adoption curve dot net

1. Grab the nearest book.
2. Open the book to page 23.
3. Find the fifth sentence.
4. Post the text of the sentence in your journal along with these instructions.

That is beside the point I am trying to make, which is about how easily one can post something for all the world to read.

A test of trackback to Infosential

It’s fair to say that as more and more of our daily lives and interactions go online, the importance of data and systems security becomes greater and greater. Unfortunately this is a great example of an area where fear, uncertainty and doubt is actively promoted by those with a commercial axe to grind – after all, it’s a vested interest of those selling security-related software and services to make us think that the world is a seething mass of virii and hackers just waiting to pounce.

If security has a silly season, we’re in it

The truth, as ever, probably lies somewhere between the dire prognostications of the vendors and there being no problem at all. The problem for us is to work out what’s reality and how to react. So this advice from Bruce Schneier, a pioneer in the field of cryptography, is pretty timely. He’s unusual in two senses – firstly because he’s an expert in a complex field who can write about the issues and the technology in plain English; and secondly because although he’s involved in the systems security business, he has a very pragmatic and un-alarmist approach.

This article outlines a five-step approach to security analysis that can be used to judge how effective a solution is likely to be – and can be used as a useful check to evaluate what’s snake oil and what isn’t. Too often security measures are the result of knee-jerk reactions to events that do nothing more than banging the stable doors shut long after the horses have departed, so it’s interesting to use the framework to think about some of the post-September 11th measures. To quote Bruce Schneier,

When you start using it, you’d be surprised how ineffectual most security is these days.