The security mirage - Bruce Schneier

Reminds me of a humorous story: A CEO of anti-identity theft company was so sure of his own product he actually displayed his own social security number on the company website and hilarity ensured.
The CEO of Lifelock had his identity stolen 13 times! Plus the company was fined $12 million for deceptive advertising by the FTC, which probably had something to do with the company promising to pay a million dollars if a customer used their service and had their identity stolen.

I am so disappointed that this presentation only has 44K views. I am a security professional and recommend this talk to everyone that will listen. Bruce explains the theories of security better than anyone I have ever listened to.

TL;DR: If our feelings match reality, we make better security trade-offs.

I found this to be helpful for a piece that I've been writing about irrational fears. Thanks.

Ha, ha 2020!

i Must say the RFID tags on babies would also help with giving the babies to their correct parents and not having to worry if nurse remember which Mike she was carrying.. Certainly there are other signs and factors, but if you really want to approach security theater like this, then you really have to accept that there is no such thing as security. the Law agasint murder is just security theater, Doors and locks are security theater, Bunkers, just really clever security theater. there is ALWAYS a way around any kind of security, ALWAYS. its impossible to perfectly protect any computer data on the internet. what security theater really is, is security that is not perfect, which is all secruity. What you call security theater is just the stuff that is less effective, but none the less is effective to a degree.
i mean, How easy is it to replace Pills with poison if a bottle has no tamper proof cap. Now if it does, how many super easy ways have just been shot down because of evidence you are forced to leave behind to do so. Suddenly, you cant have Idiots doing this stuff. Idiots cant carry guns through Metal detectors or hide them from a pat down. Security Theater stops the idiots from doing these things. if a person is smart enough and wants to do something, they can probably figure out a way to do it, regardless of the security. Security Theater is just security that stops the idiots from even trying, and catches them when they do. Now since the idiots are automatically taken care of, you need only worry about the smarter ones and plan to deal with them. Because certainly the Smart ones like you can figoure out to use a small enough syringe and stick it in on a specific point so that there is nearly no visible evidence that you did so, but when the customer opens it up, the poison you used is certainly not the pills themselves like it could have been if some idiot emptied the bottle and replaced it with ones that look real but are poison.

It makes you wonder how people asses biometrics like facial recognition because I think facial recognition is just security theater

This is so still relevant.

I just found this guy in tmol's vid bc he had bass XD

Carlos por favor que no se ingles :(

Awesome talk

democracynow brought me here

I feel a hum.

this has way to little views

The people who have commented already have said some of the most insanely idiotic things I have ever read. May God have mercy on the souls of those who have written comments thus far.

DO ANOTHER (NEW) TED TALK BRUCE! YOU'RE THE BEST! 2019