Thursday, January 31, 2008

Paul's Heros: Bruce Schneier

There is a limited place in my mind for the people who I hold in the utmost respect.

Bruce Schneier is one of those people for whom I have that pinnacle level of respect. Bruce is uniquely talented as a writer of very complicated technical materials, yet makes it understandable by dopes like me. Without Applied Cryptography I would have never really understood some of the implementations of cryptographic techniques.

What I admire most about Schneier is that he is somewhat of a maverick in the Security field. He does not assume the posture of an authority figure and use fear as a tool to push his ideas.

In his book, Beyond Fear, Schneier uses his easily digestible style of writing to communicate the role of fear in security. From the beginning Schneier differentiates the concepts of actual security and perceived security, or what he coined "Security Theater". He explains that the two are equally important and that a good security system should have elements of both.

Unfortunately people don't listen to people like Bruce. The fear soaked rhetoric and sensationalism of other security experts tend to stick in the minds of the unanalytical masses.
Regardless of his lack of mass appeal, Bruce Schneier's blog should be on your short list of frequently read content.

Bruce, you're alright.

No comments: