Simon Willison’s Weblog


3 items tagged “securitytheatre”


Since 9/11, approximately three things have potentially improved airline security: reinforcing the cockpit doors, passengers realizing they have to fight back and - possibly - sky marshals. Everything else - all the security measures that affect privacy - is just security theater and a waste of effort.

Bruce Schneier

# 29th January 2008, 12:14 pm / bruce-schneier, privacy, security, securitytheatre


Side-Channel Attacks and Security Theatre. “In order to mount most of these attacks the attacker must be local [...] every good security person knows that if your attacker has the ability to run stuff on your machine, it is game over, so why are we even caring about these attacks?”

# 2nd August 2007, 12:30 pm / ben-laurie, openssl, security, securitytheatre, sidechannel

E-Trade financial tried using a RSA fob as a second factor of authentication, but as of their 11/07/06 financial report their fraud losses continue to increase. That said, they considered this program a success because users indicated they feel safer and are more likely to provide assets.

Usable Security

# 20th July 2007, 10:31 am / etrade, rsa, rsafob, security, securitytheatre, usability, usablesecurity