Information Security Awareness, Training and Motivation — Native Intelligence, Inc.

IT Security Quotes and Quips

Let us not look back in anger or forward in fear, but around in awareness. — James Thurber

It used to be expensive to make things public and cheap to make them private. Now it’s expensive to make things private and cheap to make them public. — Clay Shirky, Internet scholar and professor at N.Y.U.

Privacy is not for the passive. — Jeffrey Rosen
via http://articles.philly.com/2012-03-05/news/31124410_1_new-privacy-policy-facebook-search-terms

Hackers are free people, just like artists who wake up in the morning in a good mood and start painting. [...] If they are patriotically minded, they start making their contributions – which are right, from their point of view – to fight against those who say bad things about Russia. — Vladamir Putin

Facebook could tell that in Oklahoma the race between Republicans and Democrats is particularly close, identify the 32,417 voters who still haven’t made up their minds, and determine what each candidate needs to say in order to tip the balance.

How could Facebook obtain this priceless political data? We provide it for free. In the heyday of European imperialism, conquistadors and merchants bought entire islands and countries in exchange for coloured beads. In the twenty-first century our personal data is probably the most valuable resource most humans still have to offer, and we are giving it to the tech giants in exchange for email services and funny cat videos. — Yuval Noah Harari, Homo Deus: A Brief History of Tomorrow

Jim Farley, Ford Motor Company’s top sales executive, who is known for making off-the-cuff comments, told a panel at the CES: “We know everyone who breaks the law. We know when you’re doing it. We have GPS in your car, so we know what you’re doing.” Although he quickly added, “By the way, we don’t supply that data to anyone,” and later issued a full retraction, the comments, even if overblown and meant to be provocative, fueled the concerns. [NY Times, The Next Data Privacy Battle May Be Waged Inside Your Car, Jaclyn Trop, January 10, 2014]

Privacy snafus are to social networks as violence is to football. The whole point of social networks is to share stuff about people that’s interesting, just as the whole point of football is to upend the guy with the ball. Every so often, someone gets paralyzed, which prompts us to add padding to the helmets or set new rules about tackling. Then we move on. — Nicholas Thompson
via http://www.newyorker.com/online/blogs/culture/2012/03/how-to-get-privacy-right.html#ixzz1oS6PqYuI

Recommended additon to the Consumer Privacy Bill of Rights: “A right to not have your data rise up and attack you.” — Benjamin Wittes, Brookings Institution
via http://www.newyorker.com/online/blogs/culture/2012/03/how-to-get-privacy-right.html#ixzz1oS6PqYuI

The user's going to pick dancing pigs over security every time. — Bruce Schneier

 

If someone steals your password, you can change it. But if someone steals your thumbprint, you can’t get a new thumb. The failure modes are very different. — Bruce Schneier

If you reveal your secrets to the wind, you should not blame the wind for revealing them to the trees. — Kahlil Gibran

There are no secrets better kept than the secrets that everybody guesses. — George Bernard Shaw

Better be despised for too anxious apprehensions, than ruined by too confident security. — Edmund Burke

The mantra of any good security engineer is: 'Security is a not a product, but a process.' It's more than designing strong cryptography into a system; it's designing the entire system such that all security measures, including cryptography, work together. — Bruce Schneier

Politically Correct Virus: Doesn't refer to itself as a virus - instead, refers to itself as an "electronic microorganism." — Mark Kaye

I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image. — Stephen Hawking

In view of all the deadly computer viruses that have been spreading lately, Weekend Update would like to remind you: when you link up to another computer, you're linking up to every computer that that computer has ever linked up to. — Dennis Miller

Securing a computer system has traditionally been a battle of wits: the penetrator tries to find the holes, and the designer tries to close them. — Gosser

A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila. — Mitch Ratliff

It is much more secure to be feared than to be loved. — Niccolo Machiavelli

"You shouldn't overestimate the I.Q. of crooks." — NYT: Stuart A. Baker, General Counsel for the NSA, explained why crooks and terrorists who are smart enough to use data encryption would be stupid enough to choose the U.S. Government's compromised data encryption standard.

It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so.
— Mark Twain

We should treat personal electronic data with the same care and respect as weapons-grade plutonium - it is dangerous, long-lasting and once it has leaked there's no getting it back. — Cory Doctorow

Never say anything in an electronic message that you wouldn't want appearing, and attributed to you, in tomorrow morning's front-page headline in the New York Times. — Colonel David Russell, former head of DARPA's Information Processing Techniques Office

 

If you give people the means to hurt you, and they do it, and you take no action except to continue giving them the means to hurt you, and they take no action except to keep hurting you, then one of the ways you can describe the situation is "it isn't scaling well." — Paul Vixie, on NANOG

Just once, why can't one of our poorly considered quick fixes work? — Joel Helgeson, on the "funsec" mailing list

 

Information security's response to bitter failure, in any area of endeavour, is to try the same thing that didn't work -- only harder. — Marcus Ranum

You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can't write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes. — Theo De Raadt on the statement "Virtualization seems to have a lot of security benefits," misc@openbsd.org, October 23, 2007

 

In a relatively short time we've taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters. — Jeff Jarmoc

Any sufficiently advanced bug is indistinguishable from a feature. — Rich Kulawiec, with apologies to Arthur C. Clarke

 

If someone else can run arbitrary code on your computer, it's not YOUR computer any more. — Rich Kulawiec

Gibbs' Rule #35: Always watch the watchers. — First mentioned in Season 8, Episode 22 - "Baltimore" 


Quips and Quotes [1]  [2]  [3]  [4]  [5]  

These quotations relate to computers, information technology, and security.

This material is largely based on e-mail, newsgroup, or Web postings of presumably public domain material. If you're aware of a correction or if you have a quote that you'd like to see added to this page, please let us know.