Thursday, April 21, 2011

"Schneier's Law"

Anyone can invent a security system that he himself cannot break. I've said this so often that Cory Doctorow has named it "Schneier's Law": When someone hands you a security system and says, "I believe this is secure," the first thing you have to ask is, "Who the hell are you?" Show me what you've broken to demonstrate that your assertion of the system's security means something.

Bruce Schneier is such an insightful chap - his blog is required reading if you have any interest in security or crypto; and really that should extend to anyone who is involved in networks. The grain of truth I take from this law is that you have to have to certain level of understanding of a subject to recognise your own ignorance. My dad had an expression "'re not even wrong" - being so far removed from the truth that you're not even on the same field as people who understand the problem (even if they've come to the right or wrong conclusion).

I'm so busy at work at the moment I'm not blogging to much.

No comments: