16 April 2011

Schneier on Security: Sharp guy

Bruce Schneier' blog has long been one of my RSS feeds in Safari (I don't use any fancy RSS readers), and now I follow him on Twitter at @Bruce_Schneier. Yesterday he took a little trip down memory lane, as he quoted himself:

Anyone can invent a security system that he himself cannot break. I've said this so often that Cory Doctorow has named it "Schneier's Law": When someone hands you a security system and says, "I believe this is secure," the first thing you have to ask is, "Who the hell are you?" Show me what you've broken to demonstrate that your assertion of the system's security means something.
And that's the point I want to make. It's not that people believe they can create an unbreakable cipher; it's that people create a cipher that they themselves can't break, and then use that as evidence they've created an unbreakable cipher.

Seems to me like this observation could be made in a lot of contexts.
"I am not a <insert profession here>, but I'm smart and I think this, so this must be true."

No comments:

Post a Comment