[Previous entry: "The Great Open Source Unwisdom"] [Next entry: "Interview with Marcus Ranum"]

05/16/2005: "Interview with Bruce Schneier"

This recent interview by ITConversations with Bruce Scheier is full of great quotes and thoughts on security (computer and physical) that everyone involved in such a discussion should be aware of. From the summary:

In his lated book, Beyond Fear, security guru Bruce Schneier goes beyond cryptography and network security to challenge our post-9/11 national security practices. Read or listen to this terrific interview in which Bruce also says what he thinks of the 9/11 hearings and answers questions from listeners regarding spam and biometrics.

Here are some teasers:

• "We're seeing so much nonsense after 9/11, and so many people are saying things about security, about terrorism that just makes no sense."
  
• "Homeland security measures are an enormous waste of money."
  
• "If the goal of security is to protect against yesterday's attacks, we're really good at it."
  
• "The system didn't fail in the way the designers expected."
  
• "Attackers exploit the rarity of failures."
  
• "More people are killed every year by pigs than by sharks, which shows you how good we are at evaluating risk."
  
• "Did you ever wonder why tweezers were confiscated at security checkpoints, but matches and cigarette lighters--actual combustible materials--were not?...If the tweezers lobby had more power, I'm sure they would have been allowed on board as well."
  
• "When the U.S. Government says that security against terrorism is worth curtailing individual civil liberties, it's because the cost of that decision is not borne by those making it."
  
• "...people make bad security trade-offs when they're scared."