A bird's eye view

In the recently held Hack-in-the-Box Security Conference 2008, world-renowned security expert, Bruce Schneier, CTO and founder of BT Counterpane spoke at length on the need to match reality to feeling to enable true security.

  • E-Mail
By  Sathya Ashok Published  May 18, 2008

He gave the example of electricity and how while initially people were scared by what it was and what it could do, with growing use and increasing familiarity feeling and reality mapped together.

"When reality and feeling - and the connected model - overlap things tend to work well. When they are far apart, then we have a problem. In our world, reality is changing constantly and the model is constantly chasing reality," Schneier pointed out.

In this scenario, people tend to look to experts in different fields to evaluate the complexity and to advise them on the right way forward.

Science is one proxy for understanding and dealing with complexity in a technological world. Government regulatory bodies, industry experts and other people doing actual science are also proxies.

"Science is one proxy for understanding and dealing with complexity in a technological world. Religions and oral traditions were sufficient in a more traditional world where things did not change too often and there were smaller communities. Government regulatory bodies, industry experts and other people doing actual science are also proxies," said Schneier.

According to him, there are always possibilities that different models can battle against each other as different parties will present models that are modified for their own benefit.

However the battle goes, these models will have to feed back into feelings, grow familiarity and connect to feelings for long-term security.

"In the long term, you have to fix the model and let that fix the feeling. This can take decades before a security model can be accepted and the more information that you have the more it will be of help," Schneier pointed out.

Schneier's address set the appropriate tone for the rest of the security conference, which addressed hacking technologies and security measures across everything from GSM stacks through to virtualisation.

The second day's keynote was delivered by Jeremiah Grossman, founder and CTO of White Hat Security.

Handling a subject markedly different from Schneier's the day before, Grossman discussed the various reasons for hacks continuing to happen in our world.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code