Thursday, 19 February, 2004

There's a term in the computer security industry.. It's a three letter word:

FUD - Fear, Uncertainty and Doubt. Also known as scare tactics, either accomplished by threat or making the opponent doubt his standpoint.

FUD is the political mechanism for the new millennium. FUD is a master to only itself. In the next two entries I want to attack two lines of daily FUD on two different topics: drugs and terrorists.

Terrorists - Ladies and gentlemen, security is a trade-off. It has always been a trade-off and will remain a trade-off long after your grandchildren are worm food.

Example: It makes sense to put your wages in a bank. Money you put in the bank can't be directly stolen. In the event of a bank robbery your money is insured by the government. On top of this, they give you a small rate of interest on any money you place in your account. They do all this free of charge.. so that's a very good security tradeoff.

Having a lock on your front door is an okay security trade off. By introducing a lock we allow two ways for the security of the system to be defeated: 1.) Pick the lock. 2.) steal the key. A lock will never stop a determined thief but it will stop a casual thief. If you dont have the key or the skill to pick the lock then your going to have to damage the property to get in.. That raises the bar enough to deter most thiefs.. and so for the inconvience of having to lock/unlock your door you get a small security gain. All in all, i think it's a reasonable tradeoff.

Compare this to the security checks being introduced post 9/11. Most security systems in the post 9/11 work on the assumption that being able to identifying somebody makes you more secure. Think about that for a moment.

It isn't a very sensible conclusion to come to. Identifying somebody tells you nothing about their intentions. Indeed, the 9/11 hijackers flew on their own passports. They had no need to disguise their identity. If you know someone is a terrorist, knowing their identity is a good measure of course, but it's simply unrealistic to assume known terrorists will fly on planes. We live in a world with suicide bombers. These people are unknowns and utterly expendible. Identification of these people does nothing to improve security.

Giving up your right to privacy, by handing over biometrics to any government on demand, for nil security return is a very bad trade-off.

Tomorrow, we look at the way FUD is deployed in the war on drugs.


20:51:38 GMT | #Life | Permalink
XML View Previous Posts