Security Bytes

Mar 13 2008   12:25PM GMT

The wit and wisdom of Dan Geer

David Schneier David Schneier Profile: David Schneier

Dan GeerHere’s a mindbender for you: Not only have all of the security products that we’ve installed on our desktops and servers not made those machines secure, they have, in fact, made them less secure. Dan Geer, the dean of the security deep-thinkers’ set, said in his keynote speech this morning at Source Boston that if you believe, as he does, that complexity is the enemy of security, you can come to no other conclusion about the state of computer security at the moment.

“We’ve put so many products into these systems, that the complexity of the sum of the parts is part of the problem itself,” he said.

Geer, who was trained as a biostatistician before getting into the security game, also said that security practitioners should look to the natural world for examples of how to deal with complexity and the evolution of threats and countermeasures. But he also warned that the day is rapidly approaching when our machines will be the ones controlling us.
“We must learn from nature precisely because nature is the most complex system we’ve ever seen,” he said. “Within the career lifetime of everyone in this room, computers will be smarter than us.”

Geer is widely known for the depth and breadth of his knowledge, not just on security and statistics, but on a wide range of topics. But he’s also known for his facility with words, peppering his talks with memorable phrases and anecdotes. He didn’t disappoint today. Here are a few of his stray thoughts from today’s speech:

  • “If you are losing a game you can’t afford to lose, change the rules.”
  • “A backdoor unused is like a biological niche unused. Nature abhors a vacuum.”
  • “Desktop systems need to die and be reborn often.”
  • “Security is perhaps the most intelligent pursuit on the planet.”

So the next time your CEO wonders aloud about the value of security, just tell him what Dan Geer said.

1  Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • Nick
    Having not run anti-virus software on my 1800+ PC network for 15 years, I can only applaud. Software got us into this mess and it won't be what gets us out of it.
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: