Tonight at the IFG I got into the complexity argument where noble objectives defeat practical solutions.
Think of google or visa through clear simplicity of one solution they focus on secure access and make it work – completely and universally. The government takes the course of multiple safeguards and intermediaries.
So based on the medeaval ways of defending a castle the government wisely adopts the multiple defences approach but forgets to think that their approach multiplies the number of citadels. A solution which amplifies the problem.
And dont forget the human factors. The technologists approach to password vulnerability is to make the passwords more difficult to guess (and remember) and change them more often. The net result is that ‘real people’ simply write their passwords down to stick on their monitor – result fixes that fail just like government IT.
Speak Your Mind