Electronic Frontier Foundation Pioneer Awards
I’m a 2007 EFF Pioneer Award recipient, as are Yochai Benkler and Cory Doctorow.
Wow.
Page 38 of 43
I’m a 2007 EFF Pioneer Award recipient, as are Yochai Benkler and Cory Doctorow.
Wow.
Specifically, that I’m the 31st most influential person on the Web.
It’s an interesting list, in any case.
Earlier today I spoke at the Linux World Open Solutions Summit. This was a verbal interview that LinuxWorld did for me in advance of my talk, transcribed.
Here’s a short interview I did for Information Week.
On June 10, 2006, I gave a talk at the ACLU New Jersey Membership Conference: “Counterterrorism in America: Security Theater Against Movie-Plot Threats.” Here’s the video.
EDITED TO ADD (2/10): The video is a little over an hour long. You can download the .WMV version directly here. It will play in the cross-platform, GPL VLC media player, but you may need to upgrade to the most recent version (0.8.6).
EDITED TO ADD (2/11): Someone put the video up on Google Video.
I just posted a long essay (pdf available here) on my website, exploring how psychology can help explain the difference between the feeling of security and the reality of security.
We make security trade-offs, large and small, every day. We make them when we decide to lock our doors in the morning, when we choose our driving route, and when we decide whether we’re going to pay for something via check, credit card, or cash. They’re often not the only factor in a decision, but they’re a contributing factor. And most of the time, we don’t even realize, it. We make security trade-offs intuitively. Most decisions are default decisions, and there have been many popular books that explore reaction, intuition, choice, and decision.
These intuitive choices are central to life on this planet. Every living thing makes security trade-offs, mostly as a species—evolving this way instead of that way—but also as individuals. Imagine a rabbit sitting in a field, eating clover. Suddenly, he spies a fox. He’s going to make a security trade-off: should I stay or should I flee? The rabbits that are good at making these trade-offs are going to live to reproduce, while the rabbits that are bad at it are going to get eaten or starve. This means that, as a successful species on the planet, humans should be really good at making security trade-offs.
And yet at the same time we seem hopelessly bad at it. We get it wrong all the time. We exaggerate some risks while minimizing others. We exaggerate some costs while minimizing others. Even simple trade-offs we get wrong, wrong, wrong—again and again. A Vulcan studying human security behavior would shake his head in amazement.
The truth is that we’re not hopelessly bad at making security trade-offs. We are very well adapted to dealing with the security environment endemic to hominids living in small family groups on the highland plains of East Africa. It’s just that the environment in New York in 2006 is different from Kenya circa 100,000 BC. And so our feeling of security diverges from the reality of security, and we get things wrong.
The essay examines particular brain heuristics, how they work and how they fail, in an attempt to explain why our feeling of security so often diverges from reality. I’m giving a talk on the topic at the RSA Conference today at 3:00 PM. Dark Reading posted an article on this, also discussed on Slashdot. CSO Online also has a podcast interview with me on the topic. I expect there’ll be more press coverage this week.
The essay is really still in draft, and I would very much appreciate any and all comments, criticisms, additions, corrections, suggestions for further research, and so on. I think security technology has a lot to learn from psychology, and that I’ve only scratched the surface of the interesting and relevant research—and what it means.
Gary McGraw interviewed me for his Silver Bullet Security Podcast.
There was a profile of me in the St. Paul Pioneer Press on Sunday.
I’m pretty pleased with the article, but this is—by far—my favorite line, about Applied Cryptography:
“The first seven or eight chapters you can read without knowing any math at all,” Walker said. “The second half of the book you can’t export overseas—it’s classified as munitions.”
It’s not true, of course, but it’s a great line.
There’s also this in the Providence Journal.
I was interviewed on the subject of RFID passports.
Sidebar photo of Bruce Schneier by Joe MacInnis.