Essays and Op Eds by Category

Computer and Information Security

March 26, 2014 • CNN
How Secure are Snapchat-style Apps?

March 6, 2014 • The Atlantic
There's No Real Difference Between Online Espionage and Online Attack

February 25, 2014 • Boing Boing
Choosing a Secure Password

January 6, 2014 • Wired
The Internet of Things Is Wildly Insecure—And Often Unpatchable

October 16, 2013 • Wired
How to Design—And Defend Against—The Perfect Security Backdoor

October 7, 2013 • Wired
Want to Evade NSA Spying? Don’t Connect to the Internet

October 1, 2013 • Europe's World
Book Review: Cyber War Will Not Take Place

September 27, 2013 • Europe's World
Understanding the Threats in Cyberspace

September 9, 2013 • Wired
If the New iPhone Has Fingerprint Authentication, Can It Be Hacked?

September 6, 2013 • The Guardian
NSA Surveillance: a Guide to Staying Secure

September 5, 2013 • The Guardian
The US Government Has Betrayed the Internet. We Need to Take It Back

September 4, 2013 • Wired
How Advanced Is the NSA's Cryptanalysis—And Can We Resist It?

September/October 2013 • IEEE Security & Privacy
Trust in Man/Machine Security Systems

August 29, 2013 • The Wall Street Journal
Syrian Electronic Army: A Brief Look at What Businesses Need to Know

August 15, 2013 • CNN
Why It's So Easy to Hack Your Home

June 6, 2013 • Harvard Business Review
You Have No Control Over Security on the Feudal Internet

March 19, 2013 • Dark Reading
On Security Awareness Training

March 11, 2013 • MIT Technology Review
Danger Lurks in Growing New Internet Nationalism

Winter/Spring 2013 • The SciTech Lawyer
Our New Regimes of Trust

November 29, 2012 • The Irish Times
Militarizing Cyberspace Will Do More Harm Than Good

November 26, 2012 • Wired
When It Comes to Security, We're Back to Feudalism

October 19, 2012 • New York Times Room for Debate
Fear Pays the Bills, but Accounts Must Be Settled

July 12, 2012 • Krebs on Security
So You Want to Be a Security Expert

June 22, 2012 • Science
Securing Medical Research: A Cybersecurity Point of View

June 8, 2012 • U.S. News
Debate Club: An International Cyberwar Treaty Is the Only Way to Stem the Threat

May 30, 2012 • Forbes
The Vulnerabilities Market and the Future of Security

January 2011 • Information Security
Schneier-Ranum Face-Off on Whitelisting and Blacklisting

November 2010 • Information Security
The Dangers of a Software Monoculture

November 11, 2010 • Forbes
The Plan to Quarantine Infected Computers

November 10, 2010 • Dark Reading
When to Change Passwords

October 7, 2010 • Forbes
The Story Behind The Stuxnet Virus

September 2010 • Information Security
Should Enterprises Give In to IT Consumerization at the Expense of Security?

July 9, 2010 • AOL News
3 Reasons to Kill the Internet Kill Switch Idea

July 7, 2010 • CNN
Threat of "Cyberwar" Has Been Hugely Hyped

June 30, 2010 • Dark Reading
The Failure of Cryptography to Secure Modern Networks

June 2010 • Information Security
Weighing the Risk of Hiring Hackers

May 12, 2010 • Forbes, Information Security
The Internet: Anonymous Forever

March 2010 • Information Security
Should the Government Stop Outsourcing Code Development?

January/February 2010 • IEEE Security & Privacy
Security and Function Creep

January 23, 2010 • CNN and Ethiopian Review
U.S. Enables Chinese Hacking of Google

December 23, 2009 • The Japan Times and Wired News
Cold War Encryption is Unrealistic in Today's Trenches

December 9, 2009 • The Guardian
Virus and Protocol Scares Happen Every Day -- But Don't Let Them Worry You

November 11, 2009 • The Guardian
Reputation is Everything in IT Security

November 2009 • Information Security
Is Antivirus Dead?

