[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

<nettime> Bruce Schneier: Secrets and Lies (fwd)

---------- Forwarded message ----------
Date: Fri, 18 Aug 2000 18:11:22 -0400
From: Felix Stalder <stalder@fis.utoronto.ca>
To: nettime-l@bbs.thing.net
Subject: <nettime> Bruce Schneier: Secrets and Lies

[It is interesting that more and more computer pioneers are reconsidering
their somewhat techno-deterministic views. It seems that, slowly, a new
kind of common sense is emerging: Technology can be a powerfull actor, but
the quality of its action depends on what it interacts with.  Its
qualities are not inherent, rather they are defined with the larger
context in which the particular technology is made to work.]

From: http://www.counterpane.com/sandlpref.html

Secrets and Lies
Bruce Schneier


I have written this book partly to correct a mistake.

Seven years ago I wrote another book: Applied Cryptography. In it I
described a mathematical utopia: algorithms that would keep your deepest
secrets safe for millennia, protocols that could perform the most
fantastical electronic interactions-unregulated gambling, undetectable
authentication, anonymous cash-safely and securely. In my vision
cryptography was the great technological equalizer; anyone with a cheap
(and getting cheaper every year) computer could have the same security as
the largest government. In the second edition of the same book, written
two years later, I went so far as to write: "It is insufficient to protect
ourselves with laws; we need to protect ourselves with mathematics." 

It's just not true. Cryptography can't do any of that. 

It's not that cryptography has gotten weaker since 1994, or that the
things I described in that book are no longer true; it's that cryptography
doesn't exist in a vacuum. 

Cryptography is a branch of mathematics. And like all mathematics, it
involves numbers, equations, and logic. Security, palpable security that
you or I might find useful in our lives, involves people: things people
know, relationships between people, people and how they relate to
machines.  Digital security involves computers: complex, unstable, buggy

Mathematics is perfect; reality is subjective. Mathematics is defined; 
computers are ornery. Mathematics is logical; people are erratic,
capricious, and barely comprehensible. 

The error of Applied Cryptography is that I didn't talk at all about the
context. I talked about cryptography as if it were The AnswerTM. I was
pretty naďve. 

The result wasn't pretty. Readers believed that cryptography was a kind of
magic security dust that they could sprinkle over their software and make
it secure. That they could invoke magic spells like "128-bit key" and
"public-key infrastructure." A colleague once told me that the world was
full of bad security systems designed by people who read Applied

Since writing the book, I have made a living as a cryptography consultant: 
designing and analyzing security systems. To my initial surprise, I found
that the weak points had nothing to do with the mathematics. They were in
the hardware, the software, the networks, and the people. Beautiful pieces
of mathematics were made irrelevant through bad programming, a lousy
operating system, or someone's bad password choice. I learned to look
beyond the cryptography, at the entire system, to find weaknesses. I
started repeating a couple of sentiments you'll find throughout this book: 
"Security is a chain; it's only as secure as the weakest link." "Security
is a process, not a product." 

Any real-world system is a complicated series of interconnections.
Security must permeate the system: its components and connections. And in
this book I argue that modern systems have so many components and
connections-some of them not even known by the systems' designers,
implementers, or users-that insecurities always remain. No system is
perfect; no technology is The AnswerTM. 

This is obvious to anyone involved in real-world security. In the real
world, security involves processes. It involves preventative technologies,
but also detection and reaction processes, and an entire forensics system
to hunt down and prosecute the guilty. Security is not a product; it
itself is a process. And if we're ever going to make our digital systems
secure, we're going to have to start building processes. 

A few years ago I heard a quotation, and I am going to modify it here: If
you think technology can solve your security problems, then you don't
understand the problems and you don't understand the technology. 

This book is about those security problems, the limitations of technology,
and the solutions. 

Les faits sont faits.

#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: nettime@bbs.thing.net