Comments

Mike SchiraldiAugust 16, 2006 12:41 PM

I'll spoil the fun and post the full list:

If Bruce Schneier wants your plaintext, he'll just squeeze it out of the ciphertext using his barehands

Bruce Schneier got a perfect score on his comp-sci degree. Just by writing Bruce Schneier for every answer.

Whitfield Diffie and Martin Hellman use only their surnames out of fear of Bruce Schneier

Bruce Schneier can conduct secure multiparty computation... on his own

Bruce Schneier mounts side-channel attacks through the front channel

Bruce Schneier's discrete logarithms are uncountable and continuous

Bruce Schneier always inhabits the soundness of error margin of your zero-knowledge crypto protocol

When Bruce Schneier pre-computes S-box tables, he does it dynamically from the key... over breakfast.

Bruce Schneier can determine the exact location and velocity of any particle that's being used by quantum cryptography.

Quantum cryptography exchanged the Heisenberg Uncertainty Principle for the Schneier Dead Moral Certainty Principle when Bruce Schneier came to town.

Bruce Schneier knows Alice and Bob's shared secret.

Bruce Schneier eats 0s and 1s for breakfast. And snacks on pi.

Bruce Schneier memorizes his one time pads

Bruce Schneier assembled assembly...with his bare hands!

Bruce Schneier is computationally infeasible.

A mystery wrapped in an Enigma is no more puzzling to Bruce Schneier than a mystery wrapped in ROT-13.

Bruce Schneier doesn't even trust Trent. Trent has to trust Bruce Schneier.

Bruce Schneier once factored a prime number.

As Bruce Schneier says there is no Oscar for security theatre.

Bruce Schneier's secure handshake is so strong, you won't be able to exchange keys with anyone else for days.

Most people use passwords. Some people use passphrases. Bruce Schneier uses an epic passpoem, detailing the life and works of seven mythical Norse heroes.

Bruce Schneier's online purchases are so secure, his shopping cart is an M-1 tank.

Bruce Schneier doesn't need steganography to hide data in innocent-looking files. He just pounds it in with his fist.

Bruce Schneier can reverse any one-way cryptographic hash, just by staring it in the eye

Bruce Schneier can solve NP-Complete problems in NlogN time.

"When I wake up in the morning I piss cryptographic excellence." - Bruce Schneier

Bruce Schneier's tears can burn holes through an OpenBSD firewall. Lucky for us, Bruce Schneier never cries.

Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it.

Bruce Schneier decrypted the Bible. The plaintext read, "Bruce Schneier".

If you use the digits of Pi to generate a visual image, it draws a picture of Bruce Schneier.

The universe was created to serve as Bruce Schneier's crib text.

Bruce Schneier's public and private keys are known as "Law" and "Order."

SSL is invulnerable to man-in-the-middle attacks. Unless that man is Bruce Schneier.

When he was three, Bruce Schneier built an Enigma machine out of Legos.

Bruce Schneier once found the inverse of a trapdoor function counting only on the fingers of one hand

A vigenere cipher with the Key "BRUCESCHNEIER" is in fact unbreakable.

Bruce Schneier fully discloses his own vulnerabilities: none.

Bruce Schneier knows your private key.

Bruce Schneier's Twofish algorithm has 16 rounds, but he always gets a knockout in the first.

The nuclear launch codes held by the President of the United States are secured by an unbreakable system: a plain brown envelope with a picture of Bruce Schneier on the flap.

Ron Rivest wears Bruce Schneier pajamas.

Bruce Schneier was only allowed to view the Kryptos sculpture at Langley for 1 second, in order not to spoil the fun other cryptographers. It was 0.9 seconds too much.

Bruce Schneier doesn't have a chin under his beard -- just more ciphertext.

If at first you don't succeed at breaking a cipher, you're not Bruce Schneier.

In a fight between Ron Rivest and Adi Shamir, the winner would be Bruce Schneier.

The output of Bruce Schneier's pseudorandom generator follows no describable pattern and cannot be compressed.

There is no chin behind Bruce Schneier's beard. There is only another pseudorandom number generator and he's gonna use it to encrypt your face.

When Bruce Schneier does modulo arithmetic, there are no remainders. Ever.

It has recently been discovered that every possible hashing algorithm produces the same value for the phrase "Bruce Schneier" -- Bruce Schneier.

Bruce Schneier made Bell-LaPadula do a brutal doodle.

Bruce Schneier once broke AES using nothing but six feet of rusty barbed wire, a toothpick, and the front axle from a 1962 Ford Falcon.

Every time Bruce Schneier smiles, an amateur cryptographer dies.

Mr. T pities the fool. Bruce Schneier just pities his data.

Bruce Schneier can change most random distributions. With his fists.

Geologists recently discovered that "earthquakes" are nothing more than Bruce Schneier and Chuck Norris communicating via a roundhouse kick-based cryptosystem.

Sweeping NSA reforms will soon require all employees to grow a Bruce Schneier beard.

Bruce Schneier mounts chosen-ciphertext attacks without choosing the ciphertext

As initialization vectors, 'Bruce Schneier' and 'Chuck Norris' are interchangeable.

When Bruce Schneier uses double ROT13 encryption, the ciphertext is totally unbreakable.

