Home opinion-and-analysis Open Sauce Security is always a tradeoff: Schneier

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Security is essentially a tradeoff and the main question about it is not whether we are safe or not but whether it is worth it. Simple and to the point. That's the way Bruce Schneier, probably the world's foremost security expert, puts it.


And that is the reason why Schneier enjoys the reputatio he does - because like the few true intellectuals around, he is a fount of wisdom, not just knowledge.

Schneier gave the keynote address on the opening day of the main part of Australia's national Linux conference today; his topic was "Reconceptualising Security", something on which he is eminently qualified to speak.

As usual, he came to the point: "Security is both a feeling and a reality. You can feel secure without actually being secure and you can be secure even though you don't feel secure."

And how does one bridge the gap between people both knowing they are secure and feeling the same way? Once again, it's very basic: information is the only way.

With this as the central tenet of his talk, Schneier set out to illustrate it and did so with simple examples.

He said that within the industry people tended to discount the feeling in favour of the reality but the difference between the two was important. It explained why there was much of what he called "security theatre" that did not work and why so many smart solutions were never implemented.

By security theatre he said he meant the various "snake oil" solutions that addressed feelings and were no good in reality.

Citing the example of the attacks on the World Trade Centre in September 2001, Schneier said that shortly after the incident he had been asked by a journalist how the US could ensure that such an event never recurred.

He said his answer was very short: "Take all the planes out of the sky."

WEBINAR 7th May 11am - WOW 802.11

Learn how Ruckus Redefines High-Speed, High Capacity Wi-Fi with Industry’s First 802.11ac Wave 2 Access Point

THIS IS ONE NOT TO MISS SO REGISTER NOW

DON'T MISS OUT - REGISTER NOW!

FREE - SYDNEY & MELBOURNE BUSINESS INTELLIGENCE EVENTS

The Holy Grail of the Business Intelligence (BI) industry – pervasive deployments and widespread end-user adoption – has remained an illusive dream for years. Until now!

REGISTER & SECURE YOU PLACE / BRING A FRIEND

Melbourne - venue Captain Melville’s CBD 2:30 – 6:00pm, Tuesday 28th April

Sydney - venue Redoak CBD 2:30 – 6:00pm, Thursday 30th April

DON'T MISS OUT - MELBOURNE REGISTER NOW!

DON'T MISS OUT - SYDNEY REGISTER NOW!

FREE WHITEPAPER - RISKS OF MOVING DATABASES TO VMWARE

VMware changed the rules about the server resources required to keep a database responding

It's now more difficult for DBAs to see interaction between the database and server resources

This whitepaper highlights the key differences between performance management between physical and virtual servers, and maps out the five most common trouble spots when moving production databases to VMware

1. Innacurate metrics
2. Dynamic resource allocation
3. No control over Host Resources
4. Limited DBA visibility
5. Mutual ignorance

Don't move your database to VMware before learning about these potential risks, download this FREE Whitepaper now!

DOWNLOAD!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

Connect