perfection in security

It is interesting to hear us be adamant about perfection in security, whether it be perfect devices, perfect approaches, or perfect coding. Really, digital integrity pales compared to personal safety. Do we expect perfection in being safe when on the road? Do we demand that cars be built to absolutely withstand the stupidity of drivers? Do we move to diminish the role of the user when driving? Do we do much beyond laws, liability, some technological improvements, and a common understanding that green is go, red is stop, yellow is speed up and pretend not to notice anyone else, and lines are guidelines on traffic flow except in parking lots where they are so much street grafitti? Ever try to play traffic cop in your car, where the guy behind you wants to speed and basically blows out his O-ring having a caniption fit behind you while you drive the limit (yeah, me too, it’s fun because I can be a dick now and then).

It is interesting that we accept a certain level of reasonality when it comes to our safety in life, but become hardassess when talking about digital security.

Have we achieved perfection in physical security, whether it be at home or in the workplace? It might sound like I am being defeatist. On the contrary, I say this all very enthusiastically. Update: I am going to amend, but not remove my original post above. Yes, there are differences in my choice of analogy and the security world. In too many cases, we don’t end up living with our bad choices on the road, but in digital insecurity, we end up living with them. Ask any identity theft victim how hellish their life has been since. Likewise, I accidentally dismissed one thing I thump a lot when it comes to the digital life: efficiency. If a traffic accident were like a digital security incident, then one accident might end up affecting every single car built in 2003 in the state that is currently on the road, and when others currently at rest get started up in the morning, they immediately suffer the same result. One obscure issue in MySpace that only 50 people even understand could result in a worm that affects many thousands of people.