Thursday, May 25, 2006

On "Security Absurdity; The Complete, Unquestionable, And Total Failure of Information Security"

So...

Security Absurdity.com > Security Absurdity; The Complete, Unquestionable, And Total Failure of Information Security: "Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security."

As you can see, I am balefully late commenting on this. So, first, I am supposed to call this guy an "idiot." I don't think he is, all his facts are reasonable. And having all this bad stuff happen, as he points out, while still having "Condition: Green" is somewhat bizarre.

IMHO, he just uses the term "fail" liberally... In addition, he has a few very good points:

- "Cybercriminals are simply out innovating us."
- "Cybercriminals are simply out innovating us AND Security isn't accessible." (not sure I fully agree with this one though)
- "Complexity is the enemy of security."

Marcus Ranum also has a few good points, mostly agreeing with this guy.

Dr Anton Chuvakin