Bruce Schneier is one of those rare birds who writes sensibly about complicated technical issues — in his case, issues revolving around information security and larger questions of security in general. Schneier's monthly "Crypto-Gram" newsletter (see ) offers thoughtful, precise remarks on current infosec developments as well as delightful balloon-pricking of the far too frequent hype and promo-bogosity that the field is prone to.

The 15 December 2003 "Crypto-Gram" is a good example. Schneier punctures quantum cryptography:

"I don't have any hope for this sort of product. I don't have any hope for the commercialization of quantum cryptography in general; I don't believe it solves any security problem that needs solving. ..."

and explains how to make electronic voting technology work:

"All computerized voting machines need a paper audit trail. Build any computerized machine you want. Have it work any way you want. The voter votes on it, and when he's done the machine prints out a paper receipt, much like an ATM does. The receipt is the voter's real ballot. ..."

Smart, accurate commentary.

The best thing about Bruce Schneier, though, is the way he has grown over the years. His perspective on security has broadened, and he admits it. It's encouraging to see somebody that honest get at least part of the recognition he deserves.

(Full Disclosure: Though he probably doesn't recollect it I've met Bruce once, at a so-called "Hackers Conference" in northern California held in 1996. See NiceHackers (20 Dec 2000), for thumbnail sketches of a few of the other people there.)

TopicScience - TopicProgramming - TopicLiterature - TopicProfiles - 2003-12-23

(correlates: HonestVotingMachines, Refuse to Be Terrorized, ThroughObscurity, ...)