The final Beale Cipher, written 175 years ago, detailing the rightful owners of a cache of gold, has just two words in its plaintext: Bruce Schneier.

Autographed copies of "Applied Cryptography" reguarly sell for twice the going rate for enigma machines on eBay

Bruce Schneier sneers and solves Godel's incompleteness theorems.

When Bruce Schneier clicks "Random Fact" the outcome is never random.

Humboldt squids have sensors capable of detecting clothing worn by Bruce Schneier at 800 yards - to trigger their flight response.

Beyond computational complexity, there is Schneiertational complexity

Bruce Schneier can straighten out an elliptic curve with nothing but his teeth

Bruce Schneier makes abstract algebra look like elementary algebra.

GeorgeAugust 16, 2006 1:00 PM

Is the luggage we check, checked for explosives before it is placed on the Aircraft?

Christopher BownsAugust 16, 2006 1:02 PM

I emailed Bruce this. Glad to see it got posted for the world to enjoy.

My personal favorite:
"When I wake up in the morning I piss cryptographic excellence." - Bruce Schneier

Rob GreenAugust 16, 2006 1:06 PM

my favorite is
Humboldt squids have sensors capable of detecting clothing worn by Bruce Schneier at 800 yards - to trigger their flight response.

and i wonder what he saw when he went to the site ;)
When Bruce Schneier clicks "Random Fact" the outcome is never random.

TimTheFoolManAugust 16, 2006 1:10 PM

I thought I had done a decent job with "Ed Hoculi Facts" (the ultra-muscular NFL referee).

The best I can come up with is: "Beyond Fear is Bruce Schneier"

I stand in awe of the accuracy with which these replicate the spirit of the "Chuck Norris Facts." Bravo! - Tim

JustinAugust 16, 2006 1:24 PM

My favorite: "Most people use passwords. Some people use passphrases. Bruce Schneier uses an epic passpoem, detailing the life and works of seven mythical Norse heroes."

Bruce SchneierAugust 16, 2006 1:29 PM

My favorite so far: "Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it."

NAugust 16, 2006 1:30 PM

Bruce Schneier's Twofish algorithm has 16 rounds, but he always gets a knockout in the first.

David DonahueAugust 16, 2006 1:31 PM

I liked the "facts" site, but it's a bit too attention starved fanboy for my taste.

It does occur to me that these "facts" are more than a little too geeky to explain to my wife if I want to avoid extended celibacy.

A couple of comments on the facts I saw in TFA:
"Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it".
-Isn't this what Eskimos did when carving scrimshaw, carving away the excess to find what animal was inside the material, until they had the completed figurine? I suppose it could be done by calculating a one-time-pad against the random text to generate the article, but we all know how much he hates Crypto using one-time-pads, he might then have to put himself into his own doghouse.

Also; "Most people use passwords. Some people use pass-phrases. Bruce Schneier uses an epic passpoem, detailing the life and works of seven mythical Norse heroes."
-I doubt this, I mean how many epic poems about seven Norse heroes are there? 3-4 maybe? probably not even 10? Even with variations for typesetting, the key-space is just way too limited and the likelihood of a typo in a pass-phrase that long is too high.

I doubt that Bruce cares enough about his data security to implement a "strong" authentication solution. I would think he would implement a "reasonable, plus a bit more" solution. He would be the first to point out that having a uber secure, personally held cryptographic key signing token that's unlocked by a pass-number and biometric authentication is pretty pointless on a Windows Laptop connected to the Internet with a software firewall. Since there are so many easier ways to attack it than reversing the crypto its inefficient to increase the one thing that probably strong, better to try and secure it across the board.

Such a token solution would just be security theatre and if we're doing theatre darn it, we should have music and dancing girls.

XyzAugust 16, 2006 1:39 PM

"Bruce Schneier once broke AES using nothing but six feet of rusty barbed wire, a toothpick, and the front axle from a 1962 Ford Falcon."

I'll bet you Rijnmen and Daemen never saw that coming!

ProhiasAugust 16, 2006 1:52 PM

"Bruce Schneier's online purchases are so secure, his shopping cart is an M-1 tank."

There is an idea for my next project. No more wimpy shopping cart icons.

hellishAugust 16, 2006 2:18 PM

Can Bruce Schneier design a cryptosystem so strong that he himself cannot break it?

AnonymousAugust 16, 2006 2:22 PM

Bruce doesn't even use a password. All he has to do is to click on a link and admin access is granted automatically.

Matt DAugust 16, 2006 2:52 PM

For the other Brits hanging out here: Am I the only one who kept on thinking of Jeremy Clarkeson's haiku-like comments about The Stig, on Top Gear, when reading the Schneierfacts page?

Once I'd got over my shock at the idea of Clarkeson and co reviewing crypto, it was almost as funny as some of the Schneierfacts.

Timmy303August 16, 2006 3:02 PM

Windows was stolen from an OS design Bruce created as a prank when he was four.

Timmy303August 16, 2006 3:03 PM

It is a well-known fact among securty folk that there is no such thing as a DDoS attack; there are only Internet users trying to download Cryptogram at the same time.

Timmy303August 16, 2006 3:15 PM

The most commonly-used shellcode string in all exploits since 1989 is not the machine code for /bin/sh, it is machine code for "Bruce says open up."

