Dr. Craig Wright on the ‘perfect’ firewall
“Bitcoin does not need to be perfectly secure.” These are the words of Dr. Craig Wright in a recent Medium post that explores security both in the cryptocurrency space and out. Ultimately, according to Wright, security is a matter of economics and there is no such thing as perfect security.
Security is a function of risk, asserts Wright. It’s important to not pay more for security than what the assert it protects is worth. Paying more than that value is not offering a secure solution (remember, security is about economics).
When Internet security first came around, security companies tried to offer the “perfect secure solution.” That was, at least, how it was billed, but most knew that perfect security didn’t exist. Wright refers to one particular company, Trusted Information Systems (TIS) and its Gauntlet firewall, as an example. The company’s perfect security solution involved disconnecting from the Internet a network that was under attack.
Wright explains, “One of the government departments received threats of a denial of service. They would go to conferences and training where [TIS founder] Marcus [Ranham] presented and taught them the ultimate firewall: a pair of pliers. The problem here was that disconnecting the service greatly disadvantaged many people who used the government site. Think about it now; imagine Google disconnecting from the Internet.”
The department continued to follow the advice of TIS and, when under attack, would disconnect from the Internet. This went on for two weeks, resulting in a number of online payments being stopped until things returned to normal. Fortunately, at that time, not many were accepting online payments, so the inconvenience was limited, but the solution is anything but ideal and doesn’t help to provide a more secure network.
Wright concludes, “Bitcoin does not need to be perfectly secure; there is no such thing. Bitcoin needs to be resilient and available. In seeking the perfect, we destroy any hope of achieving something that can be great. Such is the problem with [Bitcoin] Core and others, and in seeking perfect anonymity, they create a system that cannot work in the real world. In seeking perfect security, they chase a dream that can never be achieved. As with all things in the world, there is no perfection, only risk.”
To receive the latest CoinGeek.com news, special discounts on CoinGeek Conferences and other inside information direct to your inbox, please sign up for our mailing list.