/* */

13 February 2006

Insight from Schneier on biological aspects of the Parallel World

Bruce Schneier, for those that do not know of him, is a fairly serious expert in the realm of cryptography, computer defense, secure communications, and related security areas. Your authors may not always agree with what the gentleman has to say, but he is always worth the time to read.

He also occasionally produces fascinating insight into certain problem classes, such as in this quote below from an evaluation of Microsoft’s new Internet Explorer 7 web browser.

But the masses still use IE, and our security depends in part on those masses keeping their computers worm-free and bot-free.

Too often online security takes a similar approach to its real world counterparts in that it focuses on establishing a strong perimeter and hardening its own defended assets. However, many contemporary online security problems are spawned from the widespread compromise of vulnerable segments of online populations – who in turn in aggregate become responsible for infection of other systems and attacks against the smaller number of defended citadels as part of botnets and other swarm tactics.

This calls to mind many of the problems faced when discussing security in an active biological environment, whether bio-war or bio-terrorism. Adequate protection comes not only from securing a hardened perimeter but demands epidemiological surveillance and response.

These are fundamentally intelligence-led challenges demanding robust watch & warning and predictive analysis responses. They are also rarely taught well…