Baron von LeezardAugust 16, 2006 3:19 PM

> Can Bruce Schneier design a cryptosystem so strong that he himself cannot break it?

Bruce Schneier *can* design a cryptosystem so strong that he himself cannot break it.
But then he'll break it anyway.

Timmy303August 16, 2006 3:19 PM

Bruce Schneier's multiplication tables are on the ITAR and look nothing like your multiplication tables.

phesslerAugust 16, 2006 3:20 PM

if Bruce Schneier's beard and Chuck Norris' beard got into a fight, who would win?

greymaidenAugust 16, 2006 3:20 PM

Bruce Schneier does his crosswords in Navajo.

(By the by, there are dozens of Icelandic Sagas involving more than 7 Norse Heros. Is it sad that I could list about twenty right now off the top of my head?)

David Dyer-BennetAugust 16, 2006 3:25 PM

Yikes. Many of those were, in fact, pretty funny. And the "full list" included some I didn't see on the site, so that was useful.

I think my favorite might be "knows Alice's and Bob's shared secret", although there's a lot to be said for having built an Enigma machine out of Legos at age 3.

JimiAugust 16, 2006 3:26 PM

Holy cow, every web search ad I see for fact is now pitching books and products by Bruce. There's no end to it. It is marketing genius. I think it's a Google bomb or something even bigger. The Bruce Fact Engine could replace all the other Web 1.0 style search engines soon.

Timmy303August 16, 2006 3:36 PM

Chinese Remainder problems get one look at Bruce and remember what was where on their own.

Timmy303August 16, 2006 3:48 PM

Bruce caused the cessation of hostilities in the Balkans using a slide rule, an Amiga and a case of Coors Light.

Timmy303August 16, 2006 3:59 PM

Linus has publicly admitted that all the Security flaws in the Linux kernel 2.0 source tree were repaired by a single faith healing from Bruce

Timmy303August 16, 2006 4:03 PM

Bruce Schneier breeds, raises, and trains Attack Trees for the Department of Defense's new Stealth Foliage Combat initiative.

JimiAugust 16, 2006 4:08 PM

I hope the new Bruce Fact Engine 2.0 safely wipes all the embarrassing and terror related search words and dirty phrases I've used out, before the police state agents call me in for questioning.

Timmy303August 16, 2006 4:11 PM

Bruce designed an algorithm on a napkin in the bar of the Alexis Park that could make all intractable problems quite tractable. Then he soaked it in tequila and threw it at an NSA recruiter.

quincunxAugust 16, 2006 4:29 PM

Bruce Schneier is unwilling to accept the full radical implications of his own views on security.

Bruce Schneier believes in doing security right the first time, as apposed to applying poor patches afterward., yet he won't extend this view to the issue of government.

Bruce Schneier is an optimist when he thinks he can control or advise an institution that thrives upon demolishing your security as its modus operandii.

Randall MunroeAugust 16, 2006 4:35 PM

Someone (the author of the PartiallyClips webcomic, I think) pointed out that the Chuck Norris (et. al.) facts followed PRECISELY the pattern of Paul Bunyan facts from old stories.

This was enough historical perspective to tip me over backward in my chair and leave me flat on the floor for a few minutes.

Anyway, when Bruce Schneier was a kid he would talk to his friends across the yard using tin cans connected by a string. The messages on that string were 4096-bit RSA.

Timmy303August 16, 2006 5:23 PM

Bruce Schneier once had to explain to Chuck Norris the difference between "threat" and "risk".

Mike C.August 16, 2006 5:54 PM

This one made me laugh out loud:

"Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it."

It is my favourite of the bunch.

AlanAugust 16, 2006 6:06 PM

The letters CALL BRUCE SCHNEIER can be rearranged to spell INCUR CELL BREACHES.

Coincidence? ;-)

IanAugust 16, 2006 6:07 PM

I think the real question is...

Can Bruce Schneier make a code so secure even he can't break it?

Stuart YoungAugust 16, 2006 10:18 PM

There are even more entries now:

There are no finite state machines. There are only a series of states that Bruce Schneier allows to exist.

Bruce Schneier taught Chuck Norris how to divide by zero as they stood silent in an elevator.

The only reason the Etruscan incriptions haven't been decyphered is because Bruce Schneier hasn't been bored enough to take a look.

Bruce Schneier is Knuth's homeboy.

Bruce Schneier once decrypted a box of AlphaBits

Bruce Schneier cuts meat in prime number lengths.

Bruce Schneier is the ideal man. Alice loves him; Bob fears him; Charlie wants to be him.

Bruce Schneier PGP signs his grocery lists so that he can detect if someone has tampered with his milk.

When the Zodiac Killer heard that Bruce Schneier was going to decrypt his messages, he turned himself in.

P = NP in Bruce Schneier's very presence.

Bruce Schneier was born with the Phaistos Disk in his fist.

Albert Einstein wears Bruce Schneier pajamas

Bruce Schneier writes his personal journal in Linear A.

Every time Bruce Schneier writes a fully general halt-checker, God kills a passenger pigeon. This is why passenger pigeons are extinct.

Mike C.August 16, 2006 11:52 PM

To anyone who says, "If you're not guilty, you have nothing to hide", Bruce Schneier asks for their internet search history.

