Posted Jan 31, 2008 11:40 UTC (Thu) by pr1268
Parent article: LCA: Bruce Schneier on the two sides of security
Thank you, Jon, for this article. This article (and the ten-year timeline part 4, above) certainly contribute to me being a satisfied subscription customer. :-)
My own thoughts, comments, and epiphanies below:
- I openly admit to having been loath to run Wireshark due to its well-publicized patch rate. I was unaware that this is actually the result of proactive security (instead of reactive). Assuming this is the case, the Wireshark developers should serve as a model for all application developers working on security-sensitive software.
- My own experiences with SELinux (way back in the FC2 days) was that controlling SELinux on a system was akin to running a nuclear power plant from the control room. So many "dials", "knobs" and "switches" to control, and accidentally throwing one wrong switch could scram the whole system.
- The Transportation Security Agency is the most egregious example of a purely reactionary, horribly-implemented sorry excuse of an ineffective government bureaucracy I've ever seen. Ironically, I'm not sure that the American public even gets any feeling of security with the TSA. I personally don't perceive that I'm any safer (in reality) due to the TSA. But, oh well, taxpayers are willing to fund the feeling of security, and even I can't blame others for these feelings after witnessing the events of 9/11.
Just my $0.02 and change...
to post comments)