I'm Writing a Book on Security

I’m writing a book on security in the highly connected Internet-of-Things world. Tentative title:

<blockquote><i>Click Here to Kill Everybody
Peril and Promise in a Hyper-Connected World</i></blockquote>

There are two underlying metaphors in the book. The first is what I have called the World-Sized Web, which is that combination of mobile, cloud, persistence, personalization, agents, cyber-physical systems, and the Internet of Things. The second is what I’m calling the “war of all against all,” which is the recognition that security policy is a series of “wars” between various interests, and that any policy decision in any one of the wars affects all the others. I am not wedded to either metaphor at this point.

This is the current table of contents, with three of the chapters broken out into sub-chapters:

  • Introduction
  • The World-Sized Web
  • The Coming Threats
    • Privacy Threats
    • Availability and Integrity Threats
    • Threats from Software-Controlled Systems
    • Threats from Interconnected Systems
    • Threats from Automatic Algorithms
    • Threats from Autonomous Systems
    • Other Threats of New Technologies
    • Catastrophic Risk
    • Cyberwar
  • The Current Wars
    • The Copyright Wars
    • The US/EU Data Privacy Wars
    • The War for Control of the Internet
    • The War of Secrecy
  • The Coming Wars
    • The War for Your Data
    • The War Against Your Computers
    • The War for Your Embedded Computers
    • The Militarization of the Internet
    • The Powerful vs. the Powerless
    • The Rights of the Individual vs. the Rights of Society
  • The State of Security
  • Near-Term Solutions
  • Security for an Empowered World
  • Conclusion

That will change, of course. If the past is any guide, everything will change.

Questions: Am I missing any threats? Am I missing any wars?

Current schedule is for me to finish writing this book by the end of September, and have it published at the end of April 2017. I hope to have pre-publication copies available for sale at the RSA Conference next year. As with my previous book, Norton is the publisher.

So if you notice me blogging less this summer, this is why.

Posted on April 29, 2016 at 1:02 PM160 Comments


max April 29, 2016 1:20 PM

Please don’t call them ‘War[s]’ and continue to catastrophize + romanticize infosec. Just say ‘fight’ or ‘battle’ or ‘problem’.

Yet another Bruce April 29, 2016 1:20 PM

Not sure I like the widespread use of war as a metaphor. War is hell. Copyright law not so much.

Jurors Tried by Political and Religious Big-Data April 29, 2016 1:24 PM

Jury duty is a mandatory civic duty. Jurors are lucky to get paid for lunch.
However jurors are quietly being put on trial using their big data against them. No permission is required.

One judge pressured Google and Oracle to refrain from doing any Internet or social media research en prospective or selected jurors for the DURATION of the trial. He reasoned that the private lives of jurors should be off-limits.

Once the trial is complete the losing party will begin an exhaustive big-data search to develop reasons to overturn the verdict. However in reality they will hire a jury-selection corporation with their preferences inputted. Then during the courtroom jury selection process, big Data analytics will instantly decide jurors most likely to be sympathetic. Corporations desire a malleable, easily persuaded over-sharing person. Citizens who practice self-censorship (no blabbering social media footprints) will be deemed wild-cards and excluded.

Juror Political and Religious Views
Especially valuable are jurors political and religious views.
The Big Data corporations already know who will win most elections based upon their mass surveillance networks. Regrettably Houses of Worship leadership recently made business decisions allowing Big-Data to monetize their church/synagogue families. Regrettably they too are allowing third party eavesdropping of members personal spiritual lives. The aptly named ‘Lucifer in the Flesh’ app even tacks your location!

Citizens and government fed by Corporations

Corporations build superior intelligent networks
Eliminate many professional careers (hopefully targeting health-care & pharma!)
Robots Battle Each Other (high-frequency trading, espionage and wars)
Big-Data Manages Disenfranchised Lives (reducing scope)


John Campbell April 29, 2016 1:24 PM

When one party has access, it will spread until everyone has access.

I hope you have read Brunner’s “Shockwave Rider”, especially towards the end regarding the power-base; I also hope you have read Brin’s “Earth”… not for the main story, perhaps, but for the privacy (or lack thereof) issues.

If my personal information will be public, I want those “in power” to have their lives at least as transparent as my own.

Michael April 29, 2016 1:25 PM

Hi Sir,

Yes, you are missing the War on Terror – and the resulting War of States vs. People/Companies.. Or is this the Militarization?

Warmest Regards, Michael

Server Power April 29, 2016 1:28 PM

the ‘internet of things’ still seems to me like an orwellian attempt to prevent people from understanding how having the right to operate ‘servers’ with their non-business-class internet access connections could quickly and fundamentally change the balance of power greatly. Hillary understands this.

Hugo April 29, 2016 1:31 PM

One thing that amazes me is that with every new design cycle, we tend to forget all the lessons we learned at the previous cycle. The first computers and their operatings systems had little security features. We learned a lot from all our mistakes and modern operatings systems are now more secure.

The first ‘version’ of the internet had simple and naieve protocols and was not designed with security in mind. Modern protocols like HTTP/2, IPv6, DNSSEC all offer security features.

When the first smart phone arrived, it had little security features. No means to control what data applications could access, etc. Again, we all learned from our mistakes and the latest iOS and Android releases even have a dedicated privacy section in the control panel.

The same cycle of naieve desiging can now be seen with the creation of SmartTV’s, smart cars, etc. My guess is that all IoT devices will arrive being very insecure. We will all make the same mistakes we made in the past. We will all learn the same lessons we learned in the past. And hopefully we will all include the same security features in those devices as we have done with other devices.

Perhaps you have something interesting thing to say about this.

Anton April 29, 2016 1:32 PM

My advice on the metaphors is to move towards language that accurately addresses the foundations of the problems with IoT stuff: lack of transparency, and lack of trust which accompanies that. We just don’t know how many critical devices work, from voting machines to cars to pacemakers, and we’re forced to blindly trust them. That’s the danger with IoT – blindly trusting that a piece of hardware or an algorithm is going to give us the “answer” we want if we can’t inspect or understand the way it came up with the answer. I really liked Frank Pasquale’s book regarding this which was published last year (though it focuses on financial algorithms more than security).

Evan April 29, 2016 1:46 PM

I don’t like the alarmism of ‘Wars’ either but this is also the key to war in the silicon age. Blowing up roads and bridges to attack infrastructure is passé. The real targets will be the internet-aware infrastructure, which will be attacked – and not just by state actors, but also by terrorist groups, paramilitaries, organized crime, etc.

Isaka April 29, 2016 1:55 PM

One aspect that I rarely see getting attention, is that the various responses tend to be threats on their own. When the prevention or remedy experience is woefully inadequate then people don’t respond in the intended way. It would be nice to give that some space too,

David S. Cargo April 29, 2016 1:59 PM

Seems like there’s a gap in the book covering what we know have been problems already: problems with home network modems, home network attached storage, web-enabled cameras, network-enabled lighting systems. Part of the analysis of existing threats that could carry over to future IoT would include, what are the problems that are currently known, why are there problems (now), and why the problems aren’t getting fixed? Unless future IoT is composed of things that can securely update their code to fix problems that discovered after they leave the factory, any roll-out of significant numbers of IoT devices is just asking for future trouble.

Mailman April 29, 2016 1:59 PM

In the electronic version of the book, will the reader actually be able to “click here” ?

me April 29, 2016 2:06 PM

The war for comments/”social consensus”.

We are in a world with companies being hired to fake post political stances, Hilary Clinton’s Superpac financing reddit trolls, scammers creating fake reviews/comments on products, the whole “black SEO” market, buying of twitter followers and facebook friends and a known Russian troll factory that pumped out political posts both for its own side and to discredit the opposition. OH yeah and Wikipedia being shown to have turned into a massive king of the hill battle for what information the page displays.

I think this is critical and fits well with your wars within wars idea as each idea that plays out in the court of public opinion will face a comment war with corporate mercenaries and possibly outright bribes for censorship.

I would be amazed to see someone approach what is usually a tinfoil “shills broke my forum” type discussion with research and a level head.

Felipe Mafra April 29, 2016 2:06 PM

Hi Mr. Schneier!
I think that you can talk about Insider Threats. People brings “these things” over the company, not juts employees but also managers, who usually have more access and permissions. One day, I went into a C-level manager and he has a Sony Dash over his table, connected into the corporate wireless network. Sony Dash has been forgotten by Sony over the years, and it runs over Chumby platform, which has several flaws and vulnerabilities. You can easily enter into this “thing” and jump easily into the corporate network.
Someone can ask my why.. It’s because you have some couple of apps which is not reviewed or secured by Sony. So, for instance, when you install a Twitter viewer and insert your username or password, it goes into one server before going into the Twitters server. So, you can easily exploit this MitM server and go into the corporate network.
This is just a small example of how could employees easily bring “these infected things” into a corporate network, allowing someone to access several confidential information.

Best regards,
Felipe Mafra

Darth April 29, 2016 2:07 PM

Instead of war wouldn’t it be a little bit better to use the term conflict? The term “war”, its use, is so out-dated and over abused that it makes me cringe.

Secondly “war” has to be declared between two or more parties. I highly doubt anybody has legally “declared” war on data, privacy, internet etc.

AJ April 29, 2016 2:44 PM

Maybe allow yourself one war if you want to keep the metaphor, but have it made up of battles, campaigns, fronts etc. The things you currently list as separate wars can’t be such given that they are highly interconnected. What is the overall war that encompasses them all fundamentally about?

Bob April 29, 2016 2:45 PM

I too am frustrated at the changing definition of “war” to any conflict, disagreement, or even mere difference of opinion, for which you want to make it sound more exciting or scary or hyped up. No need to declare it, or have any specific entities it’s between, or even any need to have a way for it to end (no possibility for “peace”)… just the whole world is “at war” for eternity because not everyone agrees on everything…

Dr. I. Needtob Athe April 29, 2016 2:45 PM

An issue I’m concerned about is that I can’t take advantage of any of these “things” without going through the manufacturer’s server, which is probably collecting data on me. I guess their excuse is that setting up direct communication from a person’s phone to his home would require networking knowledge that the average customer doesn’t have, yet companies seem to flaunt their invasion of my privacy with regular reminders that they’re watching me.

For example, Nest regularly sends me statistics on how much heating and air conditioning I used during the month and how it compares to past months. I also have a light switch that goes through another remote server. The possible data collection is no big deal here, but the resulting lag is irritating. I know it would work much faster and be more reliable if it communicated directly.

One issue that your book might be able to clear up is that there doesn’t seem to be a popular name for appliances that are controlled through a server, as opposed to a name for ones that are, or can be, limited to communication between a home and its owner. If such a distinction existed and became generally known it might help raise awareness.

Petter April 29, 2016 2:47 PM

A few things comes to mind regarding War on data/Militarization of the Internet.

As even military equipment begin to require internet connections to call home and transfer data some dramatic changes occur. The data is in some instances both controlled and owned by the manufacturer of such equipment.
Countries buying the equipment are putting their sovereignty in the hands of private corporations in another country.
You see this with satellite systems with shutter control, the F-35 with ALIS for data owned by Lockheed Martin etc.

Another matter is the hunt for extremely fast networks and low latency to reap benefits in HFT (high-frequency trading).
New private dark fibers, extreme processing, faster protocols.
These systems does not need to be killed to cause huge effects. A little delay, some small alteration in the network could be enough.

Bob April 29, 2016 2:48 PM

There’s an exception: If you call your book “WWIII” as a way to poke fun of this redefinition of war to mean literally anything, I’d be ok with that…

Francois Laberge April 29, 2016 2:50 PM

In terms of missed subjects. A few missing ‘wars’: A War On Journalism (there is no way especially to do any serious stories on inner military dynamics BECAUSE security), mass protesting (getting treated as potential terrorists), and definitely all this stuff leads to a war on the right to not self incriminate.

A largely unexplored space I’d love to hear you dissect is on what exactly democracy is when:
– Civilians can never know what is being done using their taxes in terms of military/economic competition with other countries/corporations/etc.
– When with mass surveillance political strategy can out maneuver the masses/activists with better information. And automated sentiment analysis type techniques can be used to know when to push for something or wait, or hell even lobby crazy ideas out into the world and measure if you could get away with it.

