[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

WW: Bruce Schneier on why security can't work

On 3/14/13, Jay Ashworth <jra at baylink.com> wrote:
> http://www.wired.com/opinion/2013/03/security-when-the-bad-guys-have-technology-too-how-do-we-survive/

So what I gather from that:
"Calling terrorism an existential threat is ridiculous in a country
where more people die each month in car crashes than died in the 9/11
terrorist attacks."

And there you have it :)

Security obviously works  thus far,   in the sense, that so far,
government has been preserved -- there is not total chaos, in at least
most of the world,  and people do not doubt if their life or property
will still exist the next day.

There have been incidents, even serious ones, and times when security
failed -- it just means that security is not perfect,   but hardly
anything humans do is perfect;  devices we make fail, accidents

I never saw an article yet about why engineering can't work, or  why
driver safety can't work (driver licensure/speed
limits/seatbelts/traffic signs).    Accidents are inevitable, and
maybe the miscreants are able to take advantage of new faster engine
technology before the police can, but it's not the point :)

Abusing new technology faster doesn't trump the extreme smallness of
the numbers of truly bad actors,  who have irrational thinking,  would
like to end civilization,  and the intersection between those and
those who have a viable method that would work + the right
resources/skill  available,  and a reasonable chance of success....
astronomically small

If in a few decades,  there is a  0.1%    chance per decade of a
script kiddie ending civilization,   I think we've got few reasonable
alternatives but to accept that risk and hope for the best :)

> Three words: "desktop gene sequencing", "ebola", "script kiddies".

Good thing genetic manipulation is highly non-trivial, and  obtaining
ebola samples would require significant legwork while script kiddies
lack motivation, and there are much lazier, less risky/dangerous, more
profitable ways for them to steal.

At least for the forseeable future until financial account theft
becomes a solved problem.

Then they might move to ransomware that threatens to shut down power
grids,  if they dpn't get paid, I suppose...

For the forseeable future;  there's no mechanism for using a computer
to modify a virus to insert spam or  email-cc-details commands
directly into people's brains,  or to infect people's  brains  with
malware to create a human botnet.

At that point,  perhaps in a couple hundred years, one begins to
become concerned   that one of the human botnet  operators,  could end
civilization  by accident.

> -- jra