Security for the world - Bruce Schneier
April 10, 2005
I just got finished listening to a Bruce Schneier interview on a podcast feed I downloaded and he had some interesting if not common sense thoughts on security. He talked about security not in a reactive process but a pro-active process.
For example, bank vaults used to be thin and could be broken down with dynamite, so vault builders created walls that could not be blown up, so the bank robbers then started kidnapping the banks executives and their families so they could open up the vault. Then the vault builders created timed locks so the execs couldn't open it even if they had a gun to their head. So the vault companies were just reacting to what the problems are NOW and not thinking about the next step.
Another example is in south africa where new car theft was rampant so disabling alarms were put in, so what went up? carjacking.. better or worse? worse. There was just a story the other week about a south african man who had a $100K mercedes with fingerprint biometrics so no one could steal it, so what happened? yep, they cut off his finger to try and gain access.. better or worse? WORSE
For example, bank vaults used to be thin and could be broken down with dynamite, so vault builders created walls that could not be blown up, so the bank robbers then started kidnapping the banks executives and their families so they could open up the vault. Then the vault builders created timed locks so the execs couldn't open it even if they had a gun to their head. So the vault companies were just reacting to what the problems are NOW and not thinking about the next step.
Another example is in south africa where new car theft was rampant so disabling alarms were put in, so what went up? carjacking.. better or worse? worse. There was just a story the other week about a south african man who had a $100K mercedes with fingerprint biometrics so no one could steal it, so what happened? yep, they cut off his finger to try and gain access.. better or worse? WORSE