September 04, 2002
Great article in The Atlantic on Bruce Schneier and his views on security .
[S]ecurity measures are characterized less by their manner of success than by their manner of failure. All security systems eventually miscarry. But when this happens to the good ones, they stretch and sag before breaking, each component failure leaving the whole as unaffected as possible. Engineers call such failure-tolerant systems "ductile." . . . [W]hen possible, security schemes should be designed to maximize ductility, whereas they often maximize strength.
Many of the things being done in the name of security since September 11, Schneier points out, actually make us less secure — because they break badly.
Note to self: reread Secrets and Lies, Security Engineering, and possibly even The Atlantic.