NRM April 29, 2016 2:51 PM

World-Sized Web – maybe “omniweb”? That’s easier on the tongue, and it would imply an all-encompassing web that’s gobbling up everything (browsers + phones + internet of things), that’s far beyond our everyday experience of web. And you could also talk about the orthoweb or paraweb as vertical (orthogonal) and horizontal (parallel) layers. There are probably even more options if you dig into Latin/Greek prefixes.

Al Liebl April 29, 2016 2:51 PM

I would be interested in seeing your commentary on the security “haves” and “have nots”. Most of the population is oblivious to security and threats so they will always be disadvantaged in understanding/dealing with these challenges. This “caste” system creates problems for everyone as the “have nots” become the unwitting fodder in these conflicts.

Rcmaniac25 April 29, 2016 2:52 PM

Maybe “The Threats of Minimum Viable IoT”

As in, there seems to be a growing segment of individuals and corporations who are making IoT devices ASAP without seemingly any attempt at security implementation. Suddenly, every light bulb in your house can be hacked and will net you access to internal WiFi networks. Or something along those lines. If some time was spent on security design, maybe that wouldn’t be possible.

David Leppik April 29, 2016 3:00 PM

I agree that “war” is an overused metaphor, and it blurs the line between physical violence and other kinds of threats.

@NRM: Omniweb was the most popular web browser on NeXTStep, and remained popular for a while when NeXT morphed into Mac OS X.

Tube Traveler April 29, 2016 3:08 PM


World-Sized Web – maybe “omniweb”?

How about “Globally Interconnected Networks”, or perhaps shortened to “Global InterNet”.

Endless Rant April 29, 2016 3:16 PM

Off: am I missing something or there has been some sort of a spike in the use of the word “empower” and its derivatives?

Server Power April 29, 2016 3:21 PM


An issue I’m concerned about is that I can’t take advantage of any of these “things” without going through the manufacturer’s server, which is probably collecting data on me. I guess their excuse is …

Technically they don’t need an excuse. If you aren’t able to take advantage of it yourself, you are free to either spend the money, or start a campaign to acquire the necessary capital, to build a better product that could compete with theirs. I’ve never owned a Nest(tm) brand thermostat, but I have an engineering degree and I know what can be done with an arduino, a raspberry pi, free and open source software, and a business class internet connection that does not forbid one to operate their own server from home. I.e. you are free to do it yourself, and it won’t be particularly challenging either. Just more expensive. In theory in a capitalistic framework, the better solutions will thrive in the marketplace. I think however the NSA has done a good job at confusing the overall situation.

Tordr April 29, 2016 3:22 PM

I am more and more against the “war” and threats analogy. We have to talk more about power and fear.

Bureaucracies (both private companies and public) tries to attach identities/roles to everything and everyone, and give this roles certain privileges. E.g. this person has these credentials and since these credentials have access this amount of funds. These credentials therefore give access to these privileges. The attachment of identities and quantifiable privileges has multiplied as computers are exceptionally good at doing that.

Now security problems arise when these identities/privileges/roles are misused in ways that the bureaucracies have not thought about, and someone is hurt because of this.

If we always talk about “war” and “threats” we as security researchers are taking sides with the bureaucracies against the little guy. Because “wars” bring out winners and losers.

Inequality and power imbalances only appear in the long run, when our “wars on threats” have been won or lost.

A “war on drugs” has been waged for 30 years and we have all lost, please don’t write a “war for cyber-security” book only to find out that the big guys have won the battle and we are all living in a version of 1984. Start with an examination of the bureaucracies behind all of this.

K.S. April 29, 2016 4:11 PM

I think you should also discuss automotive Car2Car/IoT security risks. We have Miller’s work, then we have other OnStar hacks. What are these if not early adoptions and problems of IoT?

Arclight April 29, 2016 4:16 PM

One new trend that we’re seeing is that our devices are becoming less and less autonomous. The idea of “integrated entertainment” or “self-driving car” now implies 24/7 network connectivity with the mother ship. For applications that require lots of CPU or storage, this makes things work better. For everything else, it just means that the devices we pay for:

  1. Are generating data about us and giving to 3rd parties in real-time
  2. Are becoming more like wrappers around software-as-a-serivce products and no “things we own.”

The first real example of this I can remember is the mobile phone. From day one, the carriers have disabled features, locked the handsets to their service and generally made it difficult to use products purchased at their stores elsewhere.

Now we’re seeing this with thermostats, cars audio, security systmes and small appliances.

I feel about as much attachment to these devices as I do to my electric meter. The fact that device development is following the same “minimum usable feature set” principle that other elements of the web do just increases this feeling.


Bruce Schneier April 29, 2016 4:34 PM

I hear you all about using the word “war” in this metaphorical sense. I agree that it’s overused, but the war metaphor — Crypto Wars, policy battles — is well trodden and easy to fall intoI need suggestions about what else to use. Anyone have any ideas?

Bruce Schneier April 29, 2016 4:38 PM

“Instead of war wouldn’t it be a little bit better to use the term conflict? The term ‘war’, its use, is so out-dated and over abused that it makes me cringe.”

I really don’t see much of a difference. It’s still the language of war used metaphorically.

Server Power April 29, 2016 4:57 PM


The first real example of this I can remember is the mobile phone. From day one, the carriers have disabled features, locked the handsets to their service and generally made it difficult to use products purchased at their stores elsewhere.

I’m sure Bruce Schneier’s existing bibliography covers these and more but- video game consoles were hard-core walled gardens before apple’s mobile phones were. Long before that there were razors/blades/printers/ink. I wasn’t really alive and/or that technically aware, but amongst the FCC docs I’ve read, I get the impression that Ma Bell was dominating handset technology in exactly the same way before a wave of public sentiment equivalent to the New Deal opened that market up. I’m reminded of certain Ferengi attitudes towards capitalism along the lines of “isn’t cornering the market the whole point?”. I remember hearing stories from old school silicon valley folks about million dollar computers that had steel bars or something as part of their design, and the only purpose was to prevent independent enhancement of the computers they were selling. I.e. to maximize profits, hardware producers have a long history of trying to control post-purchase enhancement and innovation of their products. If they can prevent it all, they can dribble out features along a timeline of planned obsolecence to maximize shareholder value.

Insecure At Anyclock April 29, 2016 5:21 PM

Maybe this isn’t a place you want to visit, but the role of economics plays a key part in how we got here and why it hasn’t gotten better. People can’t pay more to get a better home router, for example, bevause no one has been incentivised to build it. Market for lemons and all.

WRT positioning the title… maybe crisis is closer?

Server Power April 29, 2016 5:37 PM

People can’t pay more to get a better home router, for example, bevause no one has been incentivised to build it.

My explanation is obviously that the first thing any innovator is going to want to put into their improved home router is going to include something that looks like a ‘server’, which is forbidden by most residential ISP’s non-business-class terms of service. While in practice, the ISP may not block incoming connections, all of a sudden at least half the consumer market that will err on the side of obeying the ToS, is not going to buy your router that requires they pay for the ‘business class (server allowed)’ tier. And thus this company dies in the face of other companies that market an ‘app’ that talks to their server, and thus is obviously kosher for most people’s residential ISP contract.

In other words, you are dead on the money when you talk about incentives. That is a key facet to the big picture. If the FCC came out and said that everyone, due to network neutrality, is allowed to run a tor middle(and/or exit) node, despite what their ISPs terms of service say, we would see a lot of innovators thusly incentivized to produce some pretty awesome solutions for the market place. Of course I guess the standing logic is that if you invented a new gun that was 1% the price of the previously existing equivalent model, more people would get murdered with it. I.e. here if everyone were allowed to operate servers from home, it would make PRISM less effective, and thus some increased number of children would get kidnapped and exploited/raped with their child porn distributed on these highly secure home servers. Or at least that’s the feeling I get from the style of public policy debate surrounding this issue. And I tend to believe Schneier’s assessments (oft backed up by actual statistics), that these WoD style fear arguments are mostly baseless.

ianf April 29, 2016 6:19 PM

@ Bruce

     Anyone have any ideas?

I think the issue is of such gravitas that it warrants a new label of its own, even if it is a neologism: so how about (what in metaphoric sense it really amounts to): the Cryptokampf?

(Analogous to, and rhymes with wikipedia.org/wiki/Kulturkampf – which, having been incorporated into Globalenglish, no longer is strictly a German word).

r April 29, 2016 6:28 PM


I don’t think using conflict as a short description is a good idea as it could lead to conflicting interpretations.

Sure, the conflict over privacy is a confliction of interests as far as our Constitution is concerned but don’t believe it’s a good word to use in a phrase that had specific meaning.

David April 29, 2016 6:34 PM


One great tool to use in sorting through the Internet/Insecurity of Everything can be derived from the statement in your basic security book: that in order to protect something you need to make it more expensive to access the thing that the value of accessing that thing. We apply that equation to determine the safety of something by determining the value of the thing (or the combined value of things using the same protection), and then ask ourselves if we can afford to make it that expensive to penetrate the security we can afford to provide. If the math doesn’t work out in our favor we’ll know it’s not a bright idea to put it on the Net.

A good example of this is people keep wanting to put voting and voting machines on the Internet. If we look at the value of the thing we are trying to protect, being able to nudge an election to achieve our policy outcome, it turns our to be a massive number. We can see how big the value is by looking at how much is expended to change what governments do now. At the low end we have the billions spent on political campaigns and lobbying, and at the high end we have waging wars. So what are we willing to expend to counter that dedication of resources? In the US voting machine security is being done by little companies with tiny budgets and under constant pressure to cut costs to stay competitive. The math doesn’t look good, yet there is a relentless effort to put voting on the Internet. The math tells us how that’s likely to work out, and we can do that analysis for other Things.

Also, if it doesn’t feel like war now, wait a little while.

Thanks for keeping up the good fight.

Brian April 29, 2016 6:56 PM

Culture wars. The German language has a word specifically for it –

Also the war on private ownership, not just privacy. For example, by turning books (hardware) exclusively into e-books (software) and applying a software licence, ownership stays with the publisher/author and the reader no longer owns the book outright. I hope the forthcoming book will be available under both forms.

So the war on private ownership turns us into renters rather than owners. This diminishes our freedom.

The whole rental model typified by SaaS and other ghastly cloud-based
architectures that create artificial dependencies reduces otherwise powerful client computers to dumb thin-clients that are almost constantly tethered to an omniscient and ‘always to be trusted’ cloud. This digital paternalism is deeply unsettling.

r April 29, 2016 7:01 PM


Also I agree with what everyone is saying about war being overused… But considering how many battle ‘fronts’ have opened up in what is very seemingly very much a war for a lack of a better word or description.

Also, note ‘information warfare’, ‘psychological warfare’. You did not choose this battle but were duly selected and promoted based on your performance during the last war/battle.

If they’re not at war why subvert everything under the sun? Why name enemies of the state? Why criminalize and persecute things that during a relative time of peace wouldn’t be significant enough to waste congresses time on.

Being successful in capitalism is mastering the race condition that is economics.

We are at war, the walls fell but the apparatii continued… Just like Iraq and Afghanistan a democratic society didn’t just materialize out of thin air… What’s worse… What’s the word they use on TV… Asymmetric, that’s what happens when the vision of your arch nemesis dissolves and is replaced by the hydra of despotism, cronyism and nuclear proliferation.

Welcome to the RAT race.

Impossibly Stupid April 29, 2016 7:13 PM

One threat that I hope you’re sure to include is when the war machines are turned on the innocent and/or their own creators (e.g., bomb scares, swatting, etc.). An “arms race” stops making sense when a lapse in judgement/security means that your own weapons provide the arsenal to attack you. Seems like a strong indication that these new fights should be handled defensively as much as possible.

