Slashdot Mirror

← Back to Stories (view on slashdot.org)

Freakonomics Q&A With Bruce Schneier

Posted by kdawson on from the thinking-like-an-economist dept.

Samrobb writes "In grand Slashdot tradition, the Freakonomics blog solicited reader questions for a Q&A session with Bruce Schneier. The blog host writes that Mr. Schneier's answers '...are extraordinarily interesting, providing mandatory reading for anyone who uses a computer. He also plainly thinks like an economist: search below for "crime pays" to see his sober assessment of why it's better to earn a living as a security expert than as a computer criminal.'" The interview covers pretty much the whole range of issues Schneier has written about, and he provides links to more detailed writings on many of the questions.

6 of 147 comments (clear)

  1. His comments on terror and cameras were by WillAffleckUW · · Score: 5, Interesting

    I found his comments on terrorism - A. Refuse to be terrorized - and cameras to be fairly well thought out.

    We choose how we live.

    We can live in fear and magnify risks that are, in reality, very minimal, or we can realize they're minimal and stop worrying about them.

    I'd rather live free from fear.

    And the answers about passwords were fairly good. When I was a regional security officer, I came up with similar concepts, based on the real threats that actually existed. When on a public site, with low real risk (e.g. public web, no linked account) it's better to have a common (but hard) password, and save more secure passwords for sites where you have real financial risk instead.

    --
    -- Tigger warning: This post may contain tiggers! --
    1. Re:His comments on terror and cameras were by rindeee · · Score: 5, Insightful

      I couldn't agree with you more. The idea that the correct reaction is overreaction is not only foolish, it's counterproductive and in many cases quite dangerous. This approach has so permeated our society that it has become a part of our psyche and now has made inroads into the military. It is my opinion that 'risk management' and 'force protection' (in their current forms) are ruining the effectiveness of our fighting forces (of which I am one...no arm-chair fighting here). Having recently returned from serving forward in the middle east and working in a mixed environment of special warfare combat forces, the idiocy of that was forced upon us in the name of 'force protection' was nothing short of crippling. Why was it needed? Because, "if you don't abide by force protection rules, someone could be injured or killed". Let me get this straight; We carry guns, explosives, etc. We're trained to use them at night, in the day, in close quarters, over long distances, etc. We signed a piece of paper when we enlisted stating that we understand we might get killed in executing our orders. In light of all of that, there is some 'other' threat, apparently outside of the obvious primary threat during war-time (people shooting at you, IEDs, etc.) that is so much greater than the primary threats that it nullifies our need to counter the primary threats efficiently and effectively. Someone has written a book on this subject from a military prospective. Sadly I cannot recall the name of the book, or the author, as I just happened to pick it up one day at an acquaintances house and peruse it a bit. If anyone knows of the book of which I speak (primary topic being that force protection insanity is ruining the military), please speak up. I'd be forever indebted. Anyway, I digress. The bottom line, fear is counterproductive save for times of fight-or-flight.

  2. The more things change... by linuxwrangler · · Score: 5, Funny

    "...In 1957, fifty years ago, there were fewer than 2,000 computers total, and they were essentially used to crunch numbers. They were huge, expensive, and unreliable; sometimes, they caught on fire..."

    Well, now they are small, inexpensive, and relatively reliable. But at least they still sometimes catch on fire.

    --

    ~~~~~~~
    "You are not remembered for doing what is expected of you." - Atul Chitnis
    1. Re:The more things change... by spun · · Score: 5, Funny

      Well, now they are small, inexpensive, and relatively reliable. But at least they still sometimes catch on fire. That's exactly what I tell my computers when they act up, "Computers still sometimes catch on fire, you know." I keep a charred motherboard hanging on the wall in the server room, just to remind them. Helps keep the buggers running right.
      --
      - None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
  3. But first, make sure you have the Bruce facts by sien · · Score: 5, Funny

    To get the most out of this interview, make sure you have the facts on Bruce Schneier. The man is not what he seems.

  4. Re:strange answer on wireless by someone300 · · Score: 5, Interesting

    I personally use an open wireless network. I trust my open wireless network as much as I trust my ISP and unsecure wired network, and all sensitive data that I throw around internally is securely encrypted or otherwise done through a secure tunnel. If I need to put a password I care about into a HTTP site, and I want to minimize risk, I just use my proxy, which is directly and securely* wired into the switch. Generally, if you have a large wired network, you need to make the assumption that any piece of cable not in a secure room could be spliced and packets logged.

    Of course, considering a large amount of web traffic is HTTP when it should be HTTPS, and certain operating systems expose services onto the network which they probably shouldnt, it's probably a bit irresponsible to suggest that home users leave their stuff unencrypted. Personally, the reason I run an open AP is because open APs have helped me in the past. There's a form of QoS to stop people abusing and give priority to certain computers on my network.

    * Considering it's a house, 'secure' means it's in a locked cupboard ;)