I finally caught up with my Freakonomics Blog reading. I found the Q&A session with security guru Bruce Schneier to be the most interesting of the last 2 weeks. He answered a ton of questions, and gave very detailed responses, with lots of supplementary links. This is definitely not dry, techie/hacker security talk – Bruce answers many of the question from a socio-economic point of view that I found to be very enlightening. Check it out.

Q: All ethics aside, do you think you could make more money obtaining sensitive information about high net worth individuals and using blackmail/extortion to get money from them, instead of writing books, founding companies, etc.?

A: Basically, you’re asking if crime pays. Most of the time, it doesn’t, and the problem is the different risk characteristics. If I make a computer security mistake — in a book, for a consulting client, at BT — it’s a mistake. It might be expensive, but I learn from it and move on. As a criminal, a mistake likely means jail time — time I can’t spend earning my criminal living. For this reason, it’s hard to improve as a criminal. And this is why there are more criminal masterminds in the movies than in real life.

Freakonomics Blog: Bruce Schneier Blazes Through Your Questions