Susan Landau's New Book: Listening In

Susan Landau has written a terrific book on cybersecurity threats and why we need strong crypto. Listening In: Cybersecurity in an Insecure Age. It's based in part on her 2016 Congressional testimony in the Apple/FBI case; it examines how the Digital Revolution has transformed society, and how law enforcement needs to -- and can -- adjust to the new realities. The book is accessible to techies and non-techies alike, and is strongly recommended.

And if you've already read it, give it a review on Amazon. Reviews sell books, and this one needs more of them.

Posted on January 10, 2018 at 1:42 PM • 18 Comments


oh reallyJanuary 10, 2018 2:05 PM

"And if you've already read it, give it a review on Amazon."

So... Amazon isn't a huge part of the problem actually?

Bruce SchneierJanuary 10, 2018 4:44 PM

"'And if you've already read it, give it a review on Amazon.' So... Amazon isn't a huge part of the problem actually?"

I'm not sure what your point is. Amazon is a huge part of several problems involving both books in general and this particular book's topic. They are also a huge part of any book's sales.

echoJanuary 10, 2018 5:20 PM

I read enough so this book is largely redundant for me so buying it would be an act of charity. Instead of taking advantage of Amazons free Audible book offer I guilt tripped myself and made a small donation to the American based transgender supporting charity GLAAD. (I picked a big US charity which had a mechanism to accept UK donations not a UK charity because I don't believe they campaign vigorously enough on transgender rights and health inequalities in the US are worse than within the EU.)

hmmJanuary 10, 2018 5:22 PM

I meant in terms of "listening in", Alexa.. it was tongue in cheek. Mostly.

They certainly are part of a lot of problems (or success) in book sales, as an industry.
I'm on the fence about them overall. I didn't mean to be vague, sorry.

Is there a 2nd best book sales/review site you'd recommend Bruce? If not that's to the point,
Amazon has kind of grown into every industry now. Tentacles... /tangent

RockJanuary 10, 2018 5:27 PM


For the debate to have the least chance of being derailed, may be best to separate as much of gender politik references as possible from the Cybersecurity topic.

And yes I realize what title of the book is (likely) based off of.

MischaJanuary 10, 2018 5:30 PM


Are you Barbara Streissand? Do you not want to talk about something? What are you doing.

MarkJanuary 10, 2018 6:17 PM

I might torrent it at some stage, but I'm boycotting all American companies right now. There's no way I'm touching Amazon.

echo, why on earth are you giving your money away to America? It's a complete joke of a country. Give your money to UK charities.

Alyer BabtuJanuary 10, 2018 11:34 PM

“Joke” countries don’t hold public government debates on matters of surveillance policy.

The country, formally, is defined by the Declaration of Independence and the Constitution. If there is a joke, it is the disregard and even contempt for these we see in quarters both reactionary and progressive.

Ms. Landau’s concern, and apparently an ongoing concern of this blog, is to defend the the founding documents by defending the freedoms they provide, through debate leading to prudent policy in regard to technology.

Clive RobinsonJanuary 11, 2018 1:21 AM

Having read the preface on the Yale Press server, I was looking for "fresh" information or ideas.

I was a little disapointed in that it was,for me atleast, not new.

However to cut the preface short Susan Landau makes the point that the policy view point by LE is outdated and self serving and thus sets it's self in a 'We are the good guys, the bad guys must have no place to hide"[1] way.

And she points out that there is no back/front door only for LE as it's available for all "Bad Guys" as well. And contrasted the approach of the FBI/DoJ -v- Apple and Apple's view point (though she does not mention the real reason the FBI dropped the case, which is the tide had swung against them, just the "Oh look we've found another way" to dodge the bullet).

From this conflict the FBI/DoJ created with Apple, she moves on to makes the point that currently the real argument is not Good -v- Bad guys, but actually Security -v- Security. Which most readers here should be aware of from the basic premise that 'Technology is agnostic to use and the Controling Mind'.

What she does not mention in the Preface, but I hope she covers later is the notion of "Thought Crime" which we are slipping into.

I've mentioned it before, but it's important to understand there is a vast difference between LE serving a warrant on you and serving a warrant on a third party to gain access to the meta-data or data of your thoughts. It causes a vast inequity of arms, thus vests way to much power in the state to do harm.