And there is a better metaphor than war that is even more future-aware: biology. When you have an Internet of so-goddamn-many-Things, it really lends itself to animal analogs. There is already some of this lingo already in the industry (e.g., infections by viruses), so extending it to other behaviors works well for both the positive and negative attributes of the technologies. The bonus is that it also bridges the gap with biotechnology and the security implications that field brings into the mix. It’s less about being a “World-Sized Web” and more about being a “Living Web”.

Grauhut April 29, 2016 8:10 PM

Its a war against the broad informational empowerment and cheap self publishing that came with the internet.

Those in power want us dumb and silent again. The more they spy on us, the more they fear us. Thats all. 🙂

CIA drone murder by metadata is just copycat, free riding.

The Question is: When will they start killing us, their own people, those they fear because of our opinions and knowhow in making ourselfs hearable?

Not Bruce April 29, 2016 8:27 PM

Are you covering the seriously asymmetric awareness of the average person in regards to security requirements? I am thinking of my parents’ ISP who dropped off a router configured with default passwords and probably did the same at several other homes. There was an implicit trust that the installer knew what he was doing, that the ISP did as well, etc. Trust and lack of awareness makes things like the Bangladesh Bank heist a bit easier.

Likewise, there are developing nations that collect biometric data to verify identity – good luck to the trusting citizen trying to sort out the mess when a security hole is exploited.

John Campbell April 29, 2016 8:45 PM

The War Against Non-Conformity.

Let’s narrow the bell curve so Seldon’s PsychoHistory can be far more predictive.

Max Merkins April 29, 2016 9:07 PM

Is your “war of all against all” Hobbes’ bellum omnium contra omnes? That’s the usual sense of the phrase in English, meaning an anarchic state of nature. But the current situation’s not anarchic. It’s rule of law with a subset of states flouting the law. So the most important threat is the threat from overreaching states like the US. That means, in the war against the rights of the individual, the enemy is not the rights of society, the enemy is the overreaching state. And almost all the other wars boil down to states that either won’t respect your rights in their own actions, or won’t protect your rights from corporate interference.

Wars and threats are nifty and the beltway bandits like them, so maybe it’s a Norton marketing decision, but what’s actually happening is the US and some of its favored industries fighting tooth and nail against the consensus of the world. And by the way, if you ever had occasion to mention the consensus of the whole frickin world except the beltway, it would be totally original and groundbreaking, in the USA, anyway, because US state religion makes this stuff taboo:



It’s like Erskine Childers’ editors said, put a romantic interest in there. He thought it was bullshit, he put one in and got rid of her as soon as he could. It probably kept some extra people reading. So put some humans in there. All this zoomy stuff is supposed to be for our sake, Right?

Rick Taggard April 29, 2016 9:09 PM

Bruce, @all

1) there is and has been, and certainly will continue to be, intense cyber espionage wars going on. Both nation state based and large corporation based. Often, the two working together.

I do not think this should be attempted to be fit into the “cold war” model.

It is different. It is no longer about – or with the painful pretense of – ideology. It is about money. It is about knowledge. It is about power.

2) The “war” term. Never been popular, but also is popular. It does fit. Bruce is Bruce, not a polemicist.

3) I do view the current round of debates as partly defensive (due to guilt of massive failures, like Snowden, and fear of repercussions, which they have avoided). OPM was a failure. There have been a lot of serious intelligence failures.

Normally, people get fired for far less.

But, I also view this as partly turf wars. Who will get the big cybersecurity budget. Who will become the primary owner of the cutting edge cybersecurity hacking.

When someone is raising hell about security dangers, and being a pundit like this, very often they expect to get something in return. Like the budget necessary for the manpower.

Squeaky wheels do often get the grease, and even if not, it is a basic human tactic.

4) The argument that, if backdooring becomes real, it will offshore encryption and security technology. This is a few moves down the board, but unfortunately, even in upper leadership quarters many simply do not ever think a few moves ahead.

It is ludicrously inevitable.

5) Risk and threat. I very often see people way over estimate their risk, and the threats against them. This is the first analysis people should personally do. What do you have which anyone else wants?

Conversely, who is it who is a best target of secret surveillance? Surely, anyone high in government. In many types of corporations. Very often, even peripheral players can play critical “ins”. For instance, your friendly neighborhood janitor. Or security guard. Or spouse. Or secretary.

Politicians in democratic society are especially vulnerable to secret surveillance with an eye to control. Everyone has secrets. Everyone does and says things off mic. The smallest of their sins can ruin their career. This certainly does also apply to even unelected officials. Such as we saw with the downfall of Patraeus.

6) Ramifications of secret surveillance, and of strategies and tactics which depend on it.

I really rarely see this anywhere, except in very rare fictional shows, and in declassified, WWII documents. Certainly, there is also more in memoirs and declassified studies on organizations democratic (Hoover) and totalitarian (any of them, but especially the slicker groups like China or Russia) where these strategies are outlined.

Hacking is not just a form of surveillance. It is the most powerful form of surveillance available.

It can provide blackmail material. It can give edges in competitions, like in politics, plans can be leaked to the press or competitors. Or, in business. It can provide material to have profound, esp like rapport with people so they instantly and deeply trust you.

Hoover, for instance, damned well near controlled the government. Nobody knew about it then, except politicians and presidents who kept their mouth shut. Out of fear. The man could not be fired and got himself to a position where he could do almost anything.

But, that has been overly hashed out. What are the possible ramifications tomorrow? If an organization is enabled to have largely unfettered capacities for secret surveillance, how can they be stopped — or even detected?

If they have the capability to run slick undercover programs, combined with that capability, they can do anything.

Secret surveillance, in the form of hacking, certainly can provide them funding. With funding, they can disconnect from the government. Or, continue to run their piddling programs as a cover for what they really do.

Yes, this sort of scenario was expounded in “Swordfish”, and some other fictional scenarios. But, even the most absurd of tales sometimes uncannily predict the future. Or, reveal what already is and nobody knows about it.

7) Sabotage.

Nations can pretty well sabotage adversarial nations via hacking as they will. Assuming they have no penetration.

But this can also be subtle. You want to have your corporate interests decimate foreign corporate interests? There are many ways, theoretically, even the largest of enterprises can be decimated by hacking. And the culprits can get away with it, too.

Simple, small matters like being able to get them to overestimate their next quarter’s revenue can do enormous damage.

Implanting obscure software bugs which cause their accounting to become ‘hard to notice’ flawed.

And so on.

Grauhut April 29, 2016 9:15 PM

Non-conformism is terrorism, aren’t we (NATO States) already at war with these non-conformists?

We have to hate hate speech, thats good hate! 😉

Parker Higgins April 29, 2016 9:35 PM

I’m very curious about the Copyright Wars section, as I see two distinct forces that coalesce on DRM and control. In particular, I’ve written about this a bit at EFF both in the context of technological autonomy and secure communications, which are two sides of the same coin but are not always recognized as such.

Hopefully you’ll be in the office before you dig in to writing too much and we can talk about some of these things, but in any case I’d be happy to read an outline or draft of the book (and of that chapter especially).

Rick Taggard April 29, 2016 9:50 PM


1) If a nation gets a golden key, or golden keys, for their nationally made systems, how can they ensure this is not stolen by adversarial nations, or even organized crime?

Historically, they definitely can not assure that.

Especially considering the potential value of it. Consider, the FBI spent seven million to get data from the SVR on Hanssen. And an unknown “millions” for this recent break of an out of date iphone.

You could be talking about having 100 million to spend towards such an operation. Bribing someone with near access for a million is nothing. Nevermind they are a bit better at getting rid of people then you could expect criminals to be.

They can claim there are no moles. They fixed the problems they found with past moles. These are empty claims.

2) One of the interesting problems arisen with the rise of these technologies is both the difficulty and power these technologies provide to “undercover”.

Why does “undercover” matter? Because if you do not want to be on anyone’s radar, your group is best to be undercover. The flimsy, cheap way to do this is simply have your firm with an inauspicious name in the outlands of Virginia or Maryland. As many do.

The more secure way is to go all out and really blend in.

More secure way is necessary for doing more useful things.

On one hand, you see even untrained, but diabolically clever loser mid-life adults create false persons using other people’s online information.

On the other hand, if you are creating a paper trail, how do you do it? Disguises which can pass airport security, done. Israel did it in 2010. Some Chinese guy did it a few years ago with tech that can be bought for 700.

How do you pass fake dna? You have to compromise the databases.

And it is far harder to just be someone who never existed before. You have to replace someone real, who exists, online.

That can be a bit of a tightrope.

After all, if anyone can check up on the real person, they can prove you are a fake.

Facial recognition can scan past known databases, but also available material for social media. So, your mask better tie back to someone who exists, or you are clearly fake.

Grey Eagle April 29, 2016 10:54 PM

Total Informational Awarness of the Masses

IoT and other technology, for instance, genetic, ultimately all combines to give an incredible portrait of a person. Singular people are valuable, depending on their context. But, having all information about everyone, is the tool to have for perfect governance.

What is their health, from their attached monitors? How much do they exercise? From their fridge, what do they eat? How much money do they have?

Collecting, continously, all of their written and spoken words, what kind of analysis can be run on them. Who do they vote for? Do they have the possibility for violence? Can they change who they vote for? Are they criminals, or likely to become criminals? Look at where they live, what they say, and who they know.

Real, meaningful maps of everyone. This does not exist today. Who knows who, and how, and how well?

Tying together video cameras, and even better, upping the resolution, so you can accurately and automatically read lips or translate vibrations into speech for archival. Where are people driving and walking to. Where were they Tuesday, where were they twenty years ago, on Tuesday, May the fifth?

Are they a good job candidate? Well, twenty years ago, they may have dabbled in communism or satanism. So, probably not. Besides, they drink too much, and are overweight.

Consider, no more crime. Even if everything everywhere is not entirely video wired, who committed the crime can be found from video in the vicinity. Or disappearance of likely suspects and additional monies used by them they did not have before.

Genetic and behavioral predictive behavior. Why do we lock up violent criminals for life? Because we can predict they will re-offend.

Same thing with predictive analysis.

You can tell who will offend, even if they never have before.

Is someone’s marriage on the rocks? Is it dangerous, where one spouse may murder the other? You can get right in there and stop that before it even happens.

Who would be good parents? Who would not be.

How do you solve divergent thinking. For instance, some people believe things you hate and disagree with. Well, with all the data on their life, you can have governmental intervention and re-educate them.

Everybody, therefore, can get along, because everyone will believe the very same things.

Often, “totalitarian” governments have a lot of sorts of people they just prefer to disappear. IoT can provide endless ways to “make it look like an accident”.

This would revolutionize the death squad business.

Tomorrow? We can all get along happily. With a few minor adjustments.

Russ April 29, 2016 11:22 PM

I think the biggest problem with the IoT is that for many/most of those things, many/most people won’t realize the extra exposure their new ‘connected’ thing does to them. Companies will add connectivity to washers, dryers, toasters, fridges, etc whether it makes sense or not and many consumers could care less but might be affected because of those new connections. If those new appliances automatically connect to any open WiFi then it becomes an attack site. What will your toaster do when it gets infected with the latest bit of malware? How many other people will be affected when it burns your house/apartment building down?

The IoT is marketing gone crazy. I should have been a lawyer; they’re the only ones that will really profit from the problems we can’t completely imagine yet.

I hope a secondary market of non-connected devices evolves. It probably will when enough big problems surface to scare folks away from the IoT concept.

Gerard van Vooren April 30, 2016 3:11 AM

Here is a title: 2061

The book 1984 was written in 1948. In 1984 it wasn’t “1984” yet but today it is. With Newspeak, Big Brother, whistle-blowers in exile or jailed and no accountability for the wealthy. We also see a dictator era, notably Turkey but the dictator virus is spreading. I think that in 2061, “2061” is a fact.

Citizen X April 30, 2016 3:33 AM

@Rick Taggard

It is different. It is no longer about – or with the painful pretense of – ideology. It is about money. It is about knowledge. It is about power.

