Comments

Fredrik April 29, 2011 3:13 PM

I watched it on TED yesterday, and I kept thinking how well this applies to the current (somewhat panic stricken) debate regarding nuclear power, which is spreading like wildfire throughout Europe. I don’t know about other parts of the world, but I assume it’s similar.

Thanks for sharing, it was an excellent talk!

Kevin Rank April 29, 2011 3:14 PM

I started watching, and can’t wait to finish. I saw it on Facebook earlier this week. Thus far, it is a very good talk. I had the opportunity to listen to you at Boise State last year, and have been following your blog ever since.

Jon April 29, 2011 4:03 PM

Or those talks whose givers have made quiet remarks to the TED staff along the lines of “Wow. Nice computer system you have there. Wouldn’t it be a shame if something happened to it?

Yeah. A terrible terrible shame.”

grinz I’m sure it was an excellent one, and I’ll get to it this evening!

Jon

Andrew April 29, 2011 4:51 PM

Great talk Bruce. There are a couple of things I’d like to get your feedback on. Specifically the Tylenol and baby snatching examples caught my attention. Probabilistically the risks are low of being affected by either event. However, if it happens to you, it only takes once. It’s the same with a plane crash or lottery ticket. Low probability for either, but it’s nearly guaranteed to happen at some point, and someone will lose/gain everything. How should this effect our model of risk and security?

BTW, thanks for the great blog, I really enjoy it. I’d like to see a little more math.

Diego April 29, 2011 5:42 PM

Great talk Bruce! I’ve been following your blog silently for about a year and I love it! You’ve really influenced in how I think about security.

MikeF April 29, 2011 6:19 PM

Andrew says he wants more math. More math??? Jeepers creepers. I can barely follow this thing now.

Besides, to quote my ideal woman, Barbie, “Math is hard.”

It was a good talk though. Hardly any math.

Richard Steven Hack April 29, 2011 6:22 PM

Off topic: The other shoe drops.

Hackers Claim to Have PlayStation Users’ Card Data
http://bits.blogs.nytimes.com/2011/04/28/hackers-claim-to-have-playstation-users-card-data/

Did Sony lie about the card data being encrypted? Or was it stored elsewhere unencrypted?

2.2 million cards – if I’m not mistaken, that’s not the biggest CC theft. But it’s pretty big. The TJ Maxx theft was something like 45 million. The Gonzalez case was 130 million over multiple breaches.

RW April 29, 2011 6:26 PM

A little off topic,
But the PSN network has been down for 10 days now, and no comments here. You’d think a breach of this size would get a mention here.
Any chance Bruce is one of the outside experts helping Sony and can’t comment due to a NDA?

Richard Steven Hack April 29, 2011 6:49 PM

Just watched the talk. Well done, very clear.

As an aside, I’m not even an African tracker and if you took me to New York, I’d probably die in a day. San Francisco isn’t New York! (Although I HAVE been in New York for more than one day, I wasn’t wandering around and it was in the 1970’s.)

OTOH, if I took you to Federal prison…that would be interesting.

Spaceman Spiff April 29, 2011 6:51 PM

Great quote Bruce! “News is something that almost never happens.”

ROFLMAO! Thanks, I needed that!

Richard Steven Hack April 29, 2011 6:51 PM

RW: Bruce is often a little late with comments on major security events. I think he likes to wait until he gets a sense of the overall meaning of the event rather than rush to comment based on possibly inadequate information. Bruce is not a “rush to judgment” kind of guy which is why he’s so valuable to the industry.

alex April 29, 2011 6:58 PM

Bruce, I love your work and read everything you write. But you have got to peel back the arrogance and get a little down to earth humility — such as saying things like “only the good ones”. You are not the second coming. You’re a smart guy who says really smart things. But don’t start believing your own hype.

Paul K. April 29, 2011 8:09 PM

The hospital RFID anecdote got me thinking: do long odds automatically make all mitigations “security theater”, regardless of the stakes to the stakeholders?

A small measure affecting only stakeholders that reduces chances of even highly unlikely events of disproportionate severity (to those stakeholders) seems legitimate to me, not theater (perjorative.)

I purchase insurance against unlikely events of disproportionate severity — is that theater? There are non-linearities in the economics of expected outcome that make it rational to me, not theater.

tommy April 29, 2011 8:37 PM

@ RW:

“But the PSN network has been down for 10 days now, and no comments here.”

