Monday, April 12, 2010

Has computer security changed in 15 years?

Matt Blaze wrote After the Afterword.

"Back in 1995, Bruce Schneier asked me to write an 'afterword' for the second edition of Applied Cryptography. Perhaps to his chagrin, I couldn't think of any better way to sum up a book about cryptography than to dismiss what was then a popular delusion about the subject: that it, above all else, held the secret for securing computers."

"Hmm. We've made some progress on #4 and #10, but basically, not much has changed in 15 years. If I had it to do over again, I wouldn't really need to change a word. If I had to tweak it, I might add something about human factors in security, a poorly understood and hugely important subject if ever there was one. Or perhaps I could just repeat #1, the sorry state of software, ten times over. All in all, though, it still holds up pretty well."

No comments: