Slashdot Mirror
Schneier's Keynote At Linux.conf.au
Stony Stevenson writes "Computer security expert Bruce Schneier took a swipe at a number of sacred cows of security including RFID tags, national ID cards, and public CCTV security cameras in his keynote address to Linux.conf.au (currently being held in Melbourne, Australia). These technologies were all examples of security products tailored to provide the perception of security rather than tackling actual security risks, Schneier said. The discussion of public security — which has always been clouded by emotional decision making — has been railroaded by groups with vested interests such as security vendors and political groups, he claimed. 'For most of my career I would insult "security theater" and "snake oil" for being dumb. In fact, they're not dumb. As security designers we need to address both the feeling and the reality of security. We can't ignore one. It's not enough to make someone secure, that person needs to also realize they've been made secure. If no-one realizes it, no-one's going to buy it,' Schneier said."
. . . Bruce has figured out the real money's in security theater, not in security, and he wants a piece of that action.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
"tailored to provide the perception of security rather than tackling actual security risks." Isn't this also the mission statement for the TSA?
"There is nothing more unequal than the equal treatment of unequal people." - Thomas Jefferson
I'm sorry but what does RFID have to do with the "perception of security"? Barcodes don't make me feel safe, why should RFID? As for the latter (cameras). When was the last time you saw security video on the evening news, not to mention all those cellphone video shots. And the middle? Yeah my drivers license makes me feel soo safe.
CCTV almost never captures what you set out to catch. In many organizations, it's a knee-jerk reaction to some kind of incident. ie) Something got pinched, someone received an ass-kicking, etc. Even if you do catch it, you'll never be able to identify/recognize/charge/convict the person based on the video image alone. 4CIF at 30 fps is pretty much as good as it gets right now in most feasible installations. All you'll be able to say is, "Subject is hatless...REPEAT...HATLESS!" (And that's even if he's in the frame). The PTZ will just pan around aimlessly on a tour program, or be pointed at the wrong thing. However, wide-spread deployment of CCTV systems is still not futile; you just usually end up catching something that were never really looking for in the first place. People and vehicular traffic movements, facility useage, or realtime video of an incident in progress that just happens to be going-on in front of the lens. You can establish time frames of entry or exit, or use it to clue-you-in to the right path to finding the real evidence you're looking for. From a security systems perspective, more CCTV is better, but not to mitigate direct and specific threats. Only general ones. Or sometimes you just luck-out and with a good booby shot in the atrium of an office building.
I think that would of been a catchier title...
Around here, they're more like whipping boys. Now, if he'd started in on Linux security...
What do you mean they cut the power? How can they cut the power, man? They're animals!
For many of the same reasons there is no semblance of a secure electronic voting platform on the horizon. The reason is not that such a platform would be difficult to design. The reason is that it would not be profitable.
To be secure it would have to be open. In the case of voting platforms that means every line of code, every encryption algorithm, and all the hardware has to be open, published, and known. Nobody has yet figured out how to make enough money from such a system to outspend Diebold's lobbyists and earn considered from election officials.
"Even if you do catch it, you'll never be able to identify/recognize/charge/convict the person based on the video image alone. 4CIF at 30 fps is pretty much as good as it gets right now in most feasible installations."
I wouldn't say that.(note the date)
As a nerd and geek and long time hacker, it is perfectly clear to me that I've been missing the "theater" aspect of the technology that I love.
Take Linux for instance. I have had varying levels of success getting non-geeks to use it, but what is missing is the warm and fuzzies that make it psychologically comfortable to not be using Windows or a Macintosh.
There are two sides to change of any kind. (1) The actual details of change. (2) The psychological affirmation that it is worth the effort. No matter how valid the argument presented by the first, if it does not provide the second, it will fail.
If we wish to push Linux, we have to create theater around it.
http://linux.conf.au/programme/wednesday
Bruce Schneier expects the Spanish Inquisition.
Just disrupt the deflector shield with a tachyon burst.