Uh, I commented on that three days ago, but received no replies nor posting by Bruce, to my slight disappointment. See

http://www.schneier.com/blog/archives/2011/04/security_risks_7.html#comments

and search for “Sony”.

@ BRUCE: Congratulations! … But is it possible to institute a policy of giving us links to the text of such things, for those of us who prefer to read, or who don’t wish to allow googleapis and some other scripting?

Siderite April 30, 2011 7:05 AM

Great quote with the news that never happens. It is not completely true, though, as a change in state may not happen very often, but one cares if they are affected by one state or the other. Like a declaration of war, it happens rarely, but its effect may last.

Also, you kind of presented a lot of reality about security in a talk about converging reality and feelings 🙂

randi April 30, 2011 12:42 PM

The TED lecture explores a divergence of intuition/feelings, reality, and model in the field of security. In other fields, such as physics, the tool that reduces the influence of intuition and feelings on the construction of model is called “the scientific method”.

Perhaps, in the field of security the scientific method does not dispatch the “theater of security” because suppliers and advocates of security measures are political or business agents not scientists.

rich April 30, 2011 2:13 PM

I saw the Ted speech. I’ve never seen you speak before. I became an instant fan. I’ve been watching video on youtube by you for the past few days. Fascinating stuff and your delivery is very calm and intellectual. Keep up the good work.

FooBarBaz April 30, 2011 8:20 PM

Overall very good.. broke down around 14:00 and picked back up around 18:00. Which is bad because the model discussion is needed.

Will May 1, 2011 3:52 AM

@Fredrik if you must bring up the nuclear debate, perhaps you can say what you think about the whole waste management aspect?

Bruce Schneier May 1, 2011 7:59 AM

“But is it possible to institute a policy of giving us links to the text of such things, for those of us who prefer to read, or who don’t wish to allow googleapis and some other scripting?”

When I know of text links, I include them. I don’t think there is a transcription of this talk anywhere.

Bruce Schneier May 1, 2011 8:02 AM

“There are a couple of things I’d like to get your feedback on. Specifically the Tylenol and baby snatching examples caught my attention. Probabilistically the risks are low of being affected by either event. However, if it happens to you, it only takes once. It’s the same with a plane crash or lottery ticket. Low probability for either, but it’s nearly guaranteed to happen at some point, and someone will lose/gain everything. How should this effect our model of risk and security?”

Dealing with low-probability high-cost events is inherently hard, because a lot of or normal intuition and math doesn’t work very well.

I know I’ve written about it in Beyond Fear. This is the only thing I could find on my blog:

http://www.schneier.com/blog/archives/2009/02/evaluating_risk.html

tommy May 1, 2011 6:02 PM

@ randi:

Thanks for both the link and the search tip. I d/l the transcript and will read thoroughly when time allows.

Also, will file your text-search tip for future reference. (Maybe Bruce will, too? – but I guess we can do it ourselves.)

Thanks again.

BrianSJ May 2, 2011 3:53 AM

Very good talk. Thank you.
On seat belts, and other risks, John Adams is good (apologies if old news)
http://www.john-adams.co.uk/
So, do we have safety theatre as well as security theatre? I haven’t heard the phrase but the answer is yes I fear.
The question I took from your talk was pure confirmation bias but improved by the talk. Who shall guard the modellers? The UK foot and mouth epidemic of a few years ago showed just how dangerous bad models can be. As models get more complex (which is what modellers do), so they become less transparent. Not a good thing.
I fear there was an element of Cartesian logic supremacy in your talk. Feelings are not there to be ‘corrected’. Also, some technological imperative. Just a soupçon.
Human values do not = MEU from PxC. Charles Perrow’s ‘Next Catastrophe’ says we should limit C regardless of cost. Recently he has written we should really reduce P as well (e.g. understanding of earthquake frequencies).

tz May 2, 2011 11:54 AM

Good talk, but models can be wrong or broken. Are heavy metals a threat? In the environment? In toys? In vaccines?
Do you get fat from fat? inactivity? Carbohydrates? HFCS?
Global warming? Is the science correct? Or are the people in lab coats merely the new robed priesthood? That you can’t question them without being a heretic? Or as you said, “A model that we just accept by FAITH, and that’s OK”?
In WW2, cigarettes were called “coffin nails” or “cancer sticks”, so there was no model change, merely the cost of pleasure and popularity. Before smoking was cool. Now smokers are pariahs.

BrianSJ May 3, 2011 3:03 AM

ISO/IEC 15026 Part 2 on Assurance Cases might be relevant to the model element in your talk.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.