Sunday, March 28, 2010


When I talked to James Fallows and Bruce Schneier on Thursday, this didn't come up. Perhaps it should have.

It is not obvious to people, especially senior government officials and corporate executives that security by obscurity is a very bad idea. It seems obvious that you should keep your sources and methods secret, including your encryption algorithms. But while you do not want to out your spies ("sources"), it makes no sense to keep your methods secret.

Effective methods have to be tested, and the only way to test them is to put them out in public. Electronic voting machines are a good example of this kind of failure, while the papal picking process is an example of how to do it right. (While the result looks like a mistake, the voting process did accurately count the College of Cardinals vote.)

It is really a bad thing to have inadequately tested systems in place. And any system that relies on security by obscurity is inadequately tested.

And don't get me started on the idea of full body screeners at airports. They are not just stupidly intrusive. They don't work. And, as Bruce noted in the interview, the shoe bomber and the underpants igniter's attempts failed. The current, unstated but in place, security system of passengers and crew not permitting a hijacking or a bomber on an airplane works really well.