Trust No One.  Especially not the RSA.

I think the tone of that article is a bit too conspiratorial.  I would argue that the real reason why we see so many security problems is that security doesn’t pay.  A standard bit of security economics is that features drive new markets, and only after a new market becomes established does security come into play—mostly after major security problems crop up.  Electronic commerce has been around for a decade or so in terms of “real use” (i.e., sure, there were people buying things online 20 years ago, but it wasn’t until eBay and Amazon and the like that buying things online became practical and mainstream).  That may seem like forever for some people, but it really isn’t that long.  And during that time, there were a lot of groups and people trying to figure out how to get it to work, and then how to get it to work cheap.  Now that we have working, cheap systems, we’ve hit the next phase:  exploitation.  With companies like Sony and Citibank getting hit, losing vital information like credit card numbers for hundreds of thousands (a hundred million, as some estimate for Sony’s case) of customers, security will slowly become a more important issue, and we’ll see some marginal improvements.

That is, until the next really cool thing comes out.

Via Bruce Schneier.

3 thoughts on “TNO

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s