This is an argument I have to make with friends when I claim that Bush-Cheney is the most successful administration in US history. I agree with exactly ZERO of what they have done but as far as scaring the shit out of people, robbing us blind, and in general being dicks you cannot argue that they are unsuccessful.
It's all about your frame of reference.
I think of these things as kind of like an electric heater. Most people would argue that an electric heater is one of the most inefficient devices known to mankind. However, when viewed with the proper perspective, it's anything but. Put it this way: an electric heater is basically designed to waste power by transducing electrical energy into heat and spewing it into the immediate environment. A heater does this with virtually no losses. Therefore, an electric heater is almost 100% efficient, as long as there's nothing coming out of it that doesn't qualify as waste.
Which pretty much describes the Bush Administration.
The higher the technology, the sharper that two-edged sword.
There's no point in designing a good security system that provides 'actual' security coz Schneier can hack it with one roundhouse kick to the keyboard.
1. We meddle in other countries' affairs.
2. We tick the locals off.
3. The locals want to kill us.
It's as old as the "an eye for an eye." Are you saying that the oldest legal code in the western tradition is irrational? Are you saying that the Bible is irrational?
Well, maybe they are. But, if they are, then these terrorists are not any more irrational than the people held as saints in world's religions (and I don't mean just Islam), well, perhaps with the exception of Buddhism, but I don't know much about that.
These "perception of security" things are still bad, because they create REAL threats to security, in the name of trying to make people feel more secure.
I will take the reality over a false perception, any day.
This is one of the reasons that one shouldn't use the word "efficiency" with any device that actually turns work into heat. The best thing to an accurately representative "efficiency" would be the ratio of heat output per work, with that of Carnot heat pump at the top and that of electric heater at the bottom.
On the topic of the thread though, I do agree that the Bush administration was/is successful in their own way. They got all the tax cuts that they wanted passed, they got two terms (a traditional marking of a "good" president versus a "bad" president), and, heck, because of the spineless Democrats, they might even get scot-free with the NSA warrantless tapping responsibilities.
I guess this would explain why just about everybody in Canada thinks crime is on the increase, even though the numbers conclusively prove otherwise.
You can't sell security hardware and convince nervous old women to throw away their rights if they know there's a long list of things more important than so-called "security". And a lot of those "nervous old women", by the way, are male, in their 30's, and convinced that everything will be fine if we just forget all that due process nonsense and start trusting the cops to throw the right people in jail.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
"Show us a modern closed encryption algorithm which does not have significant vulnerabilities. "
DES in stream mode.
"Are you saying that the oldest legal code in the western tradition is irrational?"
I think this comes from the Bible (The Old Testament). Its point of origin is known as the Middle East.
I don't know about western traditions - the Gauls or others
I'm trying, but I can't imagine what might qualify as "waste" when all energy output is by definition the desired output. What are the things that you're thinking of that lead you to insert "virtually" and "almost" into the above?
The talk is available for download from http://mirror.linux.org.au/linux.conf.au/2008/Wed/mel8-305.ogg
How we know is more important than what we know.
I don't know about western traditions - the Gauls or others Egh. I was feeling lazy, but here is the Wikipedia page about it. While most people may know it first from the Bible, I think it's the Codex Hammurabi that's often credited for having that written down first.
I am not a lawyer or a law student (so whatever I speak of "tradition of legal code" would be out of my arse), but this is the first written code of law to the west of China (and that's what I mean by "western"; like it or not, the Middle "East" and Muslims had frequent interaction with Europe, at least enough so if you want to divide the world into "East" and "West", they would fall in with "West"), so it must mean *something*.
How true. It's unlikely that 9/11 would succeed again, given the almost 10-to-1 passengers-to-badguys ratio. Even if they're armed, they'll run out of ammo, and a grenade is a threat, not a guarantee of success. I'd rather the TSA start a new campaign along the lines of the title sentence. Maybe make it a little more positive, something like "together, we can do something about it" and encourage individual and group action against threats, rather than treat us all like suspects.
Fat chance of that ever happening, though.
