Bruce Schneier | |||||||||||||||
Schneier on SecurityA blog covering security and security technology. « Anti-Missile Technology on Commercial Aircraft | Main | Friday Squid Blogging: National Geographic Giant Squid Photo » January 18, 2008Another Schneier InterviewPosted on January 18, 2008 at 2:53 PM • 3 Comments To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter. In the interview you say that regulation sells more security products and services, but you imply this is because fear and greed don't work as motivators for security. This seems like a non sequitur since complying with the law is a fear-based rationalization: the fear of prosecution or even the fear of an expensive lawsuit is the underlying motivation. I agree with you that regulation sells more security products and services, but I think it has more to do with the fact that regulation ends up creating a (perhaps ad hoc) set of metrics that can be used to somewhat objectively measure the end result in a language that business people understand: the law. Posted by: Tristam29 at January 19, 2008 11:50 AM Will liability ever settle upon operating systems with security failings that result in actual damages, I wonder, or will the conditions of customer agreements always preclude that possibility? Posted by: Sedgequill at January 19, 2008 7:29 PM Post a comment
Powered by Movable Type. Photo at top by Steve Woit.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT. |
|
Comments