It may no longer be about a very one-dimensional ideological landscape, but don’t dismiss the way that history’s simple one-dimensional idealogical spectrum has blossomed into a more multi-dimensional landscape. You are certainly correct, money is a big part of it, but I don’t think the book has been closed on long term epic ideological clashes and shifts. Snowden appears to have been motivated by ideology more than money AFAICT. But maybe he’s just a really good really well paid actor (or advanced CGI puppet) for all I really know.

Drone April 30, 2016 3:58 AM

From the ToC it looks like you have things well covered. If you haven’t done so already include: Abuse of an already corrupt and incompetent Patent and Copyright system as a corporate weapon. And the quest for zero-privacy or self-regulation when it comes to how you move (transportation), how you live (health care and what you eat), and where you get your energy (“Smart” meters are just the tip of the coming regulation iceberg).

Bruno April 30, 2016 4:03 AM

Title too similar to Evgeny Morozov’s “To Save Everything, Click Here – The Folly of Technological Solutionism”?!

Piet8stevens April 30, 2016 4:06 AM

Agree that calling everything a war is not helpful.

I am not sure where you would cover this:
– impact of education and its weaknesses on all of this. How education needs to change to address these security issues
– competing legal systems – is it better to use cloud services under US law vs, say, Swiss law
– differences and opportunities/ threats from the political system: democracy vs dictatorship

Juhani April 30, 2016 4:15 AM

Emergent behavior example was about how a car factory rarely blew fuses. The reason was that when all the robots welded at the same time, it blew the fuses. So emergent behavior will create new interesting risks, even something as trivial as “power on all houses water boilers” could cause problems and would be impossible to find.

Current level of industrial security is basically physical barrier. I have read a paper how one HART (protocol that also defines 4-20mA analog use) sensor could be used to gain access to network by pushing commands/sql injections over module names to controllers. That’s almost an analog protocol!

I remembered the famous node.js left pad module.
What is less known is that it’s O(n^2) complex, though hidden as the array (n+x) is copied every iteration.
What I am getting at is blind (dev) are showing the way to blind (end user).
What will happen when the IoT programmers will get to the current level, mostly import a module and google for answers. I remember asking help from respected coworker and then noticing how he started googling on the variable I named, sure he got nowhere. I tried to learn F#, but even the cheatsheet was bloated and books were written for people with fast legs and short attention span, we do like you are used to, but different. The minds of current node.js writers are different from ada programmers. Current dev-s are hard pushed to produce code and functionality, produce more. One could say it’s hive-minded programming.
Thinking fast and slow. Somehow thinking fast is idealized and more efficient.
A strong individual inside that kind of hive is quite an unstoppable predator.
I have an advanced course using Ada, language is instructors whim. It’s really difficult to be that precise, in your own mind and it takes time for everybody, even the probably postdoc who gave the course. Writing something correct takes more effort, to stop and think precisely.

One question is, who is responsible? In current (corporate) culture nobody else cares, you have a contract with a vendor and the other does not care at all, it’s his responsibility. One chapter could be the culture, very busy bosses are asked for decisions by giving choice (psychology), contracts give out responsibilities, the latter looks like the risks are being managed. And everybody lies small white lies, or blame is pushed to you and you are fired. All those small white lies and think fast mentality adds up.

jul April 30, 2016 4:25 AM

Yes, the threat to a society posed to society by asymmetric privacy. Aka : Quis custodiet ipsos custodes?

Gyges tale: a man that can be in full privacy can commit crime.

Plato Republic “all men are mean, thus the wise should protect themselves to live in peace, and closely watch the citizens, while the city should be ruled by the wise men”

Results: how can we tell apart rulers that want privacy to commit crime from rulers that wisely protect themselves?

Who watches the watchmen?

Experimental rule:
Systemic asymmetry in privacy/surveillance is a way to measure a gradient of power. The bigger the asymmetry the bigger the power diff.

Clive Robinson April 30, 2016 4:42 AM

@ Bruce,

You need a section to actually explain threats.

Most people have no idea what threats there are nor which ones are most likely to cause them harm directly or indirectly.

You should also explain the “Boiling frog” principle that causes apparent minor signs to be ignored that turn into significant harms. (for those in the UK a non ICTsec case in the papers currently is Sir Philip Green, his Wife, the one pound sale of BHS to a bankrupt, the missing half billion from the pension fund and the 11,000 employees who assumed it was not all goibg to go horribly wrong)

More obviously to ITsec but missed by everyone else the relentless creep of increasingly draconian legislation which will destroy peoples rights and ability to live the lives they wish they could etc.

Like others here I don’t like the term cyber-war, the reason is not because it is not arguably true, but the broader populations view and thus reaction.

You call it a war they are predisposed to the military etc finding solutions. Call it crime and they are way less likely to alow military solutions.

The term cyber-war has been used very specificaly as part of the FUD to precondition the citizens which is yet more “boiling the frog” which can not end well…

nicomo April 30, 2016 7:43 AM

I fear that by using the metaphor of the War, you’d be playing along with the narrative that we are (forever) at war indeed, and that in times of war it is normal for dissent to be limited, for people to circle the wagon and defer to authorities.
I find this metaphor counterproductive.
My 2 cents.

Steve April 30, 2016 8:28 AM

Another request to not use war as a metaphor. I suggest fight instead. As suggested in another comment, war is hell, security is not.

Bruce Schneier April 30, 2016 9:02 AM

“Title too similar to Evgeny Morozov’s ‘To Save Everything, Click Here – The Folly of Technological Solutionism’?!”

I have thought about it, and I don’t think so. We’re both playing off the “to ((something)), click here” meme.

Bruce Schneier April 30, 2016 9:04 AM

“Another request to not use war as a metaphor. I suggest fight instead. As suggested in another comment, war is hell, security is not.”

I will think about this. Problem is that we already have “the crypto wars” and “the copyright wars.”

tordr April 30, 2016 9:04 AM

One missing part:
The “war” on the ability to see/audit the code running that is running on your computer or phone. Two examples comes to mind:
1. The TTP has provisions against ordering companies to show/audit the source code.
2. The Encrypted Media Extensions (EME) has been introduced as a W3C draft specification

Bruce Schneier April 30, 2016 9:05 AM

“‘Battle’ is still too strong. How about ‘skirmish’?”

Once you’re using the war metaphor, I’m not sure the particular word makes that much of a difference.

Clive Robinson April 30, 2016 10:15 AM

@ Rick Taggard,

Hoover, for instance, damned well near controlled the government. Nobody knew about it then, except politicians and presidents who kept their mouth shut. Out of fear. The man could not be fired and got himself to a position where he could do almost anything.

Except reach back in time secretly…

This is why “Collect it All” is such a significant threat, orders of magnitude worse than Hoover. Hoover had to wait untill his own position late in life was secure enough to start his secret surveillance, and only when he had collected enough could he start slowly flexing his surveillance bounty muscles.

Imagine though that you are a twenty something administrator with megalomaniac ideas who could just siphon it off in a few days…

We all make mistakes, or get into situations that although innocent can be misconstrued and used against us, unless we already have power to have the problem “sanitized” or what ever the current “wet work” euphemism is these days…

Adam Shostack April 30, 2016 11:05 AM

I think that the zombie threat is important. This includes devices from companies that are no longer around to update them, no longer willing to invest in updating them (hello, Windows XP!), and the many vulns they inherit from random open source libraries.

Even when the company is around, they may or may not track the vulns which get fixed but might not get communicated.

chris l April 30, 2016 12:03 PM

One “war” that’s implicit in some of the ToC items but not really identified explicitly is the “War for your Eyeballs” (or your consumer dollars, which is why they want your eyeballs). That’s the one that most visibly affects most people, and is driving some of the battles (for your computer, for your personal information, IoT) between individuals and companies that they deal with.

I sort of half-agree about the war metaphor being overused. I think it would be fine to leave it there if the chapter titles were redone to not make “war” jump out at you at every chapter heading. It kind of beats you over the head and will likely make many people throw up their hands and give up, feeling that they’re shoveling against the tide.

CallMeLateForSupper April 30, 2016 12:08 PM

“I really don’t see much of a difference [between “war” and “conflict”]. It’s still the language of war used metaphorically.”

Several executive administrations would agree with you there. In recent decades the U.S. has had a war on poverty; wars on crime; a war on drugs; a war on terror that morphed to war on terrorists briefly only to morph back to war on terror.

It is fashionable to label any face-off as “war”. But this puffs up the conflict and diminishes the shooting war. Worse, it is tiresome for readers when every “competitive or opposing action of incompatibles; antagonistic state or action (as of divergent ideas, interests, or persons)”[1] is called a war. Is there no use for “conflict” then? Will lexicographiers soon demote the word to “archaic” and ultimately banish it from dictionaries?

I know war, and the IoT friction is not war.

[1] Merrian Webster – http://www.merriam-webster.com/dictionary/conflict

Alan April 30, 2016 1:49 PM

If people are too ambivalent about describing the situation as “war” by itself, perhaps a better choice would be “tug-of-war”. The notion of two groups pulling a rope against each other, where the center position keeps shifting back-and-forth over time as one of the groups gains a temporary advantage over the other, seems like a suitable analogy for what we are currently experiencing in terms of privacy, security, copyright, etc.

Rick Taggard April 30, 2016 2:24 PM

@Citizen X

Rick Taggard wrote:It is different. It is no longer about – or with the painful pretense of – ideology. It is about money. It is about knowledge. It is about power.

It may no longer be about a very one-dimensional ideological landscape, but don’t dismiss the way that history’s simple one-dimensional idealogical spectrum has blossomed into a more multi-dimensional landscape. You are certainly correct, money is a big part of it, but I don’t think the book has been closed on long term epic ideological clashes and shifts. Snowden appears to have been motivated by ideology more than money AFAICT. But maybe he’s just a really good really well paid actor (or advanced CGI puppet) for all I really know.

These things depend on one’s definitions. While there are consensual agreed upon words, in use, we are getting right away into more specific and individual use.

(As language certainly allows.)

So, ‘what I mean by ideology’, is most specifically the appearance of it.

Nations have ideology which they juxtapose over their “national interests”, just as people juxtapose their own ideologies over their “personal interests”.

Very often these ideologies simply function as shortcuts, abbreviations, of those interests.

It is not unrelated to what researchers have found with individual human beings distinct dependance on the “strawman” glasses. Well replicated studies. In short, everyone has a natural tendency to make “strawman” arguments against everything contrary to their most highly held beliefs.

It is the mind’s way of shortcutting thought, is one theory.

Like a blind spot of the eyes, where our minds fill in the blanks with probabilistic, statistical imaginings… instead of constantly having to perceive raw data every moment, all the time. Which is far more cost prohibitive then just relying on memory and imagination.

But, for instance, we see these blinders come increasingly off.

There is little to no room for the ideologies of old for the work of thieving. Thieves are not successful if they are not inherent professionals. They have no mistake about it, they are after the money. It is for no higher nor different cause then their own best interest.

Attempting to put such causes on them, only is detrimental, in professional thievery, to accomplishing their objectives.

Sometimes, certainly, thieves may rationalize or even strategize “angles”. For instance, some will say, “no one cares about stealing from this target” (because they are so rich, etc). But, that is a good survival cause. If they target groups that would bring universal condemnation on their heads, they greatly increase the chance of failure.

I put national and personal interests in quotes, because while there is strong evidence that people and corporate entities work in their own best interests; the fact is, as noted above, people are flawed. And so very, very often do what is not in their best interests.

What hacking is like is a glitch cheat in a video game, where there is multiplayer involved.

Everyone has to use the glitch, or they lose.

It completely ruins the aura and delusion, the suspension of belief, of the game. But, they have to use the cheat or lose.

Snowden was working by ideology, certainly. But, so are the folks against him. This is how such ideology works, why it is successful, and why it is relied on. Because you can have many divergent perspectives all aligned together.

Sure, each side may see the other as traitors to the ideology – in this case, the ideology of freedom and maintaining that – but because of this dissonance, there is that debate happening.

Snowden probably felt horrible enough about what he saw, to feel he had no choice but to act.

Likewise, this is how those on the otherside of that debate must feel.

So, they keep it up. They both are working entirely by ideologies. Otherwise, there is zero reason to even think longer on any of it.

