Bruce Schneier
Bruce Schneier
Bruce Schneieris an American cryptographer, computer security and privacy specialist, and writer. He is the author of several books on general security topics, computer security and cryptography...
NationalityAmerican
ProfessionScientist
Date of Birth15 January 1963
CountryUnited States of America
security-systems people world
A colleague once told me that the world was full of bad security systems designed by people who read Applied Cryptography
technology security-systems taught-us
History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did.
security-systems people links
People often represent the weakest link in the security chain and are chronically responsible for the failure of security systems.
choice companies gets happen insecure insurance longer looks losing operating pay percent premium rid sales shoddy start systems version windows
What will happen when the CFO looks at his premium and realizes that it will go down 50 percent if he gets rid of all his insecure Windows operating systems and replaces them with a secure version of Linux? The choice of which operating system to use will no longer be 100 percent technical, ... Microsoft, and other companies with shoddy security, will start losing sales because companies don't want to pay the insurance premiums.
database field system
We don?t have a field in the database system that will say you're an evildoer.
designed mind operating security system
Microsoft's operating system was never designed with security in mind. For Microsoft, security is always an afterthought.
assets breaks cause connection corporate frighten industrial malicious network predators regularly service steal system
But with that connection comes new threats: malicious hackers, criminals, industrial spies. These network predators regularly steal corporate assets and intellectual property, cause service breaks and system failures, sully corporate brands, and frighten customers,
attract dominant extremely operating sloppy system windows
It's the dominant operating system out there, so it's going to attract the attention. On the other hand, Windows has extremely sloppy security,
entity position solve
You have to make the entity in the position to solve the problem, responsible for the problem. Otherwise, it doesn't get solved.
beyond fear security sensibly thinking uncertain
Beyond Fear: Thinking Sensibly About Security in an Uncertain World.
assume bad crazy guys thinking
We'd be crazy to assume that the bad guys aren't thinking of this.
airport bomb care expect football game kinds matter problem restaurant scenarios super terrorists whether
We all think of the movie scenarios - the kinds of things that we would expect to see in a movie plot. Terrorists sneaking a bomb into the Super Bowl, for example. The problem is, terrorists don't care. They don't care whether it's a football game or an airport or a restaurant or a movie theater. It doesn't matter to them.
bad change criminals due force fraud guys move response tactics threat
The real threat is fraud due to impersonation, and the tactics of impersonation will change in response to the defenses. Two-factor authentication will force criminals to modify their tactics, that's all. In the long term, all it does is move the bad guys to a new tactic.
british cards fake id national terrorists
ID can be hijacked, and cards can be faked. All of the 9/11 terrorists had fake IDs, yet they still got on the planes. If the British national ID card can't be faked, it will be the first on the planet.