Do We Really Need a Security Industry? 297
netbuzz noted that Bruce Schneir's latest column
discusses the security industry where he points out that "The primary reason the IT security industry exists is because IT products and services aren't naturally secure. If computers were already secure against viruses, there wouldn't be any need for antivirus products. If bad network traffic couldn't be used to attack computers, no one would bother buying a firewall. If there were no more buffer overflows, no one would have to buy products to protect against their effects. If the IT products we purchased were secure out of the box, we wouldn't have to spend billions every year making them secure."
"Schneir"? (Score:5, Informative)
At least spell his name correctly: Schneier [schneier.com].
Geese Louise, this is stupid. (Score:3, Informative)
Do we really need locksmiths? If buildings were naturally secure (aka didn't have doors or windows), we wouldn't need locksmiths.
However, people need to get in to and out of buildings, so we need doors. And sometimes we need to control which people are going in to and out of a building. So we need locksmiths.
So, if your IT systems are powered down, unplugged, encased in carbonite, and buried at the bottom of the sea, then the answer is no, you do not need a security industry. Or, at the other end, if all your IT doors and windows are open, and you don't care who comes in and out, then again, you do not really a security industry.
But if you want some people to have access to your computer, but not others. Or you want to control the level of access people have, then yes, you do need a security industry.
Network protocols are NOT secure (Score:1, Informative)
Virri? Where'd that extra R come from? (Score:3, Informative)
From Wikipedia [wikipedia.org], your source for all things accurate.
Virii is not a word (Score:3, Informative)
There are entire wikipedia articles on this issue. What you're doing is wrong, and I've modded you down for being an idiot. The correct plural is "viruses". Start using it. It's in your own best interest, after all. Anyone who knows the most basic amount of real Latin will laugh at you the moment you utter the word.
Re:I have a better question... (Score:3, Informative)
The Analogy is Perfectly Valid (Score:3, Informative)
If people behaved properly, we wouldn't need an entire field of work to clean up after them.
If people coded properly, we wouldn't need security products.
If people obeyed the law, we wouldn't need cops.
In other words, "No kidding, Schneier. Welcome to the real world, where people don't act ln an ideal manner."
You're reading things far too literally (focusing on the details in the difference in security modesl) to get the core message.