Certainly zero reason to have any feelings, either way.

But, zeroing in on this, a little:

Snowden appears to have been motivated by ideology more than money AFAICT. But maybe he’s just a really good really well paid actor (or advanced CGI puppet) for all I really know.

I am not aware of any case where paid actors are used in a very high level conspiracy. This was a very high level conspiracy, as “conspiracy” is the very definition of covert work.

The reason for this is because you can not trust to have people keep their mouths shut just by money.

Anyone engaged in a very deep conspiracy has to have a very wide range of deep handholds to be trusted in such a conspiracy.

So, it is, across the whole history of intelligence, the only time actors have been engaged is when they just happen to be actors and have agreed to be full blown spies.

Like Inglorious Basterds. Where you see a popular German actress there willing to work with the Allied powers? That part of the movie certainly had basis in fact.

And it is also true, like in that movie, they invariably ended up dead. Almost.

This does not mean undercover is not acting. It is horrifically demanding acting. It often engages the same sort of work one finds in both long and short cons, which also rely heavily on acting. But, I would never call a spy or grifter an actor, because what they are doing is so very much more.

Where this idea has come up, has been from some recent conspiracy theories that have zero concern about accuracy, like the Sandy Hook deniers:


cgi, also, no.

Could, however, Snowden be working for an external, well resourced group? Yes, he could.

He is in Russia right now, so that, for one, eliminates a lot of potential theories. Including also the “he is just a well paid actor” one.

Generally, spies do what they do for their beliefs.

They are ideological, in that sense of the word. But, this is assuming that I mean the same thing. I do not. It is pragmatic. It was necessary to be done for the greater good of the nation and the world, and the line to that was very clear cut.

The problem with his opponents is they are all closely grouped together. They have a responsibility to bullshit each other. It is how they keep hired, and how they make their way through their subculture. Their beliefs are their currency.

But, Snowden does not require such bullshit to maintain his currency with the groups who agree with him.

A Nonny Bunny April 30, 2016 3:41 PM

Obviously, going with the theme of the last two book titles, the title should be something like “What the fridge saw”; simultaneously referencing the internet of things spying on us and a Malcolm Gladwell book. 😉

Rick Taggard April 30, 2016 4:24 PM

@Clive Robinson

Except reach back in time secretly…

This is why “Collect it All” is such a significant threat, orders of magnitude worse than Hoover. Hoover had to wait untill his own position late in life was secure enough to start his secret surveillance, and only when he had collected enough could he start slowly flexing his surveillance bounty muscles.

Imagine though that you are a twenty something administrator with megalomaniac ideas who could just siphon it off in a few days…

Very good points.

We all make mistakes, or get into situations that although innocent can be misconstrued and used against us, unless we already have power to have the problem “sanitized” or what ever the current “wet work” euphemism is these days…

Quiet sabotage from a fellow coworker who happens to be in a similar subculture as the target.

The ‘flying soldier’s’ metaphor.

Clive Robinson April 30, 2016 4:39 PM

A Nony Bunny,

the title should be something like “What the fridge saw”

Or how about “What the ‘dumb buttler’ saw”.

tyr April 30, 2016 10:28 PM

There’s a lot more to war than just the boys on
the sharp end. The Hollywood view is superficial
about it but the real thing is a lot more akin
to what Bruce is talking about. Vulnerabilities
exist all through the thread of the logistics
train and everyone of them puts you at risk of
losing the war/s to something you missed from
ignorance or inattention.

The war on enlightenment is ongoing as the loons
who want the good old days of stability keep trying
to turn back the clock to the wonderful dark ages.
In the meantime the Shlockmeisters continue to
shoel half thought out crap onto the consumer
dummy without a clue about consequences.

At least somebody is thinking about this.

Bytopia May 1, 2016 5:28 AM

@Grey Eagle
The map is not the territory though. How much time till those knobheads figure that out?

@A Nonny Bunny
And what the actress said to the archbishop near that fridge as well 🙂

Dr. Longbeard May 1, 2016 6:24 AM

completely agree with other commenters on the use of the word ‘war’. Here in The Netherlands the habit of calling every action a war is laughing stock, the more as so far most ‘war on X’ efforts are highly unsuccessful. The war on drugs, poverty, Iraq, Iran, ISIS etc. Most shocking is that some of these so called wars are even US government policy. So please Bruce, don’t become yet another warlord.

Markus Peuhkuri May 1, 2016 7:04 AM

As many IoT devices are in cloud (i.e. they cease to function without cloud backend), many issues are even more severe than just in cloud:

  1. If service provider goes out of business, you will lose all data collected (as in cloud services) but also part of your home (like lighting, heating) will cease to operate.
  2. Same if provider decides ot to support it anymore (like Google receently did)
  3. If cloud servers are hacked, so is your home network too. Your home network security is always minimum level of worst IoT device you have connected.
  4. Same, if e.g. warrant or NSL (or equavalant) is served to your cloud proider.

Cyber Rich May 1, 2016 7:50 AM

The industry also has a built in challenge of obsolescence. I go out and buy a bunch of IoT devices for my home automation and a year later they are obsolete, there is no more tech support and the online control portal website is gone. Result – no more working home automation devices. It has already happened with some products. This threat is inherent to the industry with immature, competing “standards”. No external threat required. Is this a factor in your war?

Curious May 1, 2016 10:02 AM

I don’t want to sound rude, but I will say that this notion of “The Rights of the Individual vs. the Rights of Society” is troublesome for me.

I suppose that one could easily discuss both parts (individuals vs society) by themselves and also that in that way it could make good sense, but as a generalized problem in itself (this vs that), I find the possible notions of “society having rights” to be very unclear.

One possible issue I think, depending on exactly what is being talked about, would be that anyone excluded from any type of society would render the notion of the proverbial “society” somewhat meaningless I will argue. And, I can’t help but think that the very notion of “society” as a generalized meaning or a generalized term, is only something meaningful when simply making the case for a particular generalization (an instance of actually making a generalization in writing or verbally), and so, to to compare other specific things, or even, other generalizations to a known generalization, would lack poignancy I think.

To be perfectly honest, I think that what so to speak rubs me the wrong way with this notion of “society” being a generalized term, is that I find it hard to think of “society” as being an idea about something universal (a lot of people and a lot of things, like corporations and organizations), yet somehow still including/or rather risk including, particular things that just so happens to relate to very problematic things like the business of one or more governments, and to more abstract things like local or global “law”. Disregarding this
idea of mine here, of there being power players like governments that imo likely risk end up being favored somehow in a discussion about “society”, by mere fact of simply existing and exhibiting rules and regulations, I also can imagine how there is a risk, in discussing anything “society”, of being paradoxically forced to focus on a select moment (like now, or recent time) or period in time, which also obviously could, or would, exclude past times in history, and even the immediate or far future.

Rick Taggard May 1, 2016 1:32 PM

@Dr. Longbeard

completely agree with other commenters on the use of the word ‘war’. Here in The Netherlands the habit of calling every action a war is laughing stock, the more as so far most ‘war on X’ efforts are highly unsuccessful. The war on drugs, poverty, Iraq, Iran, ISIS etc. Most shocking is that some of these so called wars are even US government policy. So please Bruce, don’t become yet another warlord.

There is the term “struggle”, but then you have “jihad” and “mein kampf”.

But, this is very true. It is painfully Orwellian.

wumpus May 1, 2016 1:47 PM

Maybe we should steal the Chinese word for war for this type of thing (googling tells me “jan jeng”, but bablefish is down for me). I think there is a bit of a disconnect between the limited definition of Carl von Clausewitz’s idea of war (which is basically the definition of the English word “war”) and that used by Sun Tzu in a mult-pronged struggle of which “war” is only a part.

This “outside of the box” thinking seems central to both the teachings of Sun Tzu and Bruce, and really seems to fit the security model Bruce has been pushing. I just don’t know if “jan jeng” is the word we want (and it probably needs to be down to one syllable to beat out “war”).

Satan's Advocate May 1, 2016 2:05 PM


The Rights of the Individual vs. the Rights of Society

This is often said in terms of “one person” or “many”. Where “many” may mean “the nation”, as in “national security”.

It is also thinking behind tyranny. You can justify anything horrible against one person if you can justify that what they are doing is harmful against all. So, you see this as a basic trait of tyrannies.

Painfully ironic, the people doing these false justifications invariably are the very ones most destructive to their own nation.

Tyrants do not build. They destroy and suck up. Totalitarianism is not the way of the future, as these folks think. It was what humanity is attempting – with great resistance – to leave behind.

The nature of collective parties, of nations, is to move towards tyranny and totalitarianism just as the nature of water is to seek its’ own level.

The worst danger of building up overly invasive domestic government surveillance systems is exactly what we have seen with any totalitarian society that has attempted to do the same.

It would rot the system from the inside.

Exactly why, in Batman, the audience immediately understands Batman’s mega cell phone listening device is bad and must be destroyed. Or they understand the immense precautions the designer put into his mass surveillance system in order to prevent the complete dissolution of society.

I actually do not believe the concerns anyone has are ultimately about “the individual”, rather, it is along the lines of the founding documents and writings of the US. That proper and strong caution against corrosion not from the people nor foreign governments. But from the very government they are being tasked to create and lead.

You don’t act like the Stasi and then just go, “Well, I quack like a duck. I wobble like a duck. But, I am not a duck.”

The Stasi, Gestapo, Fascist, KGB, North Korean… these should not be the primary leading “lights” for the world’s most powerful nation.

Unless that is exactly what they want to become.

And why do people do this?

They have no hope, so they live for the power they can get now.

tordr May 1, 2016 4:16 PM

One thing to remember when labelling everything as a war. Is that actions that are illegal/amoral in times when there is peace is allowed during war.
E.g. killing someone. The threshold for killing someone without punishment is very high during periods with peace, but when there is a war going then killing someone with the right is not only not punishable but also encouraged.

John Carter May 1, 2016 5:05 PM

Here is a comment, which on the surface is off-topic, but is very insightful and worrying…

There is a very real conflict between the requirement for stability and security.

Especially in the realm of “things that must work together”. If this widget is built up and tested (connascently coupled to) with that gadget, a tiny change in the behaviour of the widget may stop the system of widget plus gadget from working.

Thus engineers building networks of gadgets favour stability over security.

The first problem is that security bugs are typically also, well, bugs. They may make your software crash or misbehave in annoying but apparently harmless ways. And when you fix that bug you’ve also fixed a security bug, but the ability to determine whether a bug is a security bug or not is one that involves deep magic and a fanatical devotion to the cause so given the choice between maybe asking for a CVE and dealing with embargoes and all that crap when perhaps you’ve actually only fixed a bug that makes the letter “E” appear in places it shouldn’t and not one that allows the complete destruction of your intergalactic invasion fleet means people will tend to err on the side of “Eh fuckit” and go drinking instead. So new versions of software will often fix security vulnerabilities without there being any indication that they do so, and running old versions probably means you have a bunch of security issues that nobody will ever do anything about.

Place that along side…

This merge window ended with 12,172 non-merge changesets being pulled into the mainline repository.

I can tell you as someone who builds and deploys this sort of system for a living, these are insanely scary numbers.

The flip side of this is, if you expect me to guarantee it will work…. and keep working, you had better grant me a fat data pipe to allow me to monitor and upgrade it.

Which of course will also be a prime attack vector.

On the other side of the picture, I see C/C++ as inherently doomed. We cannot sustain this.

abscissa May 1, 2016 9:28 PM

I’m certain it will be a thoroughly researched book, dense with carefully selected references, and pretty much without peer in its timeliness.

But I’ve gotta go with title #1. Who wouldn’t read that book? And even starting from that stepping stone might supply unexpected inspiration.

Zaakiy Siddiqui May 2, 2016 12:38 AM

I for one would appreciate if some thought is given to what the incentive is for IoT threat actors: i.e., disruption caused by radicalists…e.g., environmental radicalists, religious extremists, hacktivists, and nationalist extremists both in the East and the West.

Jo Doform May 2, 2016 1:43 AM

From you table of content the book looks like it rides on the wave of fear and war currently very popular.