I'm not sure I understand your point. Are you saying that if we had shoved an electric heating element up all the members of the Bush Administration ass's we get better efficiency from them. Or are you saying if we redefine success to mean something more along the lines of abject failure that we'd be seeing more successes from them? Or perhaps both?
Nothing in the world is more dangerous than sincere ignorance and conscientious stupidity.
Yeah, that's why Twofish was one of the 5 finalist algorithms of NIST's AES competition.
And Blowfish is still unbroken after 15 years.
I should be such a crappy cryptographer!
well, he did write Applied Cryptography http://www.amazon.com/Applied-Cryptography-Protocols-Algorithms-Source/dp/0471117099 didn't he? If you are unaware of the importance of that book for the general practice of cryptography, please take a look in the reviews at Amazon. They make much more justice to the book than what I would be able to do here.
And please don't start complaining that book is not "down to earth". Simplifying is a good thing, oversimplifying a complex subject is not.
In other words, he is an expert on publicizing what most serious researches already know about general security flaws and problems.
And the problem with this is what? Given how badly people misunderstand computer security we don't have enough people doing this kind of job.
RFID tags (in certain contexts), national ID cards, and public CCTV security cameras aren't there to provide security at all. The "security theater" they provide is just the spoonful of sugar to make the medicine go down. Their real purpose is control of the population. Implement them well enough, and everywhere anyone goes they are watched (CCTV) and tracked (national ID, RFID). And administratively controlled, as well -- "I'm sorry sir, the computer says your national ID is not valid for interstate travel".
Over the past few years, the police have installed CCTV in 'problem areas',
so they can monitor more locations with fewer staff at night.
(they can then send an on-duty officer to the site of the crime, if that is any use).
Even though the cameras have been installed for night surveillance,
they are now being used during the day to catch people in the act of 'bad parking'.
Because all the police need for that is an 'observation',
not a verbal conversation or even a ticket on the window,
this makes it very easy to write a lot of tickets without
even leaving the comfort of the control room.
(In the meantime, reports of harassment have failed to drop)
"I was in love with a beautiful blonde once, dear. She drove me to drink. It's the one thing I am indebted to her for."
First, every major problem needs a good publicist to expose it properly; this can be a job in and of itself and Bruce does a good job of it.
Second, he runs a company that sells solutions to these problems as well; contract him out to fix them for you and see how he does before you criticize him on that front.
With quite a few best practices, familiar GUI, standard crypto algorithms and proximity aware key exchange.
Check out http://www.cryptograf.com/ for CryptoGraf Messaging software for N Series and E Series mobile phones. There's even a free download.
I generate a "Crypto Profile", which is essentially an RSA 1024 or 2048 bit key.
I exchange "Crypto Contacts", which link x.509 certs with phonebook entries.
I send a message, it gets encrypted using the recipient's public key or Crypto Contact.
I read a message, it decrypts using my private key and check the sender's digital signature embedded in the message.
Caveat, 1 encrypted SMS gets blown up to 4 or 8 SMS packets. This is due to 1 text sms being limited to just 160 characters, so there's encryption and digital signature overhead
I can send text MMS instead, since all the overhead fits into one regular MMS.
The subtlety is that just because something is closed doesn't mean it's less secure. The principle is that its security should not depend on its closure or obscurity.
A device with a secret algorithm, mechanism, or control is in fact more genuinely secure (tautologically) than a device without it, as long as the device's maker is willing to assume that the bad guys know about it, and doesn't rely on its secret nature. Relying on the secrecy for security means they will be more likely to slip up in other areas. It also means that any flaws in their design will be exposed less quickly. Their security will improve less quickly, in other works, but that doesn't say anything about how good it is.
The trouble is that, parasuit nature being what it is, the management types will rely on the secrecy, and even worse, tout all of their secret goo as a selling point. They never realize that the instant you say, "I've got secret protections!", you no longer have secret protections.
sigs, as if you care.
Let me make my point more clear. Imagine a building on fire. Among the people trapped inside it, Scheneier is the guy who keeps running around screaming: "Wee all gonna burn to death!"