Latest Essays

How AI Could Write Our Laws

ChatGPT and other AIs could supercharge the influence of lobbyists—but only if we let them

  • Nathan E. Sanders & Bruce Schneier
  • MIT Technology Review
  • March 14, 2023

Nearly 90% of the multibillion-dollar federal lobbying apparatus in the United States serves corporate interests. In some cases, the objective of that money is obvious. Google pours millions into lobbying on bills related to antitrust regulation. Big energy companies expect action whenever there is a move to end drilling leases for federal lands, in exchange for the tens of millions they contribute to congressional reelection campaigns.

But lobbying strategies are not always so blunt, and the interests involved are not always so obvious. Consider, for example, a 2013 …

Why the U.S. Should Not Ban TikTok

The ban would hurt Americans—and there are better ways to protect their data.

  • Bruce Schneier and Barath Raghavan
  • Foreign Policy
  • February 23, 2023

Congress is currently debating bills that would ban TikTok in the United States. We are here as technologists to tell you that this is a terrible idea and the side effects would be intolerable. Details matter. There are several ways Congress might ban TikTok, each with different efficacies and side effects. In the end, all the effective ones would destroy the free internet as we know it.

There’s no doubt that TikTok and ByteDance, the company that owns it, are shady. They, like most large corporations in China, operate at the pleasure of the Chinese government. They collect extreme levels of information about users. But they’re not alone: Many apps you use do the same, including Facebook and Instagram, along with seemingly innocuous apps that have no need for the data. Your data is bought and sold by data brokers you’ve never heard of who have few scruples about where the data ends up. They have digital dossiers on most people in the United States…

Everything Is Hackable

  • Slate
  • February 10, 2023

Every year, an army of hackers takes aim at the tax code.

The tax code is not computer code, but it is a series of rules—supposedly deterministic algorithms—that take data about your income and determine the amount of money you owe. This code has vulnerabilities, more commonly known as loopholes. It has exploits; those are tax avoidance strategies. There is an entire industry of black-hat hackers who exploit vulnerabilities in the tax code: We call them accountants and tax attorneys.

Hacking isn’t limited to computer systems, or even technology. Any system of rules can be hacked. In general terms, a hack is something that a system permits, but that is unanticipated and unwanted by its designers. It’s unplanned: a mistake in the system’s design or coding. It’s clever. It’s a subversion, or an exploitation. It’s a cheat, but only sort of. Just as a computer vulnerability can be exploited over the internet because the code permits it, a tax loophole is "allowed" by the system because it follows the rules, even though it might subvert the intent of those rules…

We Don’t Need to Reinvent Our Democracy to Save It from AI

  • Bruce Schneier and Nathan Sanders
  • Harvard Kennedy School Belfer Center
  • February 9, 2023

When is it time to start worrying about artificial intelligence interfering in our democracy? Maybe when an AI writes a letter to The New York Times opposing the regulation of its own technology.

That happened last month. And because the letter was responding to an essay we wrote, we’re starting to get worried. And while the technology can be regulated, the real solution lies in recognizing that the problem is human actors—and those we can do something about.

Our essay argued that the much heralded launch of the AI chatbot ChatGPT, a system that can generate text realistic enough to appear to be written by a human, poses significant threats to democratic processes. The ability to produce high quality political messaging quickly and at scale, if combined with AI-assisted capabilities to strategically target those messages to policymakers and the public, could become a powerful accelerant of an already sprawling and poorly constrained force in modern democratic life: lobbying…

The Big Idea: Bruce Schneier

  • Whatever
  • February 7, 2023

The world has systems. Systems have rules. Or are they more like guidelines? In today’s Big Idea for A Hacker’s Mind, security expