Saturday, June 08, 2013

We Should Build Secure Software Systems

Once again Bruce Schneier is insightful and provides much more sensible advice than that given by the homeland-security-complex that spends billions to provide massively inconvenient and ineffective security theatre.

It's impossible to build a communications system that allows the FBI surreptitious access but doesn't allow similar access by others.
The FBI wants a new law that will make it easier to wiretap the Internet. Although its claim is that the new law will only maintain the status quo, it's really much worse than that. This law will result in less-secure Internet products and create a foreign industry in more-secure alternatives. It will impose costly burdens on affected companies. It will assist totalitarian governments in spying on their own citizens. And it won't do much to hinder actual criminals and terrorists.
When it comes to security, we have two options: We can build our systems to be as secure as possible from eavesdropping, or we can deliberately weaken their security. We have to choose one or the other.

Related: Governments Shouldn't Prevent Citizens from Having Secure Software Solutions - The last thing you want to do is increase the amount of hay you have to search through - Bad Security on Government Required RFID e-passports

No comments: