Cryptography 'Becoming Less Important,' Adi Shamir Says

Trailrunner7 writes "In the current climate of continuous attacks and intrusions by APT crews, government-sponsored groups and others organizations, cryptography is becoming less and less important, one of the fathers of public-key cryptography said Tuesday. Adi Shamir, who helped design the original RSA algorithm, said that security experts should be preparing for a 'post-cryptography' world. 'I definitely believe that cryptography is becoming less important. In effect, even the most secure computer systems in the most isolated locations have been penetrated over the last couple of years by a series of APTs and other advanced attacks,' Shamir said during the Cryptographers' Panel session at the RSA Conference today. 'We should rethink how we protect ourselves. Traditionally we have thought about two lines of defense. The first was to prevent the insertion of the APT with antivirus and other defenses. The second was to detect the activity of the APT once it's there. But recent history has shown us that the APT can survive both of these defenses and operate for several years.""

He put the S in RSA

Without him, it'd just be RA, which isn't even RAD.

The way I do security

I have a PC that I use for all of my financial stuff, record keeping, and other critical data. I don't encrypt the hard drive. I don't even password protect files.

You know how I do security for the PC that handles my most critical data?

It's not plugged into the fucking Internet. That's how.

Re:no

[hairyfeet]

Exactly, its like how a friend of mine was nearly fired because he wouldn't let a PHB have his "files" from his "friend" Melissa, yep the moron was threatening to fire him if he didn't let a worm loose on the network. Lucky for Glenn the guy above the PHB wasn't a retard and actually kept up on current events so he just said "Is he talking about the worm that's going around?" and then gave Glenn a free steak dinner while giving the PHB the riot act for trying to compromise security for an imaginary girl.

At the end of the day you just can't protect from a case of the stupids, you just can't. I was quite proud of having an unbroken record, nothing but happy customers and well running systems,until I finally had to throw a customer out of the shop and threaten to call the cops, why? because this was right after Limewire had been shut down, I told him flat footed "The courts shut Limewire down, it doesn't exist and anything that says its limewire is either worthless or a malware laden fake" so guess what he did? promptly went home, downloaded "the new limewire" and then demanded i fix the machine for free because...shock... it was nothing but a bunch of malware with the limewire logo. When i threw him out the shop he was saying "it says its limewire now you make it work!"

Sadly there is only so much you can do without turning the system into nothing but a locked down, corporate controlled thin client and as long as the user has the right to install you are at the whims of somebody who may be a moron. I learned you do the best you can but at the end of the day stupid is as stupid does.