that kweerkid again

• 2012-03-03

  TSA’s de facto policy to this point has been to react to the latest thing tried by a terrorist, which is invariably something that Al Qaeda identified as a technique not addressed by current screening. While this narrows Al Qaeda’s options, their list of attack ideas remains long and they are imaginative. Therefore, if TSA continues to react to each and every new thing tried, three things are certain:

  1. Nothing Al Qaeda tries will be caught the first time because it was designed around gaps in TSA security.
  2. It is impossible to eliminate all gaps in airline security.
  3. Airline security screening based on eliminating every vulnerability will therefore fail because it is impossible. But it will by necessity become increasingly onerous and invasive on the travelers.

  — gmancasefile: TSA: Fail

  Source: gmancasefile.blogspot.com

• 2011-05-16

  As both data storage and data processing becomes cheaper, more and more data is collected and stored. An unanticipated effect of this is that more and more data can be stolen and used. As the article says, data minimization is the most effective security tool against this sort of thing. But — of course — it’s not in the database owner’s interest to limit the data it collects; it’s in the interests of those whom the data is about.

  — The Era of “Steal Everything”

  Source: schneier.com