This website does readability filtering of other pages. All styles, scripts, forms and ads are stripped. If you want your website excluded or have other feedback, use this form.

Schneier on Security: Essays Tagged Dark Reading

Schneier on Security

Essays > Essays by Tag >

Essays Tagged “Dark Reading”

Page 1 of 1

On Security Awareness Training

The focus on training obscures the failures of security design

  • Bruce Schneier
  • Dark Reading
  • March 19, 2013

Should companies spend money on security awareness training for their employees? It's a contentious topic, with respected experts on both sides of the debate. I personally believe that training users in security is generally a waste of time, and that the money can be spent better elsewhere. Moreover, I believe that our industry's focus on training serves to obscure greater failings in security design.

Read More →

When to Change Passwords

  • Bruce Schneier
  • Dark Reading
  • November 10, 2010

How often should you change your password? I get asked that question a lot, usually by people annoyed at their employer's or bank's password expiration policy -- people who finally memorized their current password and are realizing they'll have to write down their new one. How could that possibly be more secure, they want to know.

The answer depends on what the password is used for.

Read More →

The Failure of Cryptography to Secure Modern Networks

  • Bruce Schneier
  • Dark Reading
  • June 30, 2010

For a while now, I've pointed out that cryptography is singularly ill-suited to solve the major network security problems of today: denial-of-service attacks, website defacement, theft of credit card numbers, identity theft, viruses and worms, DNS attacks, network penetration, and so on.

Cryptography was invented to protect communications: data in motion. This is how cryptography was used throughout most of history, and this is how the militaries of the world developed the science. Alice was the sender, Bob the receiver, and Eve the eavesdropper.

Read More →

Lockpicking and the Internet

  • Bruce Schneier
  • Dark Reading
  • August 10, 2009

Physical locks aren't very good. They keep the honest out, but any burglar worth his salt can pick the common door lock pretty quickly.

It used to be that most people didn't know this. Sure, we all watched television criminals and private detectives pick locks with an ease only found on television and thought it realistic, but somehow we still held onto the belief that our own locks kept us safe from intruders.

Read More →

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.