October 15, 2009 • The Guardian
Why Framing Your Enemies Is Now Virtually Child's Play

September 28, 2009 • Threatpost
The Difficulty of Un-Authentication

September 9, 2009 • The Guardian
The Battle Is On Against Facebook and Co to Regain Control of Our Files

September 2009 • Information Security
Is Perfect Access Control Possible?

July 31, 2009 • MPR News Q
Technology Shouldn't Give Big Brother a Head Start

July 13, 2009 • MPR News Q and ITWire
So-called Cyberattack Was Overblown

February 19, 2009 • The Guardian
The Secret Question Is: Why Do IT Systems Use Insecure Passwords?

February 16, 2009 • The Wall Street Journal
Thwarting an Internal Hacker

Jan/Feb 2009 • IEEE Security & Privacy
Architecture of Privacy

December 9, 2008 • The Wall Street Journal
How to Prevent Digital Snooping

December 4, 2008 • The Guardian and The Hindu
When You Lose a Piece of Kit, the Real Loss Is The Data It Contains

November 21, 2008 • The Wall Street Journal
Why Obama Should Keep His BlackBerry -- But Won't

November 19, 2008 • Wired News
America's Next Top Hash Function Begins

November 13, 2008 • The Guardian and The Hindu
Passwords Are Not Broken, but How We Choose them Sure Is

October 16, 2008 • Wired News
Quantum Cryptography: As Awesome As It Is Pointless

August 10, 2008 • Security Watch
The Problem Is Information Insecurity

July 23, 2008 • Wired News
Lesson From the DNS Bug: Patching Isn't Enough

July 17, 2008 • The Guardian
Software Makers Should Take Responsibility

July 10, 2008 • Wired News
How a Classic Man-in-the-Middle Attack Saved Colombian Hostages

June 30, 2008 • Wired News
I've Seen the Future, and It Has a Kill Switch

May 1, 2008 • Wired News
America's Dilemma: Close Security Holes, or Exploit Them Ourselves

May 2008 • Information Security
The Ethics of Vulnerability Research

April 4, 2008 • ComputerWeekly
Secret Questions Blow a Hole in Security

March 13, 2008 • Nature
Census of Cyberspace Censoring

March 2008 • Information Security
Consolidation: Plague or Progress

February 21, 2008 • Wired News
When the Internet Is My Hard Drive, Should I Trust Third Parties?

February 7, 2008 • Wired News
With iPhone, "Security" Is Code for "Control"

January 10, 2008 • Wired News
Steal This Wi-Fi

December 2007 • Information Security
Caution: Turbulence Ahead

Nov/Dec 2007 • IEEE Security and Privacy
The Death of the Security Industry

November 29, 2007 • Wired News
How Does Bruce Schneier Protect His Laptop Data? With His Fists — and PGP

November 15, 2007 • Wired News
Did NSA Put a Secret Backdoor in New Encryption Standard?

October 5, 2007 • OutlookBusiness
Paying the Cost of Insecure Software [PDF]

October 4, 2007 • Wired News
Gathering "Storm" Superworm Poses Grave Threat to PC Nets

September 6, 2007 • Wired News
NBA Ref Scandal Warns of Single Points of Failure

September 2007 • Information Security
Home Users: A Public Health Problem?

April 5, 2007 • Wired News
Vigilantism Is a Poor Response to Cyberattack

March 2007 • Information Security
Is Penetration Testing Worth It?

February 12, 2007 • Forbes
Why Vista's DRM Is Bad For You

February 8, 2007 • Wired News
An American Idol for Crypto Geeks

January 22, 2007 • Forbes
Solving Identity Theft

January 15, 2007 • Wired News
Secure Passwords Keep You Safer

January 2007 • ENISA Quarterly
Information Security and Externalities

January 2007 • CSO Online
Schneier: Full Disclosure of Security Vulnerabilities a 'Damned Good Idea'

December 14, 2006 • Wired News
MySpace Passwords Aren't So Dumb

December 12, 2006 • Forbes
Why Spam Won't Go Away

November 30, 2006 • Wired News
My Data, Your Machine

September 7, 2006 • Wired News
Quickest Patch Ever

July 27, 2006 • Wired News
How Bot Those Nets?

