T.N.S.T.A.A.F.L.

T.N.S.T.A.A.F.L.
- Mr. Churchill (Elementary School)

In fourth grade I had a teacher by the name of Mr. Churchill and for reasons unknown to me, and likely him, the chaotic attractors that governed the firing of the neurons within his brain possessed him to make as a daily manta to out little minds the little quote I've reproduced for you above. What the hell does ``T.N.S.T.A.A.F.L.'' mean you say?

T.N.S.T.A.A.F.L. stands for ``There's no such thing as a free lunch,'' and for reasons unknown to me and unknown to Mr. Churchill, I decided to start this section on security with this thought. Why? Well, O.K. I admit it, there is some reason for dreging up this A.F.T.P., acronym from the past.

For most systems security is an afterthought. Code, code, code, code, code, up until the very last second of the very last minute, then

``Oh yeah, this thing's supposed to be secure Bob.''
``Yeah, Fred, what'd ya' say we do?''
``'dunno. Why don't we add a password er somethin' to login?''
``Sounds good...Dat's why they pay you the big bucks.''
``Cool, lets RC it!''

Thinking of just such a situation reminded me of Mr. Churchill in fourth grade and his ``T.N.S.T.A.A.F.L.'' Security is no exception to this rule.

Fred and Bob, who's names have been changed to protect the stupid, thought they could get a fee security lunch, but that just ain't gonna happen'. As Mr. Churchill said, ``T.N.S.T.A.A.F.L.'' Security is no exception. Security can not be an after thought in a system. It must be, from the beginning, in the forefront of a system designer's mind. Security is not something you can slap on a system with a little login screen, the entire system has to be secure from soup to nuts. A system is only as strong as is weakest link.

Ok, now that I've (hoefully) scared you a bit with all that, lets talk a bit about some aspects of security and cryptography.