quote:

---

Schneier was not surprised by this demonstration of the impotence of cryptography. Just after the Crypto Wars ended, he had begun writing a follow-up to Applied Cryptography. But this time Schneier, a fluent writer, was blocked—he couldn't make himself extol strong crypto as a security panacea. As Schneier put it in Secrets and Lies, the very different book he eventually did write, he had been portraying cryptography—in his speeches, in his congressional testimony, in Applied Cryptography—as "a kind of magic security dust that [people] could sprinkle over their software and make it secure." It was not. Nothing could be. Humiliatingly, Schneier discovered that, as a friend wrote him, "the world was full of bad security systems designed by people who read Applied Cryptography."

---

Homeland Insecurity

Technophobes note: the piece is not really about cryptography, although it plays a prominent role with what it has to say. Maybe this will strike a chord:

quote:

---

To stop the rampant theft of expensive cars, manufacturers in the 1990s began to make ignitions very difficult to hot-wire. This reduced the likelihood that cars would be stolen from parking lots—but apparently contributed to the sudden appearance of a new and more dangerous crime, carjacking

---

One of my favourite stories about security hubris involves Jaguar. Some years ago they designed a car they touted as theft-proof. As a PR stunt, they invited one of Britain's most renowned break-and-enter / lock-picking thieves, newly released from gaol, to try to steal it. If he succeeded, he could keep the car. What does he do but saunter up to the car and jump straight down onto the front bumper. The shock triggers the airbags and unlocks the doors. He steps inside, and after taking care of the airbags, hotwires the car and drives off. Actually I'm not too sure how he started the car. Perhaps the challenge was only to open the doors. Anyway, that part is accurate.

[ August 14, 2002: Message edited by: rasmus_raven ]