dancing Bunny Install per year is the toxic line of concern, then we need less than 1 in 19 installs of the Dancing Bunny to be successful.
1/19 >= (1-R)**N
N >= 15.8 Security Measures.
In the case of Wrong headed or Even Felony levels of ability and determination to do harm by installing the Dancing Bunny, things get a bit tougher.
Plausible estimate of the Mistake Rates of a Trained Professional, M=0.33%.
Plausible estimate of the Felony Rate per year in the USA, F=0.01%
The good news is that these odds are low enough we have to take into account the possibility that a Professional Blunder or a Felony just may not take place in any single year.
Odds of No Blunder for a 19 Person team, (1-.0033)**19 = 93.9%
Odds of No Felony for a 19 Person team, (1-.0001)**19 = 99.8%
But, In the case of a Blunder or Felony, the security measures to prevent the Install of the Dancing Bunny need to be rather serious.
Professional Blunder:
1/19 >= (1-.0033)**N, N>=890.8 Security Measures needed to prevent the Dancing Bunny Install.
Felony Case:
1/19 >= (1-.0001)**N, N>=29442.9 Security Measures needed to prevent the Dancing Bunny Install.
I was fascinated by the pseudo-conservative fantasy that every individual should be totally free to do what he or she chooses to as long as the individual is willing to suffer the potential consequences. Today’s ‘conservatism’ is more reasonably termed ‘Right Libertarianism’ (yes, there are also several flavors of ‘Left Libertarianism’ as well). The Right Libertarianism takes essentially Ayn Rand’s Objectivist view that each individual should be free to strategize her behavior solely to increase her own perceived best interests - which Rand assures us are measured in units with a dollar sign (the only ‘value’ or morality she advocates). Conservatives ignore (or fail to understand) that, unless you live alone in the deep woods or on an otherwise deserted island, almost everything you do has consequences not only for yourself, but for others, sometimes the entire community or society, as well. You can’t pretend that selfish individualism is the only virtue and that a sense of community is a vice.
If I were to assume any of my job applicants thought like Ole Eichhorn and Alice, I would be a bloody fool to hire them in any position where their work computer is linked into the corporate intranet. If I found any of my employees who believed in that philosophy, I’d have to decide either to move them to a job that does not require interconnectivity or I’d have to replace them faster than a ZagNut bar lasts in the hand of a fat boy.
It is extremely rare to find any computer that, if infected with a sufficiently clever enough virus, won’t continue to spread the infection, either by emailing everybody in the personal or corporate address books copies of the dancing bunny email, or simply infecting common servers which would, in turn pass it along.
Remember that EVERYBODY will encounter a multitude of variations of the dancing bunny link (some fiendishly clever and virtually irresistable) and that even top-tier programmers, let alone the non-technical user community, are going to be snagged at least some times.
The object of security and regulations is not to protect an individual from her own stupidity, carelessness, or lack of perfect knowledge and an ability to invariably make perfectly rational decisions (the latter two being a core tenet of Right Libertarianism, unregulated laissez-faire free markets, and Randian Objectivism), but to protect the rest of the community from having to suffer the consequences of harmful individual actions. In other words, I could care less if a mine owner ignores or violates safety regulations as long as the owner is working the mine alone. But, the minute he hires employees and sends them unknowingly into his unsafe mine, it is no longer a question of the individual’s right to be free of regulations.
If anybody cares to look up the PCL-R 20-question test to diagnose psychopaths (Professor Robert Hare developed this test and it is the gold standard around the world - and is the test used by everybody from psychiatrists to FBI profilers) and compared it question by question with Ayn Rand’s philosophy or the Cato Institute’s multitudinous position papers, you would come to the inescapable conclusion that the radical individualism that is currently worshiped by today’s conservatives is a social and political system that basically elevates psychopathy as the only value set that is politically and ideologically accepted, and requires that the “ultimate free person” is a psychopath (or at least is willing to emulate psychopaths in his behavior).
As a programmer with 35 years of experience (the last 26 as a consultant to Fortune 50 companies architecting, designing and coding mission critical enterprise applications), I feel that we should be considering any and every way to block the potential harm of dancing bunny attacks and all other current exploits, and intently working on finding newer defenses as the black hats continue to find newer exploits.