Shostack + Friends Blog Archive

 

Security In a Changing Nation

Screendiscussion responds to my comments about “Three Privacy Breaches” in Security In a Changing Nation. He sums up his argument as “Why? The reason is that we, as a nation, have become extremely security conscious in the past few years.” I think this is only partially correct. I suspect that this is part of it. Perhaps that consciousness also entails an understanding that no one is perfect? That the attacker only needs to win once? That a cover-up is a worse sin than a mistake?

I suspect its the last bit: We’re coming to see security mistakes as mistakes, that will happen. I think we need to start designing systems with that in mind.