-ac-August 17, 2006 8:37 AM

Bruce Schneier can operate the E-Z Pass system with his mind.
(aka SpeedPass, that radio tag highway toll thingy)

AnonymousAugust 17, 2006 9:58 AM

I laughed hard at this. Is that sad? =P

"When Bruce Schneier does modulo arithmetic, there are no remainders. Ever."

shoobe01August 17, 2006 3:11 PM

Re: the number of available (extant) epic passcodes, I assumed Bruce was writing his own. Of course.

aikimarkAugust 18, 2006 6:40 AM

* Paul Erdos only has a Schneier number of 2.

* Bruce is a prime example of a fine human being. However, we aren't sure how many digits that prime has.

* George Marsaglia's Diehard tests think Bruce's PRNGs are just dandy.

* Bruce's writing exceeds average entropy/character.

Chris BartsAugust 18, 2006 7:09 AM

Bruce Schneier uses your web of trust to trawl for phishers.

Bruce Schneier knows all primes that are also prime when their decimal representation is written backwards.

Bruce Schneier has an algorithm for kicking any god's ass, and it is O(log N).

Jay C. JamesAugust 18, 2006 3:22 PM

Bruce Schneier can observe a stream of entangled photons without weakening a single one. In fact, when the photons arrive at their destination, they are even stronger.

Kel-nageAugust 20, 2006 9:26 AM

"Though a superhero, Bruce Schneier disdanes the use of a mask or secret identity as 'security through obscurity'." - brilliant!

AnonymousAugust 21, 2006 4:06 AM

Vs lbh nfxrq Oehpr Fpuarvre gb qrpelcg guvf, ur'q pehfu lbhe fxhyy jvgu uvf ynhtu.

Jeremy BraytonAugust 21, 2006 3:09 PM

My favorite: "If you manage to steal Bruce Schneier's identity, you become the new Bruce Schneier."

hbzAugust 23, 2006 3:30 PM

I guess we also need to start Joe Celko facts:

- Joe Celko doesn't fetch data with SELECT. He issues the following statement:

COMMAND first_name, last_name FROM employee

... and data is compelled to obey

- Joe Celko doesn't use DELETE, either:

THREATEN data WHERE id = 17

... and the row deletes itself out of fear.

- Joe Celko doesn't need to use ORDER BY or clustered indexes. Heap tables and unordered rows obediently line themselves up like soldiers awakened at 4:00 by a drill seargant.

- The ISO is creating 2 new data types: celko and ncelko (and celko2 in Oracle). They store any data type you can possibly imagine, and many that your human mind cannot possibly comprehend.

- Normalize until it hurts, de-normalize until it works, and then submit your schema to Joe Celko's "SQL Apprentice" blog. Soon it will hurt again.

hbzAugust 23, 2006 4:14 PM

I guess we also need to start Joe Celko facts:

- Joe Celko doesn't fetch data with SELECT. He issues the following statement:

COMMAND first_name, last_name FROM employee

... and data is compelled to obey

- Joe Celko doesn't use DELETE, either:

THREATEN data WHERE id = 17

... and the row deletes itself out of fear.

- Joe Celko doesn't need to use ORDER BY or clustered indexes. Heap tables and unordered rows obediently line themselves up like soldiers awakened at 4:00 by a drill seargant.

- The ISO is creating 2 new data types: celko and ncelko (and celko2 in Oracle). They store any data type you can possibly imagine, and many that your human mind cannot possibly comprehend.

- Normalize until it hurts, de-normalize until it works, and then submit your schema to Joe Celko's "SQL Apprentice" blog. Soon it will hurt again.

- Joe Celko doesn't JOIN tables -- They join him. Not joining him would result in certain death.

--CELKO--September 9, 2006 9:20 PM

That "SQL Apprentice" blog is NOT mine! I have no idea who is doing it. I have never been contacted for permissions and found out about it when a friend told me.

AnonymousNovember 19, 2007 9:01 AM

I'll spoil the fun and post the full list:

If Bruce Schneier wants your plaintext, he'll just squeeze it out of the ciphertext using his barehands

Bruce Schneier got a perfect score on his comp-sci degree. Just by writing Bruce Schneier for every answer.

Whitfield Diffie and Martin Hellman use only their surnames out of fear of Bruce Schneier

Bruce Schneier can conduct secure multiparty computation... on his own

Bruce Schneier mounts side-channel attacks through the front channel

Bruce Schneier's discrete logarithms are uncountable and continuous

Bruce Schneier always inhabits the soundness of error margin of your zero-knowledge crypto protocol

When Bruce Schneier pre-computes S-box tables, he does it dynamically from the key... over breakfast.

Bruce Schneier can determine the exact location and velocity of any particle that's being used by quantum cryptography.

Quantum cryptography exchanged the Heisenberg Uncertainty Principle for the Schneier Dead Moral Certainty Principle when Bruce Schneier came to town.

Bruce Schneier knows Alice and Bob's shared secret.

Bruce Schneier eats 0s and 1s for breakfast. And snacks on pi.

Bruce Schneier memorizes his one time pads

Bruce Schneier assembled assembly...with his bare hands!

Bruce Schneier is computationally infeasible.

