Maybe I was being a bit facetious, but intentionally.

Lessig is a great thinker, but security is not his focus as far as I know either. Schneier is driving thinking about security theatre. Cryptography is a great tool that no one in business likes to use. Dr. Roger Schell, father of the Trusted System Evaluation Criteria (TCSEC) standard, commonly referred to as the Orange Book, calls cryptography “the opiate of the naive”. The reason, one does not need to break it if one can easily steal the keys from insecure systems. Of course, we do still need it in the meantime.

Ranum is a recognized innovator and knows and writes more than anyone about what would be required to fix the system, but is regarded by many as some kind of heretic because he tells it as it is, and his version of truth is too painful and too hard to swallow. Bejtlich is fantastic at getting the most out of a broken model, but true innovation means fixing and changing the model, not reacting faster.

The basis for my sarcasm was a statement by Guy Kawasaki, who said:

“Those on the first curve are unable to comprehend, let alone embrace the second curve”.

If this is true, then anyone on the first curve will be unable to innovate. I explored this position in a short essay in an Amazon review of “The New School of Information Security” under the title

“Not much “new school” in The New School of Information Security” found on this page:

http://www.amazon.com/review/product/0321502787/ref=cmcrdp_synop?%5Fencoding=UTF8&showViewpoints=0&sortBy=bySubmissionDateDescending#RTBEMAG1DJOQU

Is this the reason why we do not see any innovation in IT security? Something to think about.

Maybe I was being a bit facetious, but intentionally.

Lessig is a great thinker, but security is not his focus as far as I know either. Schneier is driving thinking about security theatre. Cryptography is a great tool that no one in business likes to use. Dr. Roger Schell, father of the Trusted System Evaluation Criteria (TCSEC) standard, commonly referred to as the Orange Book, calls cryptography “the opiate of the naive”. The reason, one does not need to break it if one can easily steal the keys from insecure systems. Of course, we do still need it in the meantime.

Ranum is a recognized innovator and knows and writes more than anyone about what would be required to fix the system, but is regarded by many as some kind of heretic because he tells it as it is, and his version of truth is too painful and too hard to swallow. Bejtlich is fantastic at getting the most out of a broken model, but true innovation means fixing and changing the model, not reacting faster.

The basis for my sarcasm was a statement by Guy Kawasaki, who said:

“Those on the first curve are unable to comprehend, let alone embrace the second curve”.

If this is true, then anyone on the first curve will be unable to innovate. I explored this position in a short essay in an Amazon review of “The New School of Information Security” under the title

“Not much “new school” in The New School of Information Security” found on this page:

http://www.amazon.com/review/product/0321502787/ref=cmcrdp_synop?%5Fencoding=UTF8&showViewpoints=0&sortBy=bySubmissionDateDescending#RTBEMAG1DJOQU

Is this the reason why we do not see any innovation in IT security? Something to think about.

@Rob, was that sarcasm? Lessig: Creative Commons? Yeah that went no where /s. Do know how many books Schneier has written on cryptography? Schneier (and company) writes his own crypto algorithms that are used by other people. I know only little about Ranum but Bejitch has had a huge influence on the security as well.

Though I have always been critical of Obama, I do recognize the potential for a leader to finally understand technology and the issues/threats with it. I imagine that the technology world will improve greatly under his watch.

@Rob, was that sarcasm? Lessig: Creative Commons? Yeah that went no where /s. Do know how many books Schneier has written on cryptography? Schneier (and company) writes his own crypto algorithms that are used by other people. I know only little about Ranum but Bejitch has had a huge influence on the security as well.

Though I have always been critical of Obama, I do recognize the potential for a leader to finally understand technology and the issues/threats with it. I imagine that the technology world will improve greatly under his watch.

Besides, what have any of these guys done lately? LOL. We need innovators, not thinkers !!!

Besides, what have any of these guys done lately? LOL. We need innovators, not thinkers !!!