Comments

nostromo April 30, 2007 3:58 AM

A pity that an organization like the BCS would publish a talk in the (proprietary, patent-encumbered) mp3 format, rather than in ogg format, which is technically slightly better, not encumbered by patents, and for which free (as in freedom) player software is available for all platforms.

Jim Phelps April 30, 2007 8:46 AM

I tried to record an mp3, speaking only Bruce Schneier’s Social Security number, and my computer self destructed.

David Baron April 30, 2007 11:36 PM

What you describe (about 33 minutes in) as “annualized loss expectancy” seems to me to be a bad way of determining how much to spend on security. The goal should be spending on security to maximize expected benefit minus cost, not spending to make the total cost equal the total expected benefit (which makes the net benefit zero). Benefit minus cost (which I also called net benefit) is maximized when marginal expected benefit equals marginal cost. (Perhaps “expected benefit” is an odd way to describe “expected loss prevented”, it makes the description apply to more than just security.)

Ed Yates May 14, 2007 5:32 AM

There were some people at the end of this during the questions who were talking about some sort of opensource E-cash thing. Did anyone happen to catch the URL for their effort?

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.