A mystery wrapped in an Enigma is no more puzzling to Bruce Schneier than a mystery wrapped in ROT-13.

Bruce Schneier doesn't even trust Trent. Trent has to trust Bruce Schneier.

Bruce Schneier once factored a prime number.

As Bruce Schneier says there is no Oscar for security theatre.

Bruce Schneier's secure handshake is so strong, you won't be able to exchange keys with anyone else for days.

Most people use passwords. Some people use passphrases. Bruce Schneier uses an epic passpoem, detailing the life and works of seven mythical Norse heroes.

Bruce Schneier's online purchases are so secure, his shopping cart is an M-1 tank.

Bruce Schneier doesn't need steganography to hide data in innocent-looking files. He just pounds it in with his fist.

Bruce Schneier can reverse any one-way cryptographic hash, just by staring it in the eye

Bruce Schneier can solve NP-Complete problems in NlogN time.

"When I wake up in the morning I piss cryptographic excellence." - Bruce Schneier

Bruce Schneier's tears can burn holes through an OpenBSD firewall. Lucky for us, Bruce Schneier never cries.

Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it.

Bruce Schneier decrypted the Bible. The plaintext read, "Bruce Schneier".

If you use the digits of Pi to generate a visual image, it draws a picture of Bruce Schneier.

The universe was created to serve as Bruce Schneier's crib text.

Bruce Schneier's public and private keys are known as "Law" and "Order."

SSL is invulnerable to man-in-the-middle attacks. Unless that man is Bruce Schneier.

When he was three, Bruce Schneier built an Enigma machine out of Legos.

Bruce Schneier once found the inverse of a trapdoor function counting only on the fingers of one hand

A vigenere cipher with the Key "BRUCESCHNEIER" is in fact unbreakable.

Bruce Schneier fully discloses his own vulnerabilities: none.

Bruce Schneier knows your private key.

Bruce Schneier's Twofish algorithm has 16 rounds, but he always gets a knockout in the first.

The nuclear launch codes held by the President of the United States are secured by an unbreakable system: a plain brown envelope with a picture of Bruce Schneier on the flap.

Ron Rivest wears Bruce Schneier pajamas.

Bruce Schneier was only allowed to view the Kryptos sculpture at Langley for 1 second, in order not to spoil the fun other cryptographers. It was 0.9 seconds too much.

Bruce Schneier doesn't have a chin under his beard -- just more ciphertext.

If at first you don't succeed at breaking a cipher, you're not Bruce Schneier.

In a fight between Ron Rivest and Adi Shamir, the winner would be Bruce Schneier.

The output of Bruce Schneier's pseudorandom generator follows no describable pattern and cannot be compressed.

There is no chin behind Bruce Schneier's beard. There is only another pseudorandom number generator and he's gonna use it to encrypt your face.

When Bruce Schneier does modulo arithmetic, there are no remainders. Ever.

It has recently been discovered that every possible hashing algorithm produces the same value for the phrase "Bruce Schneier" -- Bruce Schneier.

Bruce Schneier made Bell-LaPadula do a brutal doodle.

Bruce Schneier once broke AES using nothing but six feet of rusty barbed wire, a toothpick, and the front axle from a 1962 Ford Falcon.

Every time Bruce Schneier smiles, an amateur cryptographer dies.

Mr. T pities the fool. Bruce Schneier just pities his data.

Bruce Schneier can change most random distributions. With his fists.

Geologists recently discovered that "earthquakes" are nothing more than Bruce Schneier and Chuck Norris communicating via a roundhouse kick-based cryptosystem.

Sweeping NSA reforms will soon require all employees to grow a Bruce Schneier beard.

Bruce Schneier mounts chosen-ciphertext attacks without choosing the ciphertext

As initialization vectors, 'Bruce Schneier' and 'Chuck Norris' are interchangeable.

When Bruce Schneier uses double ROT13 encryption, the ciphertext is totally unbreakable.

The final Beale Cipher, written 175 years ago, detailing the rightful owners of a cache of gold, has just two words in its plaintext: Bruce Schneier.

Autographed copies of "Applied Cryptography" reguarly sell for twice the going rate for enigma machines on eBay

Bruce Schneier sneers and solves Godel's incompleteness theorems.

When Bruce Schneier clicks "Random Fact" the outcome is never random.

Humboldt squids have sensors capable of detecting clothing worn by Bruce Schneier at 800 yards - to trigger their flight response.

Beyond computational complexity, there is Schneiertational complexity

Bruce Schneier can straighten out an elliptic curve with nothing but his teeth

Bruce Schneier makes abstract algebra look like elementary algebra.


Posted by: Mike Schiraldi at August 16, 2006 12:41 PM


--------------------------------------------------------------------------------

My favorite:

Bruce Schneier is computationally infeasible.

Posted by: Pat Cahalan at August 16, 2006 12:53 PM


--------------------------------------------------------------------------------

Is the luggage we check, checked for explosives before it is placed on the Aircraft?

Posted by: George at August 16, 2006 01:00 PM


--------------------------------------------------------------------------------

I emailed Bruce this. Glad to see it got posted for the world to enjoy.

