Comments

BrowserApril 5, 2007 5:49 PM

The first half of the interview (before the musical interlude) was not new for regular Schneier blog/book readers but the second half did stray into some areas I don't recall hearing from you before.

If my memory is correct, this is the first time you have raised nanotechnology security issues in mainstream media.

Civil Liberty Is Security TooApril 9, 2007 1:18 PM

I just had a chance to listen to the first half, and here's an excerpt starting from around 23 minutes in:

RU Sirius: "If you were in charge of airport security, are there any things that you would implement?"

Bruce: "I think we should ratchet passenger screening down to pre-9/11 levels, I think that was good enough. I like seeing positive bag-matching [...] I think that's a good idea for checked baggage. Reinforcing the cockpit door [...] that's a good thing. Passengers know they have to fight back, that's good."

"I would take all the extra money for airport security and have well-trained guards walking through airports looking for suspicious people. That's what I would do. And the rest of the money I would give back."

"The way to spend money on security, airport security and security in general, is intelligence, investigation, and emergency response. Things that will be effective regardless of what the terrorists are planning. Not things that are only effective if you happen to guess what the terrorists are planning correctly."

RU Sirius: "When you emphasize intelligence, was there any truth to the claims that were made by various intelligence agencies that as a result of the Church committee in the mid-1970s that intelligence people couldn't do things that they should have been able to do to protect us?"

Bruce: "You know, I think that's overstated. When you look at the controls that were put in by the Church Committee they were put in to stop very serious abuses by law enforcement -- by the police, by intelligence, by the NSA, by the CIA -- and they make a lot of sense. If you look at the failures of 9/11, they weren't failures based on the Church Commission restrictions. They were failures based on the own internal politics inside the FBI. So I think that's largely overstated. And I think we're making a mistake by dismantling those protections. I mean, those [in] affect are also security measures. They protect us from abuses by government. Which unfortunately are far more common than terrorist attacks."

[Bruce goes on to emphasize that where things went wrong in preventing 9/11 were failures in the bureacracy, not failures in sharing between intelligence and law enforcement.]

----------

I cherry-picked this part because it hammers home two points that I wish every legislator at all levels was made aware of:

1. Money spent on general-purpose emergency response infrastructure is a huge win.

2. Legal safeguards for civil liberties, like the Church Committee, FISA, the Fourth Amendment, The Posse Comitatus Act, are all about our security every bit as much as the PATRIOT act is. Abuse by the government will always be a bigger actual threat than terrorists.

But does anyone know how well Bruce's comments [about preserving the Church Committee restrictions] square with the 9/11 Commission findings? I seem to remember they wanted to fix "stove-piping" issues, but I don't recall whether they wanted to entirely chuck the Church Commission work.

FormicaArchonisApril 10, 2007 3:08 AM

I know that I'm terribly late in posting this (dialup, big download) but there was one comment I found really interesting - the idea that computer security is getting better, but computers are getting more complex and generating more insecurities by virtue of their complexity, so the net effect is that computer security seems to get worse. Reminds me a bit of the Red Queen's race, where one has to run as fast as they can just to stay in the same place.

http://en.wikipedia.org/wiki/Red_Queen's_race

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..