Ranum on Codependence

Marcus Ranum has started podcasting. The second episode in his Rear Guard podcast is a short but nicely put together rant explaining the parlous state of computer security today in terms of a dysfunctional relationship between practitioners and their organisations:

It's clear that security will be exactly as bad as it can possibly be while still allowing senior managers to survive. Whenever it gets across that line — worse than it can possibly be — there will be a brief fire-drill in order to duct tape things back together again until next time.

Last week a friend remarked, after hearing one of my long rants on an unrelated subject, that I had a very cynical view of the situation. "Thank you", I replied, quite seriously. Marcus Ranum has a very cynical view of the security landscape: not completely without rays of hope, but nevertheless aware that a lot of bad things happen out of pure unenlightened self-interest.