Schneier on Security

A blog covering security and security technology.

« "Bruce Schneier and the King of the Crabs" | Main | Friday Squid Blogging: Cuttlefish Embryos Can See »

June 13, 2008

Article on Schneier

From The Star in Malaysia.

Posted on June 13, 2008 at 2:41 PM • 10 Comments

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

Comments

Bob • June 13, 2008 4:12 PM

Just FYI, this page won't load in firefox for me.

Error Message:

Content Encoding Error

The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression.

* Please contact the web site owners to inform them of this problem.

Davi Ottenheimer • June 13, 2008 4:21 PM

"no matter what you do to beef up security, it will not be enough"

And yet...

"That’s how crime or threats work, Schneier said, where there are always levels which are deemed acceptable."

In other words, we know that nothing will be enough in an absolute sense, but we can determine a level and call it "acceptable".

I agree.

By the way, it seems that someone decided that your article was acceptable but did not do enough checking...

"Schneider admits that none of the measures are foolproof."

Yeah, just like spelling your name right.

Erik N • June 13, 2008 4:36 PM

@Bob: Works fine in FF3 RC3.

Reader • June 13, 2008 6:49 PM

Hey I read you book, you're already popular Bruce Lee Schneier!

Hairy Dude • June 13, 2008 8:17 PM

@Bob: I got that as well. Ctrl-Shift-R (cache-bypassing reload) seems to fix it.

Zarutian • June 13, 2008 8:46 PM

What about POLA (principle of least authority/access) and object-capabilities (which combine designation and authorization into one thing: an unforgible reference)?

Sure, those arent any magic or siver bullets but never the less they are an start of an solution of making computer security unintrusive and usable.
(Yes, I know it sounds like an oxymoron ;-)

http://www.eros-os.org/essays/capintro.html is an good intro to capabilities.

Also see http://erights.org/ for more about this stuff.

With hope of intersting dialogue.
-Zarutian

ShaolinTiger • June 16, 2008 1:56 AM

Was nice to have you in Malaysia Bruce.

Baylink • June 16, 2008 12:13 PM

Even accounting for the cultural difference, and the language difference, some of those quotes *still* don't sound like you, Bruce. How badly did they mangle your meaning?

CipherChaos • June 17, 2008 2:03 PM

@Bruce Schneier

From the article:
"15. Install an e-mail and file encryptor. Encrypting all your e-mail or your entire hard drive is unrealistic, but some mail is too sensitive to send in the clear. Similarly, some files on your hard drive are too sensitive to leave unencrypted."

Umm... I can't imagine this having come from you, Bruce.

Surely, you'd be one to advocate transparent, full hard-drive encryption (like TrueCrypt or LUKS), right?

Bruce Schneier • June 17, 2008 10:48 PM

@ CipherChaos

The only thing I can think of is that was something I wrote years ago, when it was true.

Post a comment

Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.

Subscribe via Kindle

Blog Menu

Search

Powered by DuckDuckGo

Blog Home Page
100 Latest Comments

Archives by Date

2013 J F M A M
2012 J F M A M J J A S O N D
2011 J F M A M J J A S O N D
2010 J F M A M J J A S O N D
2009 J F M A M J J A S O N D
2008 J F M A M J J A S O N D
2007 J F M A M J J A S O N D
2006 J F M A M J J A S O N D
2005 J F M A M J J A S O N D
2004 J F M A M J J A S O N D