I miss how we as a society coped with past lost conflicts (or wars in your terminology) of security. We have been dragged over table by banking (now even worse with the drive to reduce the use of cash), the health insurances and mobile telecommunication. There we lost pretty much all privacy and security, but the society is still functioning reasonably well.

Americans seem to be totally panicked by the idea of them losing a war. However in reality, in most cases the people on the losing side just cope with it and didn’t worry too much once they survived the initial atrocities. In the long run, survival is the only thing that matters.

So get used to the idea that we’re going to lose and just make sure being on the losing side doesn’t become too much of an inconvenience and piss into the data pool whenever you get the chance until the winners have forgotten that water isn’t supposed to be yellowish.

And here’s a film about what it could mean to be on the losing side: Brazil

gulfie May 2, 2016 2:37 AM

0) definitions.

1) Taxonomy, security of, around, and for what?

2) The balance between profit and quality. ( e.g. profits first and quality can go suck an egg)

3) Reflections on Trusting trust… In an era where the powerful have no repercussions. E.g. VW, Pick a banking scandal, or voter fraud, or affluenza.

4) With sensor dust the only safe place to store data will be inside your head. And when there is enough imaging resolution even that won’t be enough.

5) The war between simplicity, complexity and bug (or malicious feature) density.

6) Existential threats. Due to spent fuel pools, automated farm machinery failure or finding out that talking to siri is just so much better than discourse with humans.

Clive Robinson May 2, 2016 4:37 AM

@ Zaakiy Siddiqui,

I for one would appreciate if some thought is given to what the incentive is for IoT threat actors…

You left out the non politically motivated actors, who are probably more of a direct threat.

The first of which are the people you purchase the device from and their suppliers, right back even beyond the design team. Because it is they and their paymasters that primarily control the IoT device not you. Because although you’ve purchased the device, what you have become is a monetizable data sourcre.

And as we know from cellphones, Internet required “home” entertainment, white goods, CCTV and even front door locks the data and meta data is effectivly not encrypted in transit or when passed to what are vulnerable back ends.

We know are own governments –where ever they are– now regard spying on their citizens as the number one priority. But more subtly they are passing legislation that makes it illegal to not have sensors in your home. You can see this in the US for example, where due to political preasure from commercial utilities, in some states it is not legal to “go off grid”. They demanded this legislation to kill of renewable energy that people were starting to use. Part and parcel of this is utilities installing “smart meters” that “call home” and there are plans to make your power consumption controlable by the utility for “safety reasons” which means your home equipment will have to talk to the Smart Meter. You can be sure that various US Government agencies will view such data with greedy eyes, esspecialy now they don’t have to pay for it. You and I can probably not guess now what they will end up using it for, but there has been a clue. In the UK around a decade ago, plans were drawn up to make local annual land taxes (rates), payed by property owners “upliftable” for a number of things, like the view the property had, if the owners had double glazed the windows, central heating, good decorative state etc. They actually started part way in on this in parts of the UK. They also started looking at using the likes of “loyalty card data” to decide how affluent an area was and use that data to make “localised rates uplifts”. This was caused in part due to falling tax recipts from major companies “offshoring” themselves for tax savings purposes, a luxury few citizens have to avoid such schemes.

But we must not forget “rent seeking” behaviour, as most in the industry know device operation is defined by “software” that you don’t buy but rent. There have been examples of vehicle manufactures using it to render vehicles of decreased utility or inoperable if you don’t pay the rent they demand. This is almost certainly going to increase as an activity in one way or another. The current new financial models being put in place are nearly all based on “rent seeking” behaviour in part or whole (that is what the “information economy” is realy all about, not jobs, better life styles or education and science, just “rent seeking” on others labours).

The second lot of non pollitical abusers of IoT is going to be companies that buy up the data from the manufacturer/supplier of the IoT devices. What they are going to do with it is anybodies guess, but you can bet two things, pernicious advertising will be the least of it, and privacy will get debated into non existence by the lobbyists and politicos will get fat off of it. We are already seeing an element of compulsion into this with health insurance companies hiking up premium prices, but then offering discounts if you wear “their” fitbit or similar “spy on your wrist” device. You can be assured that behind the advertising nonsense about it being for your health, there is a busy monetization scheme turning your very personal data into money one way or another.

But we must not forget the criminals, they bring old crimes to new technology in exactly the same way a harsh winter follows an all to brief summer. Put simply any and every scam / crime that worked in the past, will get tried out on any new technology no iffs no butts no maybes. Which makes it a numbers game, criminals can not hit every one at once –or so it appears[1]– thus each new scam has a limited life time, the question is in the meantime is it your number going to come up in the criminals sights…

[1] There is no technology reason why cyber-crime can not hit everybody at the same time, if there were then there could not be a magic kill switch, which some realy want. The reason for this is “time delay payloads”, you spend time covertly installing your payload as widely as possible, and they all trigger at midnight or whatever time you select on a given day in the future. The real limit on why this does not happen is “bandwidth” as can be seen by the way critical software patches take time to get installed, if you use to much bandwidth you get noticed, and that causes a reaction. But with crime it works both ways, firstly on the covert delivery of the payload, but secondly on the extraction of the value, there is a bandwidth on laundering money.

But there are other ways criminals can benifit from IoT etc and if the past is anything to go by some of the brighter ones will see the oportunity first. IoT and Smart Meters are “reactive technology” that is they respond to the wants, needs and activities of the humans around them. Therefor the data traffic generated will reflect those activities, and in most cases so will the meta-meta-data of just the rate of change in traffic, which can be passively monitored.

So meta-meta-data tells an observer if you are home or not. Worse because devices draw power and have power signitures as well as data signitures, your Smart Meter traffic will tell on you even if the data comms does not. But meta-data signitures say what products you have as well, thus the criminal can know if you have anything worth stealing, and if smart can arange a buyer before they steal it… As is the way with cyber-crime they will quickly end up as “script kiddy” scripts “so all the children can play”.

I could go on but I think you can start to see that the least of your worries on IoT, Smart Meters and even medical implants is political activists and would be terrorists. Not that stoped a certain member of “dubyer” Bush era executive getting his medical implant wireless interface deactivated. I guess he found the idea of activists teaching him to break dance via it unappealing…

Karellen May 2, 2016 4:55 AM

“Click Here to Kill Everybody”

Heh. Reminds me of the Eliezer Yudkowsky quote (which I think you’ve mentioned before): “Moore’s Law of Mad Science: Every eighteen months, the minimum IQ necessary to destroy the world drops by one point.”

Dewey May 2, 2016 6:00 AM

What’s the hook?

There should be some section explaining why we are acquiescing to this path. What is the propaganda around IoT and what isn’t being explained? What are the perceived benefits? What does the top of the slippery slope actually look like to the people buying Things?

On War…

It seems a mob racket would be another good metaphor — there’s something different going on in the back room than what you see in the front room, but I agree with you that the current meme about all of these things is “war” and despite contributing to the term inflation I think it’s the best way to communicate on the topic. Even those here most opposed to that term immediately grasp what you’re trying to communicate.

Jon May 2, 2016 7:22 AM

Another revised title suggestion:

Click Here To Spy On Everybody
What makes you think your data belongs to you?


Jon May 2, 2016 7:26 AM

PS – Start With ‘The Current Threats’. They’re not on their way, they’re here.


NeiHuem May 2, 2016 8:24 AM


I back “fight” instead of “war”.

“War” in its original sense implies state actors, strategy & planning, defined start and end, big resources.

“Fight” includes all of war, but also unorganized solitary actors, spontaneous fistfights, private persons defending themselves, etc.

“Fight” not only covers more of the situations the book deals with, but is also much more relatable to individuals. Most readers will have personally experienced a fight, but not a war.

  • Re missing topics: what about the fight for job security within the security industries? If there wasn’t any threat, budgets would be cut and jobs would be lost. So a thriving security industry is dependent on the very existence of what it fights. I don’t think this is a merely theoretical thought.

Gerard van Vooren May 2, 2016 10:55 AM

@ John Carter,

“On the other side of the picture, I see C/C++ as inherently doomed. We cannot sustain this.”

I totally agree but I also don’t see any movement in going away from C/C++ (these two languages are categorically different BTW). The problem is installed base of course. Ada exists for 30 years now and is a good engineering language, not a hacking language. It’s better than C and C++ simply because it’s well thought out. You don’t have Boost for instance in Ada. I am not really favorable to Rust because there is too much complexity and bureaucracy involved which just doesn’t make sense.

The thing is, it’s easy to say “we” cannot sustain the situation where C and C++ are the dominant languages in systems engineering but I would like to see a proper worked out alternative that is feasible with a also proper migration plan – with the benefits and drawbacks – and a time-frame. I haven’t seen that in all the discussions about that we should get rid of C.

The only reason C++ got popular is that it promised to be a good alternative for C and that it piggybacked on C so the migration was painless. Maybe the alternative is again piggybacking on C but this time to keep it simple, more formal but still keeping the hacking and speed, something like Go without GC, with a good set of tools that makes the migration easy.

Gustav Meier May 2, 2016 2:07 PM

Perhaps you might include a chapter on “Industry 4.0”. Wikipedia says: “Industry 4.0, Industry 4.0 or the fourth industrial revolution, is a collective term embracing a number of contemporary automation, data exchange and manufacturing technologies.” There is quite a hype here in mainland Europe, especially in Germany, surrounding “Industry 4.0”. However, I believe, it is just hot air, since in 1970 already, we had connected machines (the Simatic system from Siemens). I remember them. Still, “Industry 4.0” – it is pretended – is linked to the IoT. Coincidentally, today’s “L’Agefi” (www.agefi.com) started a series of six articles on “Industry 4.0”. Here the link: http://tinyurl.com/zck4jf5. (“Voyage au bout de la révolution industrielle.”)

Franz Antesberger May 2, 2016 2:34 PM

I don’t know, in which chapter you want to treat stuxnet. Stuxnet is/was a worm/weapon used in a current war of iran vs usa or israel or both or who ever.
The same thing was the “problem” Argentinia had during Falkland war, when the french missiles (I think it was a torpedo, not a missile, but I don’t remember) they bought did not recognize british ships as enemy. Was there a backdoor in the identification of friend or foe (IFF)?
These kinds of threats don’t fit in the “current wars” chapter (or do I missing a point?).
Another point I miss is, where to put the TOR hacks like torsploit of the FBI?
I did not read all the 115 comments here, so maybe my points are duplicates

Jasper May 2, 2016 2:52 PM

I think your book will cover a broad view of what happens when systems will govern our day to day life. One subject I’m missing though are vulnerable “smart” devices like the connected fridge/IP webcam/car that may cause or enable many of the threats you mention:

  • Remote hardware is hard to update
  • Because it is a black box the user has no control over what the device does and cannot check whether it has been compromised
  • Because they are connected they can be used as a stepping stone to an internal network
  • When compromised, a device could be used to cause physical harm
  • Functionality, price and time to market will get higher priority than security, especially because the risks are not obvious for the typical buyer
  • If encryption is used, proper key management is hard with millions of devices
  • “Smart” functionality requires a central server which is a SPoF for availability and trust
  • Hack one device, you hack them all, which is easy enough if any hacker can buy a device and physically examine it
  • The hardware itself is not designed from A-Z but consists of cheap generic components that may contain vulnerabilities/backdoors unknown to the manufacturer
  • A user may not even be aware of the “smart” nature of a device and its associated risks, for instance when a protocol like Lorawan is used to relay information without the need to hook up the device to a wifi router

So smart devices can be both entrance points for hacking into someone’s life and a means to cause physical harm when hacked. In your analogy with a war, they can be the weapons.

Franz Antesberger May 2, 2016 2:55 PM

Perhaps there is another point missing: “The past wars”. It could be about enigma, one time pads (which Russians did use twice), the pearl harbour story (where usa could decipher the radio messages of Japan, but were nevertheless not prepared for the attack)

John Carter May 2, 2016 4:08 PM

@Gerard van Vooren

totally agree but I also don’t see any movement in going away from C/C++ (these two languages are categorically different BTW). The problem is installed base of course. Ada exists for 30 years now and is a good engineering language, not a hacking language. It’s better than C and C++ simply because it’s well thought out. You don’t have Boost for instance in Ada. I am not really favorable to Rust because there is too much complexity and bureaucracy involved which just doesn’t make sense.

