Schneier on Security

Link is broken; needs .html appended.

(Er, the link to the full essay, I mean.)

There was a similarly themed op-ed in the LA Times last July:
http://www.latimes.com/news/opinion/commentary/...

Good piece!

I would suggest however to read "And when those heuristics fail, our feeling of security diverges from the reality of security." as:
And when those heuristics fail - or are deliberately tampered with - our feeling of security diverges from the reality of security.

See for instance "Folk Devils and Moral Panics" of Stanley Cohen or Adam Curtis' documentary "The Power of Nightmares" (http://news.bbc.co.uk/1/hi/programmes/3755686.stm)

Bruce,

I know it's a draft and I am being a bit picky but,

I personaly would avoid using a statment like,

"That screws up avaiability"

In quite a few parts of the world part of the expression will cause offence.

Your last two paragraphs in Representativeness caused me to whince...

In your Base Rate explination you say "even an accurate test" and go on to imply it is not accurate, ie that it can fail and that the rate of failier is significant if not greater than the actual occurance of what it is testing for. The test is either accurate or it is not, otherwise the test has probabilities and confidence levels.

Then when talking about the law of small numbers you use the analagy of a coin toss without stating it is a "fair coin" which in practice does not exist except as an ideal.

Oh and the bibliography, you have numerous duplicates the most obvious is the three mentions of Danial Gilbert's artical in the first page (for obvious reasons a three letter word makes it easy to spot even at a cursory glance).

All of that asside It was a good read, and an interesting starting point, I look forward to reading more in the near future.

The Wired.com link appears to be dead as well.