The whole notion of passwords is based on an oxymoron. The idea is to have a random string that is easy to remember. Unfortunately, if it's easy to remember, it's something nonrandom like 'Susan.' And if it's random, like 'r7U2*Qnp,' then it's not easy to remember.
Interpretation
Passwords are inherently paradoxical, aiming to be both random and memorable but failing at one of these aspects.
This quote by Bruce Schneier highlights the fundamental contradiction in the concept of passwords. While they are designed to be secure through randomness, true security often requires making them complex and difficult to remember, leading to a paradox where easier-to-remember passwords compromise security and truly secure ones are forgettable.
In practice
Discussing cybersecurity during a tech seminar.
History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did.
This is not the internet the world needs, or the internet its creators envisioned. We need to take it back. And by we, I mean the engineering community.
It is poor civic hygiene to install technologies that could someday facilitate a police state.
You can't defend. You can't prevent. The only thing you can do is detect and respond.
Digital files cannot be made uncopyable, any more than water can be made not wet.
I am regularly asked what the average Internet user can do to ensure his security. My first answer is usually 'Nothing; you're screwed'.
As soon as you write about climate change, the first attempt to discredit you is, 'Well, you wrote this on a computer,' or, 'You took a plane to this conference.' So your opinion isn't valid.
We shall do a much better programming job, provided that we approach the task with a full appreciation of its tremendous difficulty, provided that we stick to modest and elegant programming languages, provided that we respect the intrinsic limitations of the human mind and approach the task as Very Humble Programmers.
The fundamental truth for developers is they will build if there are users.
C is quirky, flawed, and an enormous success.
The only way you multiply resources is with technology. To really affect poverty, energy, health, education, or anything else - there is no other way.
The one thing perhaps that technology hasn't always given us is a sense of how to make the wisest use of technology.
Subscribe for the occasional hand-picked quote. No noise.