Monday, July 10, 2006

Base Rate Fallacy and NSA

I usually stay out of USA internal matters, like the VA lost laptop and NSA spying stories. But Bruce Schneier today posted in his blog a very good argument about why the NSA plots to identify terrorists are flawed. The Base Rate Fallacy is a very interesting problem that applies to a lot of detection based security technology, specially those that are anomaly based. Perhaps this is why we still haven't applied this approach to IDSes and Antiviruses.