Which is one of the many reasons I favour the D Language at the moment.

It plays nice with the C/C++ legacy base. It’s standard library is better and way more comprehensible than STL and BOOST, and it has “Sensible and Safe” defaults out of the box, plus many safety features that hit the sweet spot for speed vs pragmatic safety.

Clive Robinson May 2, 2016 6:29 PM

@ NeiHum,

I back “fight” instead of “war”.

You forgot to mention how people see things in their heads.

We talk of “freedom fighters” and the “oppression of war”. We say how “unions fight for workers rights” and the “war on human rights”. Likewise “fight for justice”, that is we see the word “fight” in a positive light as we do “struggle” but “war” we see negativly as oppression, death, destruction and all the badness and abuses of no law and social disorder in war. We actually see the change with “fight for democracy” when it moves to “civil war”.

Though a dictionary my not carry an emotional association, social culture does provide a heavy emotional context for the words by the way in which we use them.

Courage Con Pollo May 2, 2016 9:27 PM

@ ianf, and the fellow who says “war is hell”

The “cryptokampf” conjunction, I must say, is music to my eyes, but other words could precede “kampf” just as well.

On the subject of war being hell, one might recall other fairly-well-documented infernal permutations; e.g. Stalinism, gulags, stalags, etc., which were not precisely “wars”. Modern technology also allows for unidirectional hells, where the ‘fruits’ thereof may not necessarily be mutually distributed. Surely, the “narco terrorists” of Mexico have made hell for a lot of folks, many who are not directly involved in any official war. I imagine many things approach the vicinity of hell closely enough to borrow the term. I just don’t think anyone (or bureaucracy) deserves a monopoly on the term, however abused and trite it’s become. And perhaps consider, the general apparent direction technology is heading in, when weighed against certain values, may be cause in itself for a war.

On a cynical note, in 2016 where “like” is now used as punctuation, prologue, body and peroration, the semantics of “war”, I suspect, are not likely to seriously burden the collective conscience.

Wael May 3, 2016 12:14 AM

Outcome of the Coming Wars

  • The plight of your data
  • The miserable plight of your Computers
  • The quandary of your Embedded Systems

War leads to fight, ends in plight.
Miserable plight is the outcome of these “wars”. Perhaps you can talk about the current miserable situation instead of the action. Plight or any of its synonyms sound appropriate.

WhiskersInMenlo May 3, 2016 2:34 AM

“War” is not as interesting as other contest language.

Security has multiple contexts, data security and data protection.
Emotional security, job security…

It gets applied to property and private property: home, real estate, banking,
doors, fences, gates, windows, curtains, power consumption, water use.

One problematic reality is sporting contest mind set where it is simply
a game yet winning and loosing results in riots in the streets.
Red States vs. Blue States… and this sports coverage was
rampant in the Apple vs. FBI legal action of recent fame.

Ignorance is another problem. When a teller at a school cafeteria
can call the police on a child that tenders a $2 bill for lunch.
Police were called, hours of time expended because of ignorance
AND the child was deprived of lunch. When and why has ignorance
surfaced as a value. Courts have ruled that it is legal for a police
department to exclude applicants that are too smart. Why…!

So back to security. Security researchers understand the asymmetry involved
in encryption and decryption when the key is known and unknown. This
lack of symmetry has impact on power structure. Those in power want
more those without power need more.

Lessons of the Commons: The Tragedy of the Commons … when over used
or controlled by the unscrupulous only their cattle get food and water…
This takes us to DCMA internet regulation and bandwidth management.
When internet service providers are also content providers they are in
a position to pick winners in a way much bigger than payola ever was.
Communications is a “Commons” that we share with all manner of activities.

Encryption applies both inside and outside of nations. National law enforcement
looking internally might demand transparency yet foreign nationals and global
criminals should be denied transparency. There is no technical solution
to solve this good guy vs. bad guy transparency problem. Worse power corrupts
sufficiently that bad actors acting under the color of authority can do vast
amounts of damage.

Foundations of security and control of property private and other… commerce demands
secure communication for financial transactions. Included in this is identity and reputation.
This need is acknowledged in the law and in international treaties.
Yet the demand by the FBI was an attack on the security foundation of the iPhone
that is also a payment $$ tool. Had such an attack been mounted by Iran or Korea
it would be met as if it was an act of war. Bad actors inside are as equally troubling
as external agents.

Security keys… the value and nature of digital signature keys is best understood
by comparing with the asian “Chop”. Identity stamp used as a signature, not just
an individual but also a corporation. Physical control of corporate chops in China,
Japan and other parts of Asia is control of the company.

The Pope’s signet ring. Shattered on his death. Symbol of office and more.
How do these historic pre handwritten literate signature equivalents compare
and contrast with digital signatures.

Conspiracy… just because you are paranoid does not mean they are not
out to get you. Cheerleading coverage allows collections of issues to obfuscated
and aggregated in funny ways.
Consider privacy. Most of California has strong bias on the Row v. Wade ruling.
However most forget that it is a privacy ruling not an abortion ruling. Erosion
and the attacks on of the expectation of privacy may be for “other” reasons
than expressed.

Impossibly Stupid May 3, 2016 11:03 AM

@Clive Robinson

we see the word “fight” in a positive light as we do “struggle” but “war” we see negativly

This is a good point. I think part of the reason is that we often tend to favor the underdog, and our gut reaction to language reflects that. Genuine war is something reserved for only the most powerful organizations. A person cannot declare a war on anyone, but a company/government can do the reverse (and/or wage war with other companies/governments).

That’s why Bruce’s “war of all against all” doesn’t ring particularly true. I am not at war with either China or the the Chinese company that builds my IoT security camera. I just want it to serve my security needs without phoning their server and uploading photos. It is they who have taken those actions to undermine my privacy in a war-like action against all their customers. It’s highly asymmetric, and if Bruce is looking to appeal to the masses with his book, he needs to pick a metaphor that resonates more with individuals, and “war” is not it.

Rick Taggard May 3, 2016 12:15 PM

Two core threats I rarely see explicitly worked out (and often feel a need to do so when discussing the subject):

  1. How can a government become corrupted by excessive domestic secret surveillance powers? How can that actually threaten a stable government, or an unstable one?

What is being done to protect now? How can there be protection?

  1. What dangers might arise if there is a cyber free for all, globally, as there has been. Where nations are stealing from nations and their corporations? What happens if this escalates? Is it inevitable to escalate? What form will that take?
  2. What are the dangers of people speaking freely on politics and religion, for instance? Historically, one good example of such dangers, has been where new regimes come to power and then chase down all who belonged to adversarial parties. This is pretty systematic.

What are dangers you might face now, expressing your beliefs?

I might point out, a lot of posters here frequently think they may be targets for governmental surveillance. Why? Because they have critical opinions, often, to state about how intelligence are doing things. Even though, I think the core of those who do this are actually very patriotic people.

A good example of such “live firing on innocent crowds” is the apparent GCHQ twitter bot which started hitting at Cory Doctorow, apparently because of some Snowden statements he made.

Nevermind, we have seen at the least GCHQ has as targets any forums that may discuss their polices or related policies in a critical manner.

  1. How might policing abuses increase if domestic surveillance increases?

Really, while most of these hinge onto 1, and I have not here fleshed out 1, I do believe this is really what at the core concern is for the majority of the audience who follow these issues.

Namely, because they are not ignorant of this past century’s awful history, not similar scenarios across time.

I think partly the reason not to flesh it out, is so as to not be offensive. There is much good going on in the first world. People do not want to hear that maybe there is a fatal flaw.

And others just make these matters subjects simply because of their own political biases.

xd0s May 3, 2016 2:09 PM

I’d tend to recommend that the US/UK Privacy War and the “Coming War” War for your Data, are not only the same, but well underway already.

Maybe morph those into a Data Sovereignty War or something similar?

Not trying to beat a dead metaphor, but Data is Power, and sovereignty is essentially about power (and control). The state vs corporation angle could be useful to think through as well.

Gerard van Vooren May 3, 2016 2:26 PM

@ John Carter,

Funny that you mention D. I completely forgot about this PL. I know nothing at all about D but I think I will dive into it and report back later.

Nick P May 3, 2016 2:59 PM

@ Gerard

You dismissed it during a previous conversation because it’s designed to be like C/C++ a bit. You didn’t like the foundation. Yet, it was essential to try to win over C++ devs like it did for C.

Anyway, glad you’re reconsidering as author did a decent job on safety vs performance vs legacy. Not my favorite but worth looking at as some like it.

Anura May 3, 2016 3:48 PM

@Nick P

I’m a purist. I think we should abandon anything resembling C, for syntactically more forgiving languages (optional braces are evil).


So…. How’s that working out?

Jon K May 3, 2016 5:44 PM

The issue I see missing is Trust.

What constitutes reasonable trust?

Who is trustable? What is trustable?

Is hardware ever trustable if there is not a hardware root of trust that begins prior to the first stage of the boot loader?

Is TLS trustable? (clearly not)

What cryptographic protocols are trustable? (And how do we know if we can trust the source that says they are secure?)

How should we objectively evaluate trust?

Etcetera. Some guidance on trust should be included.

Another issue I see — and I’m not sure this book is a good place for it — is what really is the current best practice for each major cryptographic application? (I’ve been wishing you’d update Practical Cryptography for years! Great book, still very applicable, but too many people refuse to even look at it because “it isn’t update to date and doesn’t even mention EC, etc.”.)

Alex May 3, 2016 8:02 PM

I like “Click Here to Kill Everybody” but how about:

“Vote Yes to Ban All Computers, Banking, and Commerce”

Tony G May 3, 2016 9:02 PM

Oh yeah, I want a copy of this book. I’m surprised there are so many negative reactions to the word “War”, it seemed OK to me and maybe there should be a chapter or section on nation cyberwarfare as part of the “arsenal” of an actual war or conflict? This is already happening to some extent, I would imagine a pair of major world powers at war and using cyberwarfare as part of that could cause quite a lot of peripheral damage to systems “like” target systems in countries under conflict. Maybe this is too speculative since we haven’t seen a major world power conflict in the internet age, and maybe it is too different from the previous topics and is inconsistent. I believe a war could start over a serious cyber security disagreement also, it feels like the world powers are already having a low level cyber war with each other. So what is the limit to what is acceptable before somebody conducts a missile strike or some nation level action? And maybe all this is wrapped into existing chapters and sections.

Now — “war” as a word that can be a bit of a cliche’ I understand, but you have to sell books 🙂

Name May 4, 2016 12:50 AM

Click Here to Kill Everybody

Well done for coming up with such a click-baity title. You will sell a lot of online copies to psychopaths that way.

Curious May 5, 2016 3:59 AM

@Jon K

As I see it, “trust” is something utterly vague and nonsensical if not having been specified, as in someone stating verbally for example “I trust that tomorrow if there aren’t any cloulds in the sky, I will see the sun shining at daytime”. And then, after a second, he might add “Assuming of course, that I am free to be out in the open and at some place that doesn’t have obstacle obstructing my view to see the sky where the sun might be.” And then, adding, “And also, that I am wide awake, and at my full senses, with my eyes not being obstructed from seeing the sky and the sun.”

And so, trying to express any kind of personal opinion, belief or statement that would be required to be interpreted as something personal, as if something subjective, that is not easy, if the language sense is based on generalizations,or pure idiocy (something idiosyncratic, like making a point about making a point about some topic).

Afaik, it is only meaningful to talk about “trust”, if ‘trust’ as such is something very specific, and more importantly, not being something metaphorical, as for example, when talking about the trust about a group of people you perhaps have not even seen or spoken to, or heard from. So imo, any kind of idea based on implied trust (the vague stuff), only makes sense if portrayed that way, but then again, that kind of “trust” isn’t ‘trust’ as such, but only in name as a single word.