My personal favorite:
"When I wake up in the morning I piss cryptographic excellence." - Bruce Schneier

Posted by: Christopher Bowns at August 16, 2006 01:02 PM


--------------------------------------------------------------------------------

my favorite is
Humboldt squids have sensors capable of detecting clothing worn by Bruce Schneier at 800 yards - to trigger their flight response.

and i wonder what he saw when he went to the site ;)
When Bruce Schneier clicks "Random Fact" the outcome is never random.


Posted by: Rob Green at August 16, 2006 01:06 PM


--------------------------------------------------------------------------------

I thought I had done a decent job with "Ed Hoculi Facts" (the ultra-muscular NFL referee).

The best I can come up with is: "Beyond Fear is Bruce Schneier"

I stand in awe of the accuracy with which these replicate the spirit of the "Chuck Norris Facts." Bravo! - Tim

Posted by: TimTheFoolMan at August 16, 2006 01:10 PM


--------------------------------------------------------------------------------

My favorite: "Most people use passwords. Some people use passphrases. Bruce Schneier uses an epic passpoem, detailing the life and works of seven mythical Norse heroes."

Posted by: Justin at August 16, 2006 01:24 PM


--------------------------------------------------------------------------------

My favorite so far: "Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it."

Posted by: Bruce Schneier at August 16, 2006 01:29 PM


--------------------------------------------------------------------------------

Bruce Schneier's Twofish algorithm has 16 rounds, but he always gets a knockout in the first.

Posted by: N at August 16, 2006 01:30 PM


--------------------------------------------------------------------------------

I liked the "facts" site, but it's a bit too attention starved fanboy for my taste.

It does occur to me that these "facts" are more than a little too geeky to explain to my wife if I want to avoid extended celibacy.

A couple of comments on the facts I saw in TFA:
"Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it".
-Isn't this what Eskimos did when carving scrimshaw, carving away the excess to find what animal was inside the material, until they had the completed figurine? I suppose it could be done by calculating a one-time-pad against the random text to generate the article, but we all know how much he hates Crypto using one-time-pads, he might then have to put himself into his own doghouse.

Also; "Most people use passwords. Some people use pass-phrases. Bruce Schneier uses an epic passpoem, detailing the life and works of seven mythical Norse heroes."
-I doubt this, I mean how many epic poems about seven Norse heroes are there? 3-4 maybe? probably not even 10? Even with variations for typesetting, the key-space is just way too limited and the likelihood of a typo in a pass-phrase that long is too high.

I doubt that Bruce cares enough about his data security to implement a "strong" authentication solution. I would think he would implement a "reasonable, plus a bit more" solution. He would be the first to point out that having a uber secure, personally held cryptographic key signing token that's unlocked by a pass-number and biometric authentication is pretty pointless on a Windows Laptop connected to the Internet with a software firewall. Since there are so many easier ways to attack it than reversing the crypto its inefficient to increase the one thing that probably strong, better to try and secure it across the board.

Such a token solution would just be security theatre and if we're doing theatre darn it, we should have music and dancing girls.

Posted by: David Donahue at August 16, 2006 01:31 PM


--------------------------------------------------------------------------------

What's it like to be a folk hero?

Posted by: Rebecca Blood at August 16, 2006 01:33 PM


--------------------------------------------------------------------------------

"Bruce Schneier once broke AES using nothing but six feet of rusty barbed wire, a toothpick, and the front axle from a 1962 Ford Falcon."

I'll bet you Rijnmen and Daemen never saw that coming!


Posted by: Xyz at August 16, 2006 01:39 PM


--------------------------------------------------------------------------------

So when can we expect our WWBSD tee-shirts?

Posted by: Nick Lancaster at August 16, 2006 01:48 PM


--------------------------------------------------------------------------------

"Bruce Schneier's online purchases are so secure, his shopping cart is an M-1 tank."

There is an idea for my next project. No more wimpy shopping cart icons.


Posted by: Prohias at August 16, 2006 01:52 PM


--------------------------------------------------------------------------------

Bruce Scheier never mistypes his password

Posted by: kero at August 16, 2006 01:57 PM


--------------------------------------------------------------------------------

Bruce Schneier can sniff network traffic just with his nose.

Posted by: Giacomo at August 16, 2006 01:58 PM


--------------------------------------------------------------------------------

I am not Bruce SchNeier

Posted by: kero at August 16, 2006 01:58 PM


--------------------------------------------------------------------------------

Can Bruce Schneier design a cryptosystem so strong that he himself cannot break it?

Posted by: hellish at August 16, 2006 02:18 PM


--------------------------------------------------------------------------------

Bruce doesn't even use a password. All he has to do is to click on a link and admin access is granted automatically.

Posted by: Anonymous at August 16, 2006 02:22 PM


--------------------------------------------------------------------------------

Bruce Schneier knows all the passwords of everyone posting as "Anonymous"

Posted by: Anonymous at August 16, 2006 02:44 PM


--------------------------------------------------------------------------------

Heaven won't take Bruce, and hell is afraid he'll encrypt it.

Posted by: C.C. at August 16, 2006 02:52 PM


--------------------------------------------------------------------------------

For the other Brits hanging out here: Am I the only one who kept on thinking of Jeremy Clarkeson's haiku-like comments about The Stig, on Top Gear, when reading the Schneierfacts page?

Once I'd got over my shock at the idea of Clarkeson and co reviewing crypto, it was almost as funny as some of the Schneierfacts.

Posted by: Matt D at August 16, 2006 02:52 PM


--------------------------------------------------------------------------------

Windows was stolen from an OS design Bruce created as a prank when he was four.

Posted by: Timmy303 at August 16, 2006 03:02 PM


--------------------------------------------------------------------------------

It is a well-known fact among securty folk that there is no such thing as a DDoS attack; there are only Internet users trying to download Cryptogram at the same time.

Posted by: Timmy303 at August 16, 2006 03:03 PM


--------------------------------------------------------------------------------

The most commonly-used shellcode string in all exploits since 1989 is not the machine code for /bin/sh, it is machine code for "Bruce says open up."

Posted by: Timmy303 at August 16, 2006 03:15 PM


--------------------------------------------------------------------------------

Bruce is the primary cause of alcoholism among crypto size queens.

Posted by: Timmy303 at August 16, 2006 03:17 PM


--------------------------------------------------------------------------------

> Can Bruce Schneier design a cryptosystem so strong that he himself cannot break it?

Bruce Schneier *can* design a cryptosystem so strong that he himself cannot break it.
But then he'll break it anyway.


Posted by: Baron von Leezard at August 16, 2006 03:19 PM


--------------------------------------------------------------------------------

Bruce Schneier's multiplication tables are on the ITAR and look nothing like your multiplication tables.

Posted by: Timmy303 at August 16, 2006 03:19 PM


--------------------------------------------------------------------------------

if Bruce Schneier's beard and Chuck Norris' beard got into a fight, who would win?

Posted by: phessler at August 16, 2006 03:20 PM


--------------------------------------------------------------------------------

Bruce Schneier does his crosswords in Navajo.

(By the by, there are dozens of Icelandic Sagas involving more than 7 Norse Heros. Is it sad that I could list about twenty right now off the top of my head?)

Posted by: greymaiden at August 16, 2006 03:20 PM


--------------------------------------------------------------------------------

Yikes. Many of those were, in fact, pretty funny. And the "full list" included some I didn't see on the site, so that was useful.

I think my favorite might be "knows Alice's and Bob's shared secret", although there's a lot to be said for having built an Enigma machine out of Legos at age 3.

Posted by: David Dyer-Bennet at August 16, 2006 03:25 PM


--------------------------------------------------------------------------------

Holy cow, every web search ad I see for fact is now pitching books and products by Bruce. There's no end to it. It is marketing genius. I think it's a Google bomb or something even bigger. The Bruce Fact Engine could replace all the other Web 1.0 style search engines soon.

Posted by: Jimi at August 16, 2006 03:26 PM


--------------------------------------------------------------------------------

Chinese Remainder problems get one look at Bruce and remember what was where on their own.

Posted by: Timmy303 at August 16, 2006 03:36 PM


--------------------------------------------------------------------------------

You mean they're not true?!?

Posted by: Simon Law at August 16, 2006 03:39 PM


--------------------------------------------------------------------------------

Not enough squid-related entries!

Posted by: Paul Crowley at August 16, 2006 03:41 PM


--------------------------------------------------------------------------------

Bruce caused the cessation of hostilities in the Balkans using a slide rule, an Amiga and a case of Coors Light.

Posted by: Timmy303 at August 16, 2006 03:48 PM


--------------------------------------------------------------------------------

Servers don't crash, they suspend processing to pray to Bruce.

Posted by: Timmy303 at August 16, 2006 03:51 PM


--------------------------------------------------------------------------------

Bruce Schneier generated his RSA key with the two largest prime numbers.

Posted by: Kevin at August 16, 2006 03:53 PM


--------------------------------------------------------------------------------

Russian Peasants take one look at Bruce Schneier and stop multiplying.

Posted by: Alan at August 16, 2006 03:53 PM


--------------------------------------------------------------------------------

Bruce Schneier doesn't a key logger. He's standing right behind you.

Posted by: Kevin at August 16, 2006 03:55 PM


--------------------------------------------------------------------------------

Linus has publicly admitted that all the Security flaws in the Linux kernel 2.0 source tree were repaired by a single faith healing from Bruce

Posted by: Timmy303 at August 16, 2006 03:59 PM


--------------------------------------------------------------------------------

God calls Bruce Schneier for password resets.

Posted by: Kevin at August 16, 2006 04:01 PM


--------------------------------------------------------------------------------

Bruce Schneier breeds, raises, and trains Attack Trees for the Department of Defense's new Stealth Foliage Combat initiative.

Posted by: Timmy303 at August 16, 2006 04:03 PM


--------------------------------------------------------------------------------

I hope the new Bruce Fact Engine 2.0 safely wipes all the embarrassing and terror related search words and dirty phrases I've used out, before the police state agents call me in for questioning.

Posted by: Jimi at August 16, 2006 04:08 PM


--------------------------------------------------------------------------------

Bruce designed an algorithm on a napkin in the bar of the Alexis Park that could make all intractable problems quite tractable. Then he soaked it in tequila and threw it at an NSA recruiter.

Posted by: Timmy303 at August 16, 2006 04:11 PM


--------------------------------------------------------------------------------

NP pretends to be P when Bruce is nearby.