July 13, 2006 • Wired News
Google's Click-Fraud Crackdown

July 2006 • Information Security
Are Security Certifications Valuable?

June 1, 2006 • Wired News
Make Vendors Liable for Bugs

May 4, 2006 • Wired News
Everyone Wants to "Own" Your PC

April 2006 • Information Security
Is User Education Working?

February 15, 2006 • Network World
Security in the Cloud (Feb 06)

January 26, 2006 • Wired News
Big Risks Come in Small Packages

December 15, 2005 • Wired News
Hold the Photons!

December 13, 2005 • Utility Automation & Engineering T&D
The Hackers are Coming!

Nov/Dec 2005 • IEEE Security and Privacy
The Zotob Storm

November 17, 2005 • Wired News
Real Story of the Rogue Rootkit

October 20, 2005 • Wired News
Sue Companies, Not Coders

October 6, 2005 • Wired News
A Real Remedy for Phishers

Sep/Oct 2005 • IEEE Security and Privacy
University Networks and Data Security

June 2, 2005 • Queue
Attack Trends: 2004 and 2005

April 4, 2005 • Network World
Is Two-Factor Authentication Too Little, Too Late?

February 9, 2005 • Computerworld
The Curse of the Secret Question

December 9, 2004 • CNET News.com
Who says safe computing must remain a pipe dream?

November 29, 2004 • eWeek
Desktop Google Finds Holes

October 28, 2004 • Computerworld
Information Security: How liable should vendors be?

October 2004 • Communications of the ACM
The Non-Security of Secrecy

Sep/Oct 2004 • IEEE Security and Privacy
SIMS: Solution, or Part of the Problem?

September 27, 2004 • CNET News.com
Saluting the data encryption legacy

September 20, 2004 • Mercury News
Academics locked out by tight visa controls

August 30, 2004 • eWeek
We Owe Much to DES

August 19, 2004 • Computerworld
Cryptanalysis of MD5 and SHA: Time for a New Standard

Jul/Aug 2004 • IEEE Security and Privacy
Customers, Passwords, and Web Sites

June 2, 2004 • Computerworld
The Witty Worm: A New Chapter in Malware

May 31, 2004 • Network World
Microsoft's Actions Speak Louder Than Words

April 2004 • IEEE Computer
Hacking the Business Climate for Network Security

April 2004 • Communications of the ACM
Cyber Underwriters Lab?

February 2004 • Communications of the ACM
Risks of PKI: Electronic Commerce

January 2004 • Communications of the ACM
Risks of PKI: Secure E-Mail

December 19, 2003 • Mercury News
Are You Sophisticated Enough to Recognize an Internet Scam?

December 9, 2003 • CNET News.com
Internet Worms and Critical Infrastructure

November 2003 • Heise Security
Liability Changes Everything

September 24, 2003 • Computer & Communications Industry Association Report
CyberInsecurity: The Cost of Monopoly

Jul/Aug 2003 • IEEE Security and Privacy
The Speed of Security

June 2003 • Wired Magazine
Walls Don't Work in Cyberspace

Mar/Apr 2003 • IEEE Security and Privacy
Locks and Full Disclosure

March 7, 2003 • Mercury News
American Cyberspace: Can We Fend Off Attackers?

March 2, 2003 • SF Chronicle
Secrecy and Security

Jan/Feb 2003 • IEEE Security and Privacy
We Are All Security Consumers

April 22, 2002 • Network World
Should Vendors be Liable for Their Software's Security Flaws?