Simplistically it goes back to the ideas behind Jeremy Bentham's Panoptican Prison and later those of George Orwell in 1984 with the all seeing surveillance state in the home. That is you do not know by whom or when you are being observed, and this has a significantly adverse effect on society (see East German history from Russian occupation at the end of WWII through to Reunification).

Thus the State gains not just an unfair advantage by the adverse effects on society. But they also gain from the fact they can spend almost indefinate periods of time secretly investigating you. Which is against the usual premise that you will get equity in time to prepare a defence etc. Further in the US it robs you of the advantages of the right to a speedy trial. Which is one of the few deterants you have against the state as it put a limit on what resources they can bring to bare against an individual.

Such secret investigation is an anathema to justice it strips you of your rights to fairness and equality under the law. It is a tactic you can well believe of the archetypal "agent of state" l'Eminence rouge, Cardinal Richelieu using to crush opposition to his aim of centralizing and consolidating power by any and all means. It's also something that we know that LE knows the power of[2].

Hopefully it is something Susan Landau addresses in one of the later chapters. Or if not she will do so soon in other works. Because lack of transparancy of their actions is what a Police State or any dubious LE entity craves, as well as those that have become "results driven" by ineffectual politicians, of which we have many these days.

[1] Not only is it a ludicrously stupid point of view by LE, harking back to black and white "Lone Ranger" films for children. It's actually insulting the US Citizens, by saying they are to stupid to understand anything more complicated than a six year old could understand...

[2] Of one thing you can be sure, that if the tables were reversed LE would be screaming from every hight about the injustice of being surveilled and having their every action second guessed by others "with an agenda". We know this from the way the rank and file behave whenever a bystander gets a cammera or smart phone out and points it in their direction. Also the reversal of the mantra "Of if you have done nothing wrong you have nothing to hide" when they have to wear body cams and voice recorders, that they keep forgetting to charge, turn on, report not functional, etc etc. Which for some reason their seniors rarely investigate or action. Likewise from the fight defendants or others have obtaining such records that show LE behaviour, disclosure of any form is an anathema to LE in general.

Jonathan WilsonJanuary 11, 2018 4:05 AM

We dont have laws that force Yale or Medeco or Sargent & Greenleaf to make their locks (be they for safes, doors, vaults, furniture or anything else) less secure for everyone just so that law enforcement can easily get through the lock.

Why should digital locks made by Apple or Google or Microsoft be any different? Why should we intentionally weaken security for everyone just to make it easier for law enforcement to get into these digital devices? The Texas Church shooter (to use one recent example where law enforcement wants to break into a digital device and has so far been unable to) is dead and even if he wasn't, there is more than enough physical evidence (and eyewitness reports) to send the guy to Huntsville and the lethal injection room. (after a proper trial of course)

hmmJanuary 11, 2018 12:57 PM

"We dont have laws that force Yale or Medeco or Sargent & Greenleaf to make their locks (be they for safes, doors, vaults, furniture or anything else) less secure for everyone just so that law enforcement can easily get through the lock."

If LEO couldn't break a door down, you bet we would.

"Help cops save the babies Act" - Overwhelming majority

Alyer BabtuJanuary 11, 2018 3:33 PM

Ms. Landau points out the under-appreciated speed of tech development. By chance, was reading N. Harkaway’s novel Gnomon, and also noticed that VR and AR are already using direct brain-device control methods. So perhaps phones etc sooner than expected are of little interest. The useful we do at once, the perfect we don’t bother with.

CallMeLateForSupperJanuary 12, 2018 10:34 AM

"[America is] a complete joke of a country."
It does have yuge challenges (most of them self-inflicted). That said, would it be better if America were an *incomplete* joke of a country? (Couldn't resist; I'm sick[1] of "complete"; our Confabulator-in-Chief uses it too much.)

" Give your money to UK charities."
I second that advice. Because Brexit.

[1] Also sick of: "clearly" applied to things unclear; "in a bipartisan manner"; "moving forward".

Petre PeterJanuary 14, 2018 2:42 PM

The content is impressive: clear technical details, and a wealth of information for aspiring government legislation analysts. I am looking forward to reading her next book.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.