There is a distinct possibility we overlooked it. It is just that little nagging in the back of our head, but still we know better, or do we?
So there I was, wondering why the Powershell script I modified and was using was not working. Why I was getting access denied errors. I went over the script again and again. I tried limiting the scope, hard coding information instead of having to input it, and still that same damn error. The answer was there, I just had to find it…
Yes, this was me recently. I bet you have been in a similar situation though. Can’t quite find that issue. Come on, we are smart, we know our stuff, but still we can’t find the answer. In my case it was I was using the wrong account to run the script. Stupid, simple and maddening. Only took a few days of troubleshooting to realize it. I should have known to double check the simple though, it has been a recurring theme in my life. Looking at a lot of the IT and infosec world, I think we all need to look at this.
I was a teenager back in the 80’s, tired of entering data statements to get the cool graphics on my Commodore 64. Compute’s Gazette had a program in there that would allow me an easier path once I inputted it and loaded it. Turtle graphics and commands, and I was going to get this going except it didn’t work. I checked the hundreds of numbers in all the data lines. Everything was right. I checked all my statements, compared back and forth for weeks, months, years. Still error when ran. The only way I could get it to not error was if I increased the if-then loop by one. That kept hitting me as I had to have messed up the data statements in some way. Five years passed, and I found the extra comma at the end of one of the data statements by total accident. That fixed the issue. A simple typo cause 5 years of troubleshooting off and on. I was bound to learn from this, to check for the simplest things. I would learn from it dammit, at least until I didn’t.
Think about it. Look at phishing, how we treat users, how we treat each other. How many times have you turned and said, “Oh that isn’t something I need to check,” and yet that was the problem. The simple answer. The one thing you didn’t feel the need to do.
I was learning to build and upgrade my own computers in the early to mid 90’s. I had changed out cards in the PC many times, and this was just a new sound card. Put it in, put everything back together, loaded the driver and… nothing. Only the boot beep code of the motherboard’s little speaker. No music, no sound effects, no nothing. Re-seat the card, check to make sure plugs are in solid. Still nothing. Try the old card, and nothing. Try a different slot, nothing. Six months of this, and I went to do some cabling cleanup. Yeah, I found that for 6 months I had the speakers plugged into the microphone jack and the microphone plugged into the speaker jack (the male ends of the plugs were not color coded back then). Switch the two plugs and I tried to make myself deaf from how loud I had the volumes turned up.
So where does this leave us. How many layers of devices do we have to “secure all the things?” What does each thing do? Do we know how to work with each device, piece of software, policy to its fullest extent? Do they even make sense or is it the old, “lets just throw things at it until it sticks,” scenario? How convoluted and complex has it all become, and why? I think for me ti is best summed up in a classic episode of Doctor Who during the Tom Baker era. He went to open a door with a complex electronic lock and pulled out a bobby pin to do it. When asked why he said,” the more complex the system the simpler it is to break with something simple.” Have we all gotten to the point where we have forgotten where we came from? Where we are just outsmarting ourselves? Do we listen to fresh eyes, fresh ideas or just throw them away as a bunch of nonsense? Are we willing to learn how to keep it simple, or have we made it easier for the bad guys to get through because of how overly complex we have made everything? Is our own cleverness our actual real weakness being exploited?