Curious May 5, 2016 4:02 AM

To add to what I wrote:

When I use words like “idiocy” or “idiot”, I never use them as a negative derogative term. To me, idiocy only means something ‘idiosyncratic’. Idiosyncratic, in turn, I have always interpreted as being ‘by power of oneself’.

So I hope people here don’t get weirded out by me using such words. It isn’t really meant by me to be thought of as demeaning or anything.

Curious May 5, 2016 4:21 AM

For anyone interested in language, I highly recommend watching all of Prof. Paul Fry’s lecture videos on youtube (US Yale University iirc), about “introduction to theory of literature”. The two first parts (the introduction) and the last part alone should be interesting to anyone that doesn’t have the time to watch it all.

The perhaps most interesting aspect of these videos imo, is the very idea of making use of critical thinking, in basically recognizing that knowledge is not easily communicated.

Ofc, I should perhap flag myself as being an agnostic (a person who does not believe or is unsure of something), so true knowledge as such is not something I believe in.


ianf May 5, 2016 6:32 AM

@ Curious,
                 whatever may be your private definition of idiocy, better get used to the fact that, in English millieu public settings, it unequivocally means extreme, overt and/or intentional stupidity on the part of its “practitioner(s).” Playing lexicon redefinition games seldom pays off.

Clive Robinson May 5, 2016 7:03 AM

@ ianf, Curious,

Playing lexicon redefinition games seldom pays off.

It can also bring you a world of hurt.

There was news a few days ago of a judge deciding that someone describing themselves as a “hacker” was obviously a criminal, thus signed of on a warrant…

With that level of “idiocy” in the judiciary no wonder democracy is going to hell in a handcart, as fast as though it was pushed of a cliff edge (with the same expected outcome).

Curious May 5, 2016 3:01 PM


I already indicated how “idiocy” as a word would be interpreted as derogatory, or rather, as an insult I should have written instead, so I don’t understand your point here.

Besides, I am sure that “idiot” and “idiocy” does NOT have an unequivocal meaning in an English milleu public setting. Pretty sure “idiot” and “idiocy” is an old form of psychiatric diagnosis, probably related to having so called low IQ.

Count May 6, 2016 1:53 AM

There are probably multiple places where this could fit, but I’d like to read more of your thoughts on what amounts to behavioral dynamics in an Internet society.

Internet behavior produces event level data, which drives Big Data and big analytical systems. Perhaps the greatest threat to privacy and security for individuals is that their behavior is increasingly evented, tracked and correlated (and saved, backed up, and archived in highly durable and cheap storage mediums).

As we are learning small amounts of this data destroys anonymity. The privacy wars are really just beginning, because these systems don’t need your name, your photo, or SSN to identify you, but they’ll have those too in some cases anyway.

It’s normal for me to look in the mirror and reflect on all of my past decisions, but is it OK for a judge, neighbor, employer, retailer, Physician, bank, insurance company to see them too? Something tells me they will be much less forgiving. As analytics catch up with with last 5-10 years of saved behavioral data that is pervasive across all corners of the Internet I do wonder how cloudy my own mirror is.

I like to think of myself as one those inherently good people out there, but will society accept me tomorrow when they’ve seen what I’ve done? To me, this is the war to join for our children’s sake of course. In fact this war is being fought in EU more than any place else right now.

It’s fascinating to see the EU tackle privacy laws. Some good things happening there it seems. I don’t understand why US citizens are not demanding similar laws and standards from their government. Quite fascinating indeed. Are citizens naive to corporations and government tracking them without restrictions on use, disclosure, onward processing, security controls?

Count May 6, 2016 2:54 AM

“contention” would be a more academic nomenclature, but then again we want you to sell lots of books.

Bytopia May 6, 2016 12:43 PM

Are citizens naive to corporations and government tracking them without restrictions on use, disclosure, onward processing, security controls?

Apathetic, rather. Besides, nothing to hide, nothing to fear.


Mr Peabody May 7, 2016 5:15 AM

How about this one- the danger of algorithm-identified and algorithm-driven-exclusion of, for want of a better phrase, “personality types” from the pool of people who are permitted into the TLAs (and elsewhere of course).

This has to be a real danger. A sort of recursive, supercharged, super-strained homogeneity of personality types resulting in a rapid shift of anchoring perspective towards authoritarianism.

We may already be seeing this and it has to counted as hugely destructive in its own right.

If the perspectives of TLAs seem paranoiac to the rest of us and the real (or perceived) naïveté of the average citizen seems hopeless to TLAs then any rapprochement or reconciliation between the two world views could become impossible.

Mr Peabody May 7, 2016 5:24 AM

Don’t listen to the people telling you “war” is the wrong metaphor. Is this an attack via political correctness or something? What does your gut tell you? What gets YOUR point across? To me, yeah, it’s a war. A zero-sum game possibly with the fate of the Republic in the balance if the wrong people get into power in the future.

Don’t tone it down, the connotations are exactly what you want. How long have you been an English speaker? How refined has your understanding of the English language become over your lifetime? Are you going to be talked into abandoning your well developed spidey-senses?

The War on Christmas is not a thing. The War for the Internet, yeah, that is very much a thing. Just consider who the players are.

David Harmon May 11, 2016 9:21 PM

Another thread to tie in: The witch-hunting pattern. A witch-hunt has several key elements: 1) Confiscation of property, used to feed the apparatus, 2) “suspects” forced to implicate others, 3) relaxation of standards of evidence, and 4) increased presumption of guilt. The classic example is the So-Called War on Drugs, but the (SC) War on Terror fits, as do the (SC) Wars on Music/Movie/Software Piracy. And all of these carry with them attacks on personal privacy and autonomy — citizens required to submit to medical verification that they’re drug-free, Muslims and Arabic speakers being denounced and treated as presumptive suspects, “media consumers” having DRM code imposed on them to “prove ownership”, (and/or having their “possession” demoted to a revokable license). In most cases, refusal to submit to these invasions of privacy is punishable.

Notice that witch-hunts also resemble the modus operandi of some large-scale cyber-attacks — systems taken over to join the attack, their contacts and connections added to the target list, The last two don’t completely apply, but scattershot targeting is usual, as is surveillance as part of the attack. (Also, when investigating or resisting such an attack, scorched-earth measures do become more attractive.) The commonality here is that both the various SCWs and these cyber-attacks act like a predatory swarm, reaching out to consume their initial targets and weaken potential targets, with no internal constraints on growth.

Regarding the use of the word “war”, I agree it’s somewhat cliched and overblown, but that’s part of what makes it useful in rhetoric! I would suggest early on (preface?) having an explicit invocation of the Sun Tzu sense of warfare, with explication of the point that “everything counts, on and off the nominal battlefield”.

I’m very much looking forward to the book! Thanks for fighting the good fight.

Jon Martin May 15, 2016 6:33 AM

Book Topics:
The internet of things (IoT) is a great topic; however, how about an IoT book that starts the conversation about what the future may hold with IoT and Cloud Computing, Nano Technology or the tracking abilities of smart phones as separate or combined topic(s) for your book?

Book Title:
IoT – Boundless Good, Unrestrained Evil and Infinite Risk

Gideon Yuval May 15, 2016 3:33 PM

When you have “rights of society” , who is “society”? the Chinese communist party? the FBI?

(cf. M. Thatcher: “there is no such things as society”)

Steve May 16, 2016 2:55 AM

Concerns that manufacturers of household products (eg ‘lightbulbs’) who previously didn’t have to consider security in their product (hopefully they did think about security with regards to other aspects of their company?) suddenly need to become experts – where does all this expertise come from? Or, more realistically!, is it just ignored.

peter peter May 16, 2016 10:55 AM

‘Conflicts’ do not have to be declared. It seems like this can lead to perpetual fear. I prefer the term ‘war’ provided that they must be declared.

Solutions for governments?
Solutions for the rest of us?

Thank you for everything you are doing.

Roger Williams May 16, 2016 7:45 PM

Bruce, congrats on the new book. Go for it. However, I may demur. Call me a crypto-Luddite or troglodytic oldster, but even as ex-Cisco, I am fine checking the fridge for milk, turning on my own lights, keeping a spare key in the garden, and even a couple of kerosene lamps for when the power goes out. I don’t want to connect everything to everything!

Nonetheless, as always, I will be interested in what you see.


Christian Brock May 17, 2016 10:27 AM

Hi Bruce, I guess it’s too late but here it is:

I don’t like “World Seized Web”.

I discussed the issue with friends, used it and always had to explain what it is. When I then said “World Wide Robot” everyone intuitively understood the concept of the WWW changing into a WWR.

Cheers –Chr.

CJ Hinke May 17, 2016 12:34 PM

I can’t be certain how many degrees of separation we are experiencing as a society but I’d guess upwards of 90%.

The greatest cause of this is convergence. We’ve been flim-flammed into thinking we are ‘connected’ to others when precisely the opposite is the case. Facebook ‘friends’ are an excellent example. We now all carry ‘smart’phones. They’re not just telephones, oh no. We no longer need to carry cameras or videocameras, books, maps, or a laptop.

Come the fuck on: Can’t wait till you get home or to the office to surf the Web or check your email?!?

Instead, we’re all so intent on wondering how our precious phones are doing that we never look up, never see nature, never smile at others. Our phones have made us droids and automatons. Worse, we think this is progress!

The Internet of Things carries this separation to the nth degree. Now we need our ‘smart’phones to talk to our refrigerators or illuminate our house when we get home.

I think a good chapter title, Bruce, might be “Internet of Things – Why?”

mozth May 21, 2016 3:48 AM


I come to this late (I think I missed the original posting somehow), but I want to support your use of the term “war”, but maybet suggest “cold war” instead.

There are real situations where people are dying due to the ongoing situation. Battered women being found by their policeman husband. Activists in Syria who are being identified from other activists Facebook accounts. In each case the “war” on privacy is directly responsible. Wihout Facebook’s real names policy many of those sent to torture and death would have survived.

At the same time, this isn’t a proper hot war for the majority of the world. Relatively few people currently die of this in America, Europe, Russia or even China. It will only become a hot war later, when some madman takes over the presidency of one of those countries and starts using the data already gathered to round up and possibly kill their opponents.

This matches much more with the cold war situation where everyone is currently preparing for the real war, the threat is there, however the events have not yet happened.

Vytautas May 23, 2016 6:44 AM

Wish you success with your new book. Noticed that you would appreciate suggestions. Suggest a chapter on the need for the internationally community to get together and reduce the chances of malicious state cyber activity getting out of hand. Since STUXNET things have been getting worse. One sign is the cyber attack on a German steel mill in 2014 and the recent cyber attack on Ukraine’s power grid last December. Progression is going from civil-military targets to those that can affect civilians. Seems that the international organisations are keeping their hands off this issue. Perhaps some powers feel that they will prevail but there is a smell of August 1914 in the air. Would be good to try to set up some playing rules for peacetime to insure the “cyber peace”. VB.

George Green May 26, 2016 6:39 AM

Instead of the tired war metaphor, I’d prefer a metaphor based on the idea of a game or contest. When Google or Facebook or the government try to gather data on me, I’m not at war with them. They’re not trying to kill me. And I don’t want to kill them, because actually I like some of the services they provide. It’s more like they are outwitting me in some kind of chess that I don’t fully understand the rules of, and that in fact I probably didn’t even realise I was playing. They’ve given me a few pawns while my major pieces have fallen under their control without me noticing. And their objective is not to defeat me, but to keep me playing.

“Click Here to Kill Everybody” is a spectacularly great title by the way. I’m sure it will sell a lot of copies.

gordo May 28, 2016 4:08 AM

A useful lens might be warlordism, albeit digital, e.g., web-sized widgets, the warlords who wield them and the watchdogs who weigh them.

anonymouser May 31, 2016 8:45 AM

The war for everyone’s data is over and the good old MIC won. Next up, the war for control of the societal and technical systems that hold and manage all this data, and more importantly over what gets built on top of them, how, and who controls the outcomes of THAT revolution.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.