←back to thread

I read the federal government’s Zero-Trust Memo so you don’t have to

(www.bastionzero.com)
656 points EthanHeilman | 1 comments | 27 Jan 22 15:06 UTC | HN request time: 0s | source
Show context
fire ◴[27 Jan 22 19:32 UTC] No.30105124[source]
I wonder if the recommendation for context-aware auth also includes broader adoption of Impossible Travel style checks?

For context, Impossible Travel is typically defined as an absolute minimum travel time between two points based on the geographical distance between them, with the points themselves being derived from event-associated IPs via geolocation

The idea is that if a pair of events breaches that minimum travel time by some threshold, it's a sign of credential compromise; It's effective for mitigating active session theft, for example, as any out of region access would violate the aforementioned minimum travel time between locations and produce a detectable anomaly

replies(4): >>30106578 #>>30108423 #>>30112335 #>>30119909 #
1. vel0city ◴[28 Jan 22 20:29 UTC] No.30119909[source]
Geolocation is often unreliable. There's no sure way to go from IP address to accurate location, its all based on guesses on how things got routed previously. My previous home routinely showed up as a different country in many different geoip databases, so for me something like that would have always instant-banned me if I switched from cellular (which a lot of databases places me about 100mi away from my home) to home WiFi that would show a jump of 1,000mi.

Even giant orgs like Google who should be good at this will fail at this. I've had services with their Cloud Armor set to disallow connectivity from non-US connections, and yet connections in the US get flagged as non-US even when a traceroute shows no hops going overseas.