kdawson from the necessary-security-theater dept.
Stony Stevenson writes "Computer security expert Bruce Schneier took a swipe at a number of sacred cows of security including RFID tags, national ID cards, and public CCTV security cameras in his keynote address to Linux.conf.au (currently being held in Melbourne, Australia). These technologies were all examples of security products tailored to provide the perception of security rather than tackling actual security risks, Schneier said. The discussion of public security — which has always been clouded by emotional decision making — has been railroaded by groups with vested interests such as security vendors and political groups, he claimed. 'For most of my career I would insult "security theater" and "snake oil" for being dumb. In fact, they're not dumb. As security designers we need to address both the feeling and the reality of security. We can't ignore one. It's not enough to make someone secure, that person needs to also realize they've been made secure. If no-one realizes it, no-one's going to buy it,' Schneier said."
"In the face of entropy and nothingness, you kind of have to pretend it's not
there if you want to keep writing good code." -- Karl Lehenbauer