Friday, April 29, 2011

Bruce Schneier On The Security Mirage

Lately I have been reading the novel Zero Day by Mark Russinovich. Mark's a Technical Fellow at Microsoft Corporation. He also has a PhD in Computer Engineering. I say this to get across the point that he's got real geek cred. The premise of Zero Day is that a black hat computer hacker has unleashed a computer virus that is wreaking havoc on all the computer systems that we have become so dependent on. People are dying, planes are crashing, and basically we're all screwed unless the protagonists can save us. So far, it's a pretty good, suspenseful read. (BTW, I'll have a full review once I finish.)

When I was asked by the publicist if I wanted to review the book, I hesitated. Twenty years in law enforcement has left me with the knowledge that you can die in a bunch of ways. Often times, this knowledge can be a little unnerving. In fact, back in my detective days, I worked a death investigation where a woman had a brain aneurysm. Now this wasn't bad enough to kill her but what it did was to damage her brain enough that her choking reflex didn't work and she choked to death on a wad of chewing gum. That was just a weird way to die.

While I was thinking morbid thoughts about just how screwed we could be in a Zero Day scenario given our dependance on computers I came across this TED Talk from security expert Bruce Schneier. Bruce goes along way towards explaining why the feeling of security and actual security don't always match up.

Bruce's talk did a lot to lessen the feeling of dread that came with the scenario in Mark's book. I may end up having to watch it over again once I finish Zero Day.

No comments:

Post a Comment

I reserve the right to remove defamatory, libelous, inappropriate or otherwise stupid comments. If you are a spammer or are link baiting in the comments, a pox be upon you. The same goes for people trying to sell stuff. Your comment will be deleted without mercy.