Slashdot Mirror
Inside The Twisted Mind of Bruce Schneier
I Don't Believe in Imaginary Property writes "Bruce Schneier has an essay on the mind of security professionals like himself, and why it's something that can't easily be taught. Many people simply don't see security threats or the potential ways in which things can be abused because they don't intend to abuse them. But security pros, even those who don't abuse what they find, have a different way of looking at things. They always try to figure out all the angles or how someone could beat the system. In one of his examples, Bruce talks about how, after buying one of Uncle Milton's Ant Farms, he was enamored with the idea that they would mail a tube of live ants to anyone you asked them to. Schneier's article was inspired by a University of Washington course in which the professor is attempting to teach the 'security mindset.' Students taking the course have been encouraged to post security reviews on a class blog."
You two should be careful about critcizing Bruce Schneier. His fists are tatooed with "Bob" and "Alice" and if you get on his bad side, he'll exchange keys all over your face.
Even if you're not 'Eve'?
Lack of planning on your part does not constitute an emergency on mine.
Most people use passwords. Some people use passphrases. Bruce Schneier uses an epic passpoem, detailing the life and works of seven mythical Norse heroes.
Hashes collide because they're swerving to avoid Bruce Schneier.
And more:
http://geekz.co.uk/schneierfacts/
http://geekz.co.uk/schneierfacts/facts/top
> If I open my wireless network, I know it's open. I can secure the computers
> behind with the knowledge that the wireless system is wide open.
You're thinking like an engineer: "How is this supposed to work?"
Try thinking like an enemy: "How could this be exploited to harm Bruce Schneier?"
The most obvious thing is to get a rental car, drive it through some mud until the plates aren't legible, and sit across the street from the guy's house and use his wireless network for... nefarious purposes. Sending spam via his ISP's mail server? Peer-to-peer child porn? Attacking government networks in a way that's likely to get noticed? So many possibilities.
And sitting across the street in a car for a while is only the really obvious attack. There are much more interesting things that can be done over the long term.
Cut that out, or I will ship you to Norilsk in a box.
I used to know a tester who would always hit control-alt-delete when told to press any key to continue. The company changed the messages to 'press almost any key to continue' after a while. Of course, that then confused real users who wondered which keys they weren't allowed to press...
I am TheRaven on Soylent News
This is actually just really quite obnoxious and not very helpful.
Do you really want a user program hooking into trapping the ctrl-alt-delete sequence? I thought not.
Being pedantic, since the tester appears to be so, "any key" does not imply "any combination of keys", either.
I test by hitting the reset button, after all it can be considered a key too, just not a 'key' on the keyboard...
If I was the company, instead of changing the message, i would have modified the tester's behaviour, perhaps with a hammer if necessary...
Me? I'd have called in the buses, and shipped everyone off property to be safe right away.
And then what happens when the busses drop below 55mph?