back to article What Mary, Queen of Scots, can teach today’s cybersec royalty

Mary, Queen of Scots, was a hapless CEO, even by the standards of 1600s Europe. Mother of the first Stuart King of England, James I (and VI of Scotland; let's not go into that), she was herself the first Stuart monarch to lose both throne and head. She wasn't the last. The family had issues. There is much to educate, inform …

  1. Anonymous Coward
    Anonymous Coward

    Rarely observed.

    Understanding risk and reward is the final truth of security engineering ...

    Indeed.

    +1

    ... that, and never working with family.

    Quite so.

    Avoid it like the pest.

    Alas, it is a truth rarely observed even though examples of disaster abound.

    BTW: Very interesting article.

    1. Lil Endian

      Re: Rarely observed.

      ... that, and never working with family.

      Or animals. Unless you're using that newfangled quantum thingy. In that case a cat is allowed, lovingly called Schrödinger of course.

      1. deadlockvictim

        Re: Rarely observed.

        Are you positing that the cat can never be sure if his human is awaiting loyally outside his box until he looks?

        1. Phil O'Sophical Silver badge

          Re: Rarely observed.

          The cat won't care, there will always be a backup human to provide the required food and attention.

          1. captain veg Silver badge

            Re: Rarely observed.

            If you see the cat twice, the code is broken.

            -A.

      2. Alan Brown Silver badge

        Re: Rarely observed.

        or Pixel

  2. Primus Secundus Tertius

    Setting a precedent

    Elizabeth 1 was reluctant to have a monarch, or ex-monarch, executed, as it would set a precedent. The Catholic Church regarded her parents as not married, not by their laws. Therefore she was not a legitimate monarch; she should be replaced by Mary and should be punished. Elizabeth was well aware of all that, as were her ministers Cecil and Walsingham.

    1. Anonymous Coward
      Anonymous Coward

      Re: Setting a precedent

      She lied about signing the execution order - claiming it was a mistake. She was quite prepared to kill whomever to ensure her power.

      Moreover, under the jurisprudence of the time, Mary was Sovreign and therefore Elizabeth could not pass judgement on her or order her exection.

    2. Citizen99

      Re: Setting a precedent

      The Pope,effectively under control by Katharine of Aragon's relatives, had put out a contract in the terms of the day,on Elizabeth. Hence the massive security.

  3. JimmyPage
    Mushroom

    even by the standards of 1600s - FFS

    If that is some sort of misunderstanding about "The sixteenth century" then I suggest the Register sticks to tech. History is most certainly not your forte.

    1. chivo243 Silver badge
      Devil

      Re: even by the standards of 1600s - FFS

      I see your point! I had to re-read the article for the coin to drop... What do they call 20th Century Fox now??

      1. John Brown (no body) Silver badge

        Re: even by the standards of 1600s - FFS

        "What do they call 20th Century Fox now??"

        Disney :-)

  4. trevorde Silver badge

    Obligatory xkcd

    https://xkcd.com/538/

    Relevant 400 yrs ago as it is now

    1. lglethal Silver badge
      Joke

      Re: Obligatory xkcd

      Next you're going to be telling me Mary's password was "Correct Horse Battery Staple"!

      Or was that just part of the cypher she used???

      1. captain veg Silver badge

        Re: Obligatory xkcd

        I'm pretty sure that the words correct, horse, battery and staple would have been known to her; though possibly not corresponding to common modern meanings.

        -A.

  5. Lil Endian
    Thumb Up

    If you're getting nowhere...

    ...you take a punt.

    She should've lobbed a Hail Mary, Shirley?

    -----

    Very good article Mr. Goodwins, thank you.

    1. jmch Silver badge
      Coat

      Re: If you're getting nowhere...

      After fortifying herself with a bloody Mary???

  6. Jan 0 Silver badge

    Ye Olde Register

    Nice one Mr Goodwins. This reads like something from an earlier much loved Register.

    What next, some sublime Monfils photographs of Dabsy?

  7. Jedit Silver badge
    Coat

    "Mary's crypto was weak"

    Got involved in crypto and lost everything due to failing to maintain security? A cautionary tale.

    (Yeah, yeah, for once I'll apologise to the bros as they didn't do anything to merit the jibe. But it was irresistible.)

  8. steelpillow Silver badge
    Black Helicopters

    One more lesson for the p(l)ot

    Mary's adversary Elizabeth has one last lesson to add to the collection, one that every pointy-haired mangler and bean counter especially desperately tries to forget:

    The price of freedom is eternal vigilance

    1. captain veg Silver badge

      Re: One more lesson for the p(l)ot

      > The price of freedom is eternal vigilance

      That's easy to say if you're not the one charged with the vigilancy,

      -A.

