I’m not a security expert by any means, but this is still an important generalization. Schneier has probably explained it in the past.
All of the anti-counterfeiting features of the new Canadian $100 bill are resulting in people not bothering to verify them.
Security Risks of Too Much Security
The domain of this observation ought to be clear to anyone who gives it a moment’s thought. If security resources are scarce (like the attention spans of the employees implementing these procedures), then they must be spent wisely to achieve a positive ROI. If resources aren’t scarce (like overabundant storage or computation horsepower), this principle does not necessarily apply.Advertisements