If Bruce Schneierisn’t the best computer security expert in the United States, he’s certainly in the top 10. The current issue of his Crypto-Gram newsletter has completely changed the way I look at and think about security issues. Schneier proposes a simple 5-step analysis that can be used to evaluate any security measure, computer related or not:
- What problem does the security measure solve?
- How well does the security measure solve the problem?
- What other security problems does the measure cause?
- What are the costs of the security measure?
- Given the answers to steps two through four, is the security measure worth the costs?
Using this analysis shines a painfully bright light on the security measures undertaken by the United States government since 11 September 2001 and on those proposed since.
Very highly recommended.
0 responses. Comments closed for this article.