  9. doublelayer Silver badge

    One time pads: one more thing

    "Conversely, the poor cipher used to try and hide the content of messages could have been rendered totally uncrackable, even at the time, by one-time pads, which just need dice, paper and pencil."

    They need one more thing: a completely safe communication channel, even if it's later broken. If I make a set of pads and send them to you, and someone copies them in between, then our communications are wide open again. Unless I can hand them to you and both of us never have our pads copied, that system is not uncrackable. Cryptography isn't only dependent on the calculations. It is also, in fact it is more dependent on the pathways the data uses and the trustworthiness of anyone in the position to copy or read the communications. In the modern day, although one-time pads are used, it's usually only one of multiple algorithms used on the same piece of data.

    1. Yet Another Anonymous coward Silver badge

      Re: One time pads: one more thing

      Having grown up in the French court she presumably had access to a means of secret communication unintelligible to the English

      1. captain veg Silver badge

        Re: One time pads: one more thing

        English?

        -A.

      2. John Brown (no body) Silver badge

        Re: One time pads: one more thing

        French, or at least a version of it, was still in use in legal documents up to the 18th century and in common spoken usage at official and aristocracy levels into the 15th century, so no, speaking or writing in French probably wasn't "secure" from the "English" in any way back then.

        1. Yet Another Anonymous coward Silver badge

          Re: One time pads: one more thing

          Assuming she wrote it v...e...r...y s...l...o...w...y in CAPITALS

      3. General Purpose

        Re: One time pads: one more thing

        Heh. But Elizabeth herself spoke French, as well as Latin and Italian. She translated poetry and prose from English to French and vice versa, wrote her own French poetry and letters in Latin and French - including at least one in French to Mary, Queen of Scots herself. She also spoke Spanish but didn't like to, what with her father's first wife being Spanish and the Armada and so on.

        Her spymaster Walsingham had studied in Basel and Padua, been ambassador to France, and must have picked up a few languages too. He probably even understood the weird version of French the English still sometimes used in their laws and courts. There's a story that during the Second World War, English radio operators in south-east Asia, not being equipped with secure encryption, resorted to English schoolboy French on the basis that not even the French would understand that. English legal French was a bit like that.

        1. martinusher Silver badge

          Re: One time pads: one more thing

          If you read literature from pre-WW1 you notice that a knowledge of several languages was assumed to be commonplace among the upper classes. A lot of scientific and technical material was published in German but fortunately for us due to the ascent of the US to global prominence we can get by with just a working knowledge of American (joke here -- but its actually quite different from everyday English).

          1. Anonymous Coward
            Anonymous Coward

            Re: One time pads: one more thing

            If you read literature from pre-WW1 you notice that a knowledge of several languages was assumed to be commonplace among the upper classes. A lot of scientific and technical material was published in German but fortunately for us due to the ascent of the US to global prominence we can get by with just a working knowledge of American (joke here -- but its actually quite different from everyday English).

            Because pre-WW1 you had Britain, plus relatively small colonies using English and everybody else used their own language. French was considered to be the language of choice, largely because of how far the French empire had carried the language.

            Just after WW1 the British empire accounted for 23% of the worlds population, and 24% of the worlds land mass.

            This excluded the 1.8% share of landmass from the USA, and whatever percentage of the world population that was, but probably similar. Everybody learned English because literally a quarter of the globe spoke at least a few words of it and it's still in use for the same reason, not anything much to do with the Americans.

    2. Pete Sdev Bronze badge
      Boffin

      Re: One time pads: one more thing

      Technically, I don't think dice, particularly with the manufacturing tolerances of the time, would be a secure enough source for generating a one time pad. Mind you, they didn't have the technology to break a lfawed OTP AFAIK.

      As well as the problem of securely getting a copy of a pad to each correspondant as mentioned, she'd have needed a different pad for each recipient. The discovery of a pad, quite a possibility given Mary's house-arrest situation, would have blown it.

      They'd have been better off using something like the Solitaire scheme.

    3. Wandee Thaweetham

      Re: One time pads: one more thing

      The only time a completley safe communication channel is required is, if an adversary can rely on the fact that an attack on a cipher relates to a property that in its own right can be measured (plaintext). Remove that property prior encryption and turn it into a random string of data you have P = (M | C) with any m over c a probability.

      The narrative how the OTP has to be operated has been pushed since Shannon published his proof of perfect secrecy for the Vernam system/cipher. However, Shannon's proof might has been rooted in the fact that he wanted to protect his entropy (H) and hence the three axioms he created only apply when using the modus operandi he suggested.

  10. Michael Hoffmann Silver badge
    Unhappy

    Not once...

    ... not even once did you manage to inject something about "chop their noggin' orf" spoken in the voice of Miranda "Queenie" Richardson?!

  11. Tony W

    Tweets

    Also relevant to modern times is that Mary was an early victim of social media: printed sheets posted around Edinburgh.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like