User: Password:
|
|
Subscribe / Log in / New account

Security quotes of the week

I am regularly asked what is the most surprising thing about the Snowden NSA documents. It's this: the NSA is not made of magic. Its tools are no different from what we have in our world, it's just better-funded. [...]

That, fundamentally, is surprising. If you gave a super-secret Internet exploitation organization $10 billion annually, you'd expect some magic. And my guess is that there is some, around the edges, that has not become public yet. But that we haven't seen any yet is cause for optimism.

Bruce Schneier

This article from Communications of the ACM outlines some of the security measures the NSA could, and should, have had in place to stop someone like Snowden. Mostly obvious stuff, although I'm not sure it would have been effective against such a skilled and tenacious leaker. What's missing is the one thing that would have worked: have fewer secrets.
Bruce Schneier (again)

Does damaging public information become private simply by virtue of the passage of time? How stale does information have to be to be considered “irrelevant or no longer relevant”? And what is the standard for measuring relevance? Relevant to what, to whom, or for what purpose? I can only imagine how the cottage industry of online reputation management will grow in the face of this expanding “right to be forgotten.” Search intermediaries will be more than ever curators of the content they index, which is a development that I, as a consumer of information and a user of search, don’t welcome.
Annemarie Bridy
(Log in to post comments)

Security quotes of the week

Posted May 22, 2014 15:48 UTC (Thu) by tialaramex (subscriber, #21167) [Link]

"If you gave a super-secret Internet exploitation organization $10 billion annually, you'd expect some magic."

I think Bruce was unnecessarily pessimistic here, unless "magic" includes things like small cryptanalytic boosts from tricks yet to be discovered by the mundane world.

Bruce suggests Snowden could have been deterred if there were less secrets to reveal. Well, one very big secret you wouldn't want available for someone like Snowden to steal is a magic backdoor of the kind often imagined by the NSA's more vociferous detractors. The moment a Snowden leaks it, or an independent researcher stumbles onto it, you're in a world of pain. Better to have no such magic than to hoard it and risk it being used against you.

Security quotes of the week

Posted May 23, 2014 7:49 UTC (Fri) by jezuch (subscriber, #52988) [Link]

> Bruce suggests Snowden could have been deterred if there were less secrets to reveal.

No. He suggests that leaks are impossible if there's nothing to leak. "If you have nothing to hide you have nothing to fear" applies just as well to the government - *especially* to the government.

Security quotes of the week

Posted May 22, 2014 17:59 UTC (Thu) by Karellen (subscriber, #67644) [Link]

"What's missing is the one thing that would have worked: have fewer secrets."

Does that mean that Snowden actually works for Setec Astronomy? :-)

Security quotes of the week

Posted May 29, 2014 18:36 UTC (Thu) by ssokolow (guest, #94568) [Link]

We really need more interest in YaCy-like distributed search systems.

If a hardcore Freenet-style P2P network like Perfect Dark can give Japanese authorities such trouble in enforcing the law for content, surely it can help to produce a (nearly) censor-proof search index.


Copyright © 2014, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds