Comments

CzernoJanuary 8, 2016 4:29 PM

I had no problem to access and listen to the video and just the video (Google chrome + ScriptSafe). Very good audio and nice presentation, BTW...

rJanuary 8, 2016 9:06 PM

@SoWhatDidYouExpect,

LOL, and here I was just thinking how amazing it is for Mr. Schneier to have such a wonderful community following, deliberating and growing under his gracious eye - and here you and Mr. NoScript shine as two wise and careful fellows.

@Bruce,

Thank you for keeping the internet - interesting.

Sincerely.

John DoeJanuary 9, 2016 6:15 PM

@ Bruce Schneier

Many thanks for this interview, Bruce. In this context, I have a very personal question to you. Here is why:

I'm about to give in to the sweet temptations of technology. As I see how things change in general, I feel more and more isolated as privacy advocate. Until now, I'm trying to protect my privacy with sometimes extraordinary means. But the price I pay every day is high.

In this interview, you said something important: We cannot uninvent technology. We cannot tell people NOT to use a cellphone, Facebook, credit cards or using similar convenient tools. We need to change laws and regulation in the long run.

What does this mean for me?
Should I stop using Tor/PGP/OTR and paying with cash? Should I start using a cellphone and Facebook? (Even you have an iPhone!)
If nearly everyone around me is NOT seeking to protect their privacy, if the whole society values convenience (and "security") over privacy, should I just give in?

I mean this is a serious question. Everyone around me is enjoying the amenities of smartphones and being online 24/7 (and being watched 24/7). Noone in my daily life is really interested in the risks of surveillance and ubiquitous data processing. I'm about to give in.

NobodyJanuary 10, 2016 12:10 AM

@John Doe

Never give in! But, in order to not look "odd" to your fellow techno-slaves, it might be wise to stop bringing up the subject with them. Don't let them know you're a privacy rebel, so you aren't labeled as a dissident. Keep those feelings to yourself, but keep using cash, keep staying away from Facebook, keep using that "stupid-phone".

I'm wondering if I should continue to share my feelings of surveillance fear with those folks who just don't get it. I don't want them to "out" me, if they think I'm up to something just because I don't buy into the lifestyle of being connected to everything, all the time.


@NoScript
Thank you! that worked.

@Daniel
I'm using a Windows box, and I just did a right-click, save link as...
And I did get the file locally, and can open it with VLC.

BoppingAroundJanuary 10, 2016 9:31 AM

John Doe,
I think it's up to you and I think that 'everybody is doing it' is a
shite metric in very many cases.

For me, having some semblance of a private life has so far seemed as a better
choice than most of the so-called conveniences offered by corporate overlords.

And as somebody said once, 'A man minds his own business only if it is worth
minding. Otherwise he will mind yours.'

John DoeJanuary 10, 2016 2:09 PM

@ Nobody

Thanks for your reply.
The problem is this: You don't necessarily need to talk politically to people about surveillance and privacy. Not words but simply actions are revealing enough. If everyone uses credit cards, Facebook, WhatsApp, smartphones, unencrypted email, vanilla web browser - but you don't use those convenient tools, you are an outsider and even suspicious in many cases (aka "only criminals use cash, encryption, anonymity" and so on).

@ BoppingAround

Thanks for your answer.

@ Bruce Schneier

I'm still looking forward to your view on this. Perhaps you will find some spare time. :-)

Willam LeeJanuary 10, 2016 8:25 PM

@John Doe
Do what you think is right for you. Privacy is a personal matter. Nobody can advise you on how to handle your privacy.

Keep in mind that not only can technology cannot be un-invented, once out of the bottle, the genie cannot be put back in. That is, once you've given up your privacy you can never get it back.

Personally I own no cell phone, always pay with cash (the ATM at my local branch is the only location I make withdrawals). I don't use Facebook or Twitter or Reddit or Gmail (or any Google product, including search). If some random site requires scripts to run in my browser, I move on. I don't feel I'm missing out on anything.

Do what is right for you, don't ask others to make your choices for you - doing so means you've given up your freedom before they even answer.

CuriousJanuary 11, 2016 1:45 AM

If I remember correctly, Bruce got a question about operational security. My impression of Bruce's response was that this idea of op-sec seem to be futile against a state adversary, however I can't help but think of something that would help, in the short run:

• In games I play, it has been said, that you ought to behave as if being watched by the enemy team player, players which will shoot you compulsively if you sit still, or isn't hiding behind a rock or something. It is a historical fact in my country, that the state will put cameras in your apartment if you are interesting enough. I remember it was commentated by someone said to have been involved in the surveillance, that watching someone masturbate was "though", whatever was meant by that. The simple trick of putting a blanket over ones head, something Snowden did iirc, seems like a very simple but effective way to counter hypothetical problems that has to do with people literally looking over your shoulder.

• It is always best to have options, then at the very least, you have some initiative to act on whatever you want to do, not having to be forced to do one common thing. And so having the initiative implies the means, and the time, both equally important as they complement each other.

Ofc, these are very generalized ideas, and because of that probably making it difficult to evaluate their value for anything op-sec given the lack of details, but I like to think it is refreshing. I guess I like to think of such arbitrary ideas as "expanding the concept", looking at the details to try see if something obvious is dulling my imagination. Though, I am too lazy to do this consistently, otherwise perhaps I could become a great designer/artist/engineer one day or something I liked to think. :)

CuriousJanuary 11, 2016 1:46 AM

I should add that I am not the regular tech guy, that works with IT and security, so what I wrote was from the perspective of someone that doesn't know much about networking or security.

CuriousJanuary 11, 2016 2:47 AM

Another thing that I would like to add to what I wrote above about my thoughts about op-sec:

With initiative and time being complementary, or so I would like to think, so is having both a tactic and a strategy. One being the means and the other the knowledge of what you hope to achieve as a specific goal.

Though, I can see how focusing too much on one aspect (like strategy) can turn out to be a bad thing, especially if this was not about computer security, but instead relating to anything deemed threatening to you, in which the mere idea of defending oneself will probably turn really ugly if acting on the most effective means available to try defend oneself.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.