— I've never looked at a fairy tale from this side

rakhirhif8963 · Post by **rakhirhif8963** » Mon Feb 10, 2025 10:42 am

Vladimir Bezmaly | 04/30/2021
The break after the first lesson ended, and Alexey Petrovich continued his lesson with the schoolchildren.

— Let's talk about the basic concepts of information security. Now we will look at the fairy tale about Cinderella. I hope everyone remembers it? How does the fairy tale begin? That's right, with a fake identity. Our Cinderella dreams of getting to the royal ball, but she can't. And who will let her in? After all, she is a simple girl, she doesn't have a beautiful dress or a carriage, and her "relatives" refuse to help — identity has failed. The Fairy Godmother comes to the rescue, making a pumpkin look like a carriage, mice — horses, and rags — dresses. In fact, the fairy creates a fake identity for Cinderella and thus gives her the opportunity to attend the ball unrecognized. And since access to the ball is clearly without invitations (that is, initial authentication is not required), it is clear that you can get there by simply registering at the entrance.

- Tatyana Alekseyevna, you are not alone. Today everyone looks at fairy tales exclusively as fairy tales, but everything is much deeper.

- Oh, how interesting, please continue!

— Let's take a closer look at how exactly the fake identity was made. Remember, the fairy warned that at exactly 12 midnight all the magic would disappear? But why exactly at midnight? Has austria whatsapp data thought about it? But it's simple. Administrators who have ever forgotten to update SSL certificates on a site understand this lesson very well. Just now the certificate was valid, users were calmly viewing your site, and then suddenly — the certificate expired, and browsers start issuing warnings and stubs instead of the site. The site turns into a pumpkin.

Certificates in digital keys for remote access work on approximately the same principle. The certificate is valid for a limited time. And at some point it also becomes invalid, after which the system immediately cuts off the connection (if, of course, this system is designed sensibly). Cinderella is no longer perceived at the ball as "one of our own". Why the Fairy cannot make a more reliable certificate is unclear. Most likely, this can be explained by the lack of direct access to the certification center.

After the ball, Cinderella runs away from the palace, losing the only “real” part of her new identity — the slipper. Here, by the way, it is especially interesting to recall the version of the fairy tale by the Brothers Grimm: in their version, the slipper is lost not by accident, but because after the third ball, the prince smeared the stairs with tar — apparently, precisely in order to get the fugitive’s accessory and use it for the search. In the language of cybersecurity, he used an element of the system to detect a cyber threat. Then, based on the slipper, the prince creates a tool for detecting objects of the “Cinderella” family and begins a global search process, checking the feet of all the young girls.