Latest Essays

We Must Prepare for the Next Pandemic

We’ll have to battle both the disease and the fake news.

  • Bruce Schneier
  • The New York Times
  • June 17, 2019

When the next pandemic strikes, we'll be fighting it on two fronts. The first is the one you immediately think about: understanding the disease, researching a cure and inoculating the population. The second is new, and one you might not have thought much about: fighting the deluge of rumors, misinformation and flat-out lies that will appear on the internet.

The second battle will be like the Russian disinformation campaigns during the 2016 presidential election, only with the addition of a deadly health crisis and possibly without a malicious government actor.

Read More →

AI Has Made Video Surveillance Automated and Terrifying

AI can flag people based on their clothing or behavior, identify people's emotions, and find people who are acting "unusual."

  • Bruce Schneier
  • Motherboard
  • June 13, 2019

It used to be that surveillance cameras were passive. Maybe they just recorded, and no one looked at the video unless they needed to. Maybe a bored guard watched a dozen different screens, scanning for something interesting. In either case, the video was only stored for a few days because storage was expensive.

Read More →

AI Can Thrive in Open Societies

The belief that China’s surveillance gives it an advantage is misleading—and dangerous.

  • Bruce Schneier
  • Foreign Policy
  • June 13, 2019

According to foreign-policy experts and the defense establishment, the United States is caught in an artificial intelligence arms race with China—one with serious implications for national security. The conventional version of this story suggests that the United States is at a disadvantage because of self-imposed restraints on the collection of data and the privacy of its citizens, while China, an unrestrained surveillance state, is at an advantage. In this vision, the data that China collects will be fed into its systems, leading to more powerful AI with capabilities we can only imagine today. Since Western countries can't or won't reap such a comprehensive harvest of data from their citizens, China will win the AI arms race and dominate the next century.

Read More →

When Fake News Comes to Academia

  • Bruce Schneier
  • Lawfare
  • May 24, 2019

The term "fake news" has lost much of its meaning, but it describes a real and dangerous internet trend. Because it's hard for many people to differentiate a real news site from a fraudulent one, they can be hoodwinked by fictitious news stories pretending to be real. The result is that otherwise reasonable people believe lies.

The trends fostering fake news are more general, though, and we need to start thinking about how it could affect different areas of our lives.

Read More →

Democracy's Dilemma

  • Henry Farrell and Bruce Schneier
  • Boston Review
  • May 15, 2019

The Internet was going to set us all free. At least, that is what U.S. policy makers, pundits, and scholars believed in the 2000s. The Internet would undermine authoritarian rulers by reducing the government’s stranglehold on debate, helping oppressed people realize how much they all hated their government, and simply making it easier and cheaper to organize protests.

Read More →

Russia's Attacks on Our Democratic Systems Call for Diverse Countermeasures

  • Bruce Schneier
  • The Hill
  • May 7, 2019

What do attacks on the integrity of our voting systems, the census and the judiciary all have in common? They're all intended to reduce our faith in systems necessary for our democracy to function, and they're also targets of Russian propaganda efforts.

To understand how these efforts can effectively undermine a democracy, it helps to think of a government as an information system. In this conceptualization, there are two types of knowledge that governments use to function.

Read More →

Toward an Information Operations Kill Chain

  • Bruce Schneier
  • Lawfare
  • April 24, 2019

Cyberattacks don't magically happen; they involve a series of steps. And far from being helpless, defenders can disrupt the attack at any of those steps. This framing has led to something called the "cybersecurity kill chain": a way of thinking about cyber defense in terms of disrupting the attacker's process.

On a similar note, it's time to conceptualize the "information operations kill chain." Information attacks against democracies, whether they're attempts to polarize political processes or to increase mistrust in social institutions, also involve a series of steps.

Read More →

A New Privacy Constitution for Facebook

Mark Zuckerberg wants to fix the social network. Here’s what he’ll need to do.

  • Bruce Schneier and Adam Shostack
  • OneZero
  • March 8, 2019

Facebook is making a new and stronger commitment to privacy. Last month, the company hired three of its most vociferous critics and installed them in senior technical positions. And on Wednesday, Mark Zuckerberg wrote that the company will pivot to focus on private conversations over the public sharing that has long defined the platform, even while conceding that "frankly we don't currently have a strong reputation for building privacy protective services."

There is ample reason to question Zuckerberg's pronouncement: The company has made—and broken—many privacy promises over the years. And if you read his 3,000-word post carefully, Zuckerberg says nothing about changing Facebook's surveillance capitalism business model.

Read More →

Cybersecurity for the Public Interest

  • Bruce Schneier
  • IEEE Security & Privacy
  • January/February 2019

The Crypto Wars have been waging off-and-on for a quarter-century. On one side is law enforcement, which wants to be able to break encryption, to access devices and communications of terrorists and criminals. On the other are almost every cryptographer and computer security expert, repeatedly explaining that there's no way to provide this capability without also weakening the security of every user of those devices and communications systems.

It's an impassioned debate, acrimonious at times, but there are real technologies that can be brought to bear on the problem: key-escrow technologies, code obfuscation technologies, and backdoors with different properties.

Read More →

There's No Good Reason to Trust Blockchain Technology

  • Bruce Schneier
  • Wired
  • February 6, 2019

In his 2008 white paper that first proposed bitcoin, the anonymous Satoshi Nakamoto concluded with: "We have proposed a system for electronic transactions without relying on trust." He was referring to blockchain, the system behind bitcoin cryptocurrency. The circumvention of trust is a great promise, but it's just not true. Yes, bitcoin eliminates certain trusted intermediaries that are inherent in other payment systems like credit cards. But you still have to trust bitcoin—and everything about it.

Read More →

Sidebar photo of Bruce Schneier by Joe MacInnis.