Schneier: Information is our only security weapon
Submitted
by
Stony Stevenson
Stony Stevenson writes "Computer security expert Bruce Schneier took a swipe at a number of sacred cows of security including RFID tags, national ID cards and public CCTV security cameras in his keynote address to Linux.conf.au (currently being held in melbourne, Australia). These technologies were all examples of security products tailored to provide the perception of security rather than tackling actual security risks, Schneier said. The discussion of public security — which has always been clouded by emotional decision making — has been railroaded by groups with vested interests such as security vendors and political groups, he said.
"For most of my career I would insult 'security theatre' and 'snake oil' for being dumb. In fact, they're not dumb. As security designers we need to address both the feeling and the reality of security. We can't ignore one. It's not enough to make someone secure, that person needs to also realise they've been made secure. If no-one realises it, no-one's going to buy it," Schneier said."
"For most of my career I would insult 'security theatre' and 'snake oil' for being dumb. In fact, they're not dumb. As security designers we need to address both the feeling and the reality of security. We can't ignore one. It's not enough to make someone secure, that person needs to also realise they've been made secure. If no-one realises it, no-one's going to buy it," Schneier said."
Schneier: Information is our only security weapon More Login
Schneier: Information is our only security weapon