Posted by: Timmy303 at August 16, 2006 04:13 PM


--------------------------------------------------------------------------------

Bruce Schneier is unwilling to accept the full radical implications of his own views on security.

Bruce Schneier believes in doing security right the first time, as apposed to applying poor patches afterward., yet he won't extend this view to the issue of government.

Bruce Schneier is an optimist when he thinks he can control or advise an institution that thrives upon demolishing your security as its modus operandii.

Posted by: quincunx at August 16, 2006 04:29 PM


--------------------------------------------------------------------------------

Someone (the author of the PartiallyClips webcomic, I think) pointed out that the Chuck Norris (et. al.) facts followed PRECISELY the pattern of Paul Bunyan facts from old stories.

This was enough historical perspective to tip me over backward in my chair and leave me flat on the floor for a few minutes.

Anyway, when Bruce Schneier was a kid he would talk to his friends across the yard using tin cans connected by a string. The messages on that string were 4096-bit RSA.

Posted by: Randall Munroe at August 16, 2006 04:35 PM


--------------------------------------------------------------------------------

Bruce Schneier knows the exact attributes of all particles.

Posted by: ckelso at August 16, 2006 04:56 PM


--------------------------------------------------------------------------------

> "Ron Rivest wears Bruce Schneier pajamas."

If those existed, I'd buy one.

Posted by: Shura at August 16, 2006 04:59 PM


--------------------------------------------------------------------------------

Bruce Schneier once had to explain to Chuck Norris the difference between "threat" and "risk".

Posted by: Timmy303 at August 16, 2006 05:23 PM


--------------------------------------------------------------------------------

In Soviet Russa, encryption algorithms develop Bruce Schneier!

Posted by: Matthew X. Economou at August 16, 2006 05:40 PM


--------------------------------------------------------------------------------

This one made me laugh out loud:

"Bruce Schneier writes his books and essays by generating random alphanumeric text of an appropriate length and then decrypting it."

It is my favourite of the bunch.

Posted by: Mike C. at August 16, 2006 05:54 PM


--------------------------------------------------------------------------------

The letters CALL BRUCE SCHNEIER can be rearranged to spell INCUR CELL BREACHES.

Coincidence? ;-)

Posted by: Alan at August 16, 2006 06:06 PM


--------------------------------------------------------------------------------

I think the real question is...

Can Bruce Schneier make a code so secure even he can't break it?

Posted by: Ian at August 16, 2006 06:07 PM


--------------------------------------------------------------------------------

I liked the pictures. :-)

Posted by: Roxanne at August 16, 2006 06:09 PM


--------------------------------------------------------------------------------

This is a funny abomination.

Posted by: jsaltz at August 16, 2006 08:14 PM


--------------------------------------------------------------------------------

There are even more entries now:

There are no finite state machines. There are only a series of states that Bruce Schneier allows to exist.

Bruce Schneier taught Chuck Norris how to divide by zero as they stood silent in an elevator.

The only reason the Etruscan incriptions haven't been decyphered is because Bruce Schneier hasn't been bored enough to take a look.

Bruce Schneier is Knuth's homeboy.

Bruce Schneier once decrypted a box of AlphaBits

Bruce Schneier cuts meat in prime number lengths.

Bruce Schneier is the ideal man. Alice loves him; Bob fears him; Charlie wants to be him.

Bruce Schneier PGP signs his grocery lists so that he can detect if someone has tampered with his milk.

When the Zodiac Killer heard that Bruce Schneier was going to decrypt his messages, he turned himself in.

P = NP in Bruce Schneier's very presence.

Bruce Schneier was born with the Phaistos Disk in his fist.

Albert Einstein wears Bruce Schneier pajamas

Bruce Schneier writes his personal journal in Linear A.

Every time Bruce Schneier writes a fully general halt-checker, God kills a passenger pigeon. This is why passenger pigeons are extinct.

Posted by: Stuart Young at August 16, 2006 10:18 PM


--------------------------------------------------------------------------------

Iron MongooseDecember 3, 2007 2:48 AM

"Can Bruce Schneier design a cryptosystem so strong that he himself cannot break it?"

You cannot be serious. Have you people never heard of "Schneier's Law"??? He's not God, you know.

*struck dead by lightning*

smu johnsonSeptember 22, 2010 6:32 AM

1. Bruce Schneier can verify digital signatures with emails in his head.

2. MacGyver's character was based off of Bruce Schneier's ability to break block ciphers with nothing but a pen cap, an elastic band, and a paperclip.

smu johnsonSeptember 22, 2010 6:50 AM

3. It is faster for Bruce Schneier to guess your public key than it is for you to send it to him.

4. Kids check under the bed for monsters. The NSA checks under the bed for Bruce Schneier.

5. The FBI considers Bruce Schneier a spook.

smu johnsonSeptember 22, 2010 7:29 AM

6. Despite 10 years time since the AES contest, NIST is still unable to duplicate Bruce Schneier's "fist-to-the-computer" attack against Rijndael.

7. In Bruce Schneier's world, AES-256 and ROT13 are practically the same.

8. Bruce Schneier comes up with a new block cipher design every 30 minutes.

9. A quantum computer that can factor large numbers has existed for years. His name is Bruce Schneier.

10. Bruce Schneier became a millionaire overnight despite releasing Blowfish for free.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..