Key to good data security is knowing there's no perfect security

Looking to encrypt your data? The key to good security is knowing that perfect security doesn't exist, according to Bruce Schneier, as reported by Alex Carp in POLITICO. Schneier, who has written 13 books on encryption and has worked for the Department of Defense as well as telecommunications companies and banks, helped the journalist Glenn Greenwald review Edward Snowden's purloined NSA data trove.

As Carp reports, Schneier contends that the best security systems accept some risk and that an attempt to protect against every threat comes with unexpected costs—a view that's not well accepted by the general public. He recounts an interview of Schneier by CNN host Becky Anderson in which she asked in an exasperated manner how it could be that Angela Merkel would be carrying a phone that could be tapped. His response: “Well, she has to talk to people.”

Carp doesn't elaborate, but in the CNN interview, Schneier goes on to explain that Merkel would use an unsecured phone to converse with friends and family members who don't have “magic phones” with encryption capability. Presumably, she does use encrypted channels to communicate with cabinet members and high-level colleagues.

Nevertheless, as Carp reports in POLITICO, Schneier concludes that weak points reside not in encryption mathematics but in hardware, software, networks, and most especially “erratic, capricious, and barely comprehensible” people.

Read Carp's POLITICO article here.