January 18, 2002 • CNET News.com
Trust, but Verify, Microsoft's Pledge

2002 • IEEE Computer Magazine
The Case for Outsourcing Security

November 2001 • Dr. Dobb's Journal
Banners and Internet Protocols

October 1, 2001 • InternetWeek
Efforts to Limit Encryption Are Bad for Security

September 3, 2001 • InternetWeek
The Real Lesson of Code Red: Insecurity Is a Way of Life

August 6, 2001 • InternetWeek
Arrest of Computer Researcher Is Arrest of First Amendment Rights

July 9, 2001 • InternetWeek
Marriage Of Phone Services, Biz Apps Could Be A Security Risk

June 18, 2001 • InternetWeek
In War Against Cyberspace Intruders, Knowledge Is Power

May 14, 2001 • InternetWeek
Computer Security Standards Aren't Scoring In The Commercial World

May 2001 • Security Engineering by Ross Anderson
Foreword

April 16, 2001 • InternetWeek
IT Must Be More Vigilant About Security, Survey Shows

March 12, 2001 • InternetWeek
Back Door Security Threat in Interbase Teaches Broader Lessons

March 2001 • Communications of the ACM
Insurance and the Computer Industry

February 12, 2001 • InternetWeek
PGP's Vulnerabilities Reveal the Truth about Security

February 2001 • Information Security
The Insurance Takeover

January 22, 2001 • InternetWeek
Gimmicks Won't Protect Your Digital Assets from Being Copied

December 2000 • Dr. Dobb's Journal
Security Research and the Future

August 2000 • Information Security
The Fallacy of Trusted Client Software

July 31, 2000 • ZDNet
Debunking Virus-Based Fixes

April 2000 • Information Security
The Process of Security

December 1999 • Information Security
1999 Crypto Year-in-Review

November 1999 • ZDNet
DVD Encryption Broken

November 1999 • Computerworld
Why Computers are Insecure

November 1999 • Information Security
A Plea for Simplicity

October 1999 • Communications of the ACM
Risks of Relying on Cryptography

September 1999 • Communications of the ACM
The Trojan Horse Race

September 1999 • Information Security
International Cryptography

August 1999 • ZDNet
Web-Based Encrypted E-Mail

August 1999 • ZDNet
NIST AES News

August 1999 • Communications of the ACM
Biometrics: Uses and Abuses

March 1999 • IEEE Security and Privacy
Cryptography: The Importance of Not Being Different

March 1999 • Information Security
Why the Worst Cryptography is in the Systems that Pass Initial Analysis

January 26, 1999 • ZDNet
Intel's Processor ID

1999 • Computer Security Journal
How to Evaluate Security Technology

December 1998 • Information Security
1998 Crypto Year-in-Review

October 1998 • Information Security
Key Recovery

May 1998 • Byte
The Crypto Bomb Is Ticking

April 1998 • Dr. Dobb's Journal
The Secret Story of Nonsecret Encryption

March 2, 1998 • Network World
Security for Remote Access VPNs Must Be Simple

1998 • Information Management & Computer Security
Security Pitfalls in Cryptography

1998
Click Here to Bring Down the Internet

November 1997 • Software Magazine
The Challenge of Cryptography

January 1997 • Communications of the ACM
Cryptography, Security, and the Future

1997
Why Cryptography is Harder Than It Looks

November 1995 • Macworld
Protect Your E-Mail

January 16, 1995 • Network World
Electronic Speech - For Domestic Use Only

September 28, 1994 • Cincinnati Post
High-Tech Government Snooping: Anti-Crime or Orwell Revisited?

July 1994 • Macworld
Virus Killers: Macworld Lab Tests Virus Software and Survives

December 13, 1993 • MacWEEK
Virus Protection on the Mac is Simple But Necessary

May 31, 1993 • Computerworld
Clipper Gives Big Brother Far Too Much Power

Feburary 1993 • Macworld
Data Guardians

October 19, 1992 • MacWEEK
Taking Backups out of Users' Hands

July 27, 1992 • MacWEEK
System 7's Security Shortcomings

June 22, 1992 • MacWEEK
Keeping Viruses Off Net a Battle

June 8, 1992 • MacWEEK
'Fire Walls' Stand as a Protectant Between Trouble and the Network.

April 1992 • Computer Language
Sharing Secrets Among Friends

March 16, 1992 • MacWEEK
Computer Security: Key Management Issue

back to Essays and Op Eds

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..