Must read

If you're interested in security then there's a great article on El Reg today regarding complexity and it's role in guarding against terrorism. Snip:

The oft-used construct, "the public would never forgive us if..." is a cop-out. It's a spurious justification for taking the 'collar the lot' approach, throwing resources at it, ducking out of responsibility and failing to manage. Getting back to basics, taking ownership and telling the public the truth is more honest, and has some merit. A serious terror attack needs intent, attainable target and capability, the latter being the hard bit amateurs have trouble achieving without getting spotted along the way. Buying large bags of fertiliser if you're not known to the vendor and you don't look in the slightest bit like a farmer is going to put you onto MI5's radar, and despite what it says on a lot of web sites, making your own explosives if you don't know what you're doing is a good way of blowing yourself up before you intended to. If disaffected youth had a more serious grasp of these realities, and had heard considerably more sense about the practicalities, then it's quite possible that fewer of them would persist with their terror studies. Similarly, if the general public had better knowledge it would be better placed to spot signs of bomb factories. Bleached hair, dead plants, large numbers of peroxide containers? It could surely have been obvious.

Does that work? Does it get us very far? No, in the sense that it doesn't stop the sympathisers from sympathising and it doesn't stop all of the bombs. But given that neither of these is going to happen whatever the police do, and whatever the law says, we need a long-term survival/endurance strategy that doesn't drown the security services in a swamp of data, doesn't turn us into a police state, but does whatever is feasible to minimise risk. Despite what they (inc., the Home Affairs Committee) tell you, we've been here before, and it isn't all that different this time around.

Hat tip to Bruce Schneier. I got to his blog before I read El Reg this morning.