Latest Essays

Who Are the Shadow Brokers?

What is—and isn’t—known about the mysterious hackers leaking National Security Agency secrets

  • Bruce Schneier
  • The Atlantic
  • May 23, 2017

In 2013, a mysterious group of hackers that calls itself the Shadow Brokers stole a few disks full of National Security Agency secrets. Since last summer, they've been dumping these secrets on the internet. They have publicly embarrassed the NSA and damaged its intelligence-gathering capabilities, while at the same time have put sophisticated cyberweapons in the hands of anyone who wants them. They have exposed major vulnerabilities in Cisco routers, Microsoft Windows, and Linux mail servers, forcing those companies and their customers to scramble.

Read More →

What Happens When Your Car Gets Hacked?

  • Bruce Schneier
  • The New York Times
  • May 19, 2017

As devastating as the latest widespread ransomware attacks have been, it's a problem with a solution. If your copy of Windows is relatively current and you've kept it updated, your laptop is immune. It's only older unpatched systems on your computer that are vulnerable.

Patching is how the computer industry maintains security in the face of rampant internet insecurity.

Read More →

Why Extending Laptop Ban Makes No Sense

  • Bruce Schneier
  • CNN
  • May 16, 2017

The Department of Homeland Security is rumored to be considering extending the current travel ban on large electronics for Middle Eastern flights to European ones as well. The likely reaction of airlines will be to implement new traveler programs, effectively allowing wealthier and more frequent fliers to bring their computers with them. This will only exacerbate the divide between the haves and the have-nots—all without making us any safer.

In March, both the United States and the United Kingdom required that passengers from 10 Muslim countries give up their laptop computers and larger tablets, and put them in checked baggage.

Read More →

The Next Ransomware Attack Will Be Worse than WannaCry

We'll need new security standards when hackers go after the Internet of Things.

  • Bruce Schneier
  • The Washington Post
  • May 16, 2017

Ransomware isn't new, but it's increasingly popular and profitable.

The concept is simple: Your computer gets infected with a virus that encrypts your files until you pay a ransom. It's extortion taken to its networked extreme. The criminals provide step-by-step instructions on how to pay, sometimes even offering a help line for victims unsure how to buy bitcoin.

Read More →

Three Lines of Defense against Ransomware Attacks

  • Bruce Schneier
  • New York Daily News
  • May 15, 2017

Criminals go where the money is, and cybercriminals are no exception.

And right now, the money is in ransomware.

It's a simple scam. Encrypt the victim's hard drive, then extract a fee to decrypt it.

Read More →

Online Voting Won’t Save Democracy

But letting people use the internet to register to vote is a start.

  • Bruce Schneier
  • The Atlantic
  • May 10, 2017

Technology can do a lot more to make our elections more secure and reliable, and to ensure that participation in the democratic process is available to all. There are three parts to this process.

First, the voter registration process can be improved. The whole process can be streamlined.

Read More →

Who Is Publishing NSA and CIA Secrets, and Why?

  • Bruce Schneier
  • Lawfare
  • April 27, 2017

There's something going on inside the intelligence communities in at least two countries, and we have no idea what it is.

Consider these three data points. One: someone, probably a country's intelligence organization, is dumping massive amounts of cyberattack tools belonging to the NSA onto the Internet. Two: someone else, or maybe the same someone, is doing the same thing to the CIA.

Read More →

The Quick vs the Strong: Commentary on Cory Doctorow’s Walkaway

  • Bruce Schneier
  • Crooked Timber
  • April 26, 2017

Technological advances change the world. That's partly because of what they are, but even more because of the social changes they enable. New technologies upend power balances. They give groups new capabilities, increased effectiveness, and new defenses.

Read More →

Infrastructure Vulnerabilities Make Surveillance Easy

Weakness in digital communications systems allows security to be bypassed, leaving users at risk of being spied on.

  • Bruce Schneier
  • Al Jazeera
  • April 11, 2017

Governments want to spy on their citizens for all sorts of reasons. Some countries do it to help solve crimes or to try to find "terrorists" before they act.

Others do it to find and arrest reporters or dissidents. Some only target individuals, others attempt to spy on everyone all the time.

Read More →

Snoops May Soon Be Able to Buy Your Browsing History. Thank the US Congress

  • Bruce Schneier
  • The Guardian
  • March 30, 2017

Think about all of the websites you visit every day. Now imagine if the likes of Time Warner, AT&T and Verizon collected all of your browsing history and sold it on to the highest bidder. That's what will probably happen if Congress has its way.

This week, lawmakers voted to allow internet service providers to violate your privacy for their own profit.

Read More →

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.