General discussion


Reaping what is sown

By mike-r ·
Bruce Schneier, Chief Technology Officer of Counterpane Internet Security, Inc., and designer of the popular Blowfish and Twofish encryption algorithms writes:

“The top security trend of 2002 is liability. In 2001, a Federal judge forced the US Department of the Interior to sever its Internet connection, because it couldn't adequately protect private data. Other judges are issuing restraining orders against companies whose networks were the inadvertent launching pads for attacks. Microsoft sees this trend; their "responsible disclosure" rhetoric is an attempt to shift responsibility away from the companies that build insecure products. Through fairer contracts, insurance arrangements, and judicial action, accurate responsibilitiesfor security problems will be apportioned. And many of the existing power balances in security will topple as a result.”

Software (and to some extent—hardware) vendors have been making lots of money selling marginally defective products—and many more vendors make a buck supplying 'fixes'. It would seem the time has come for the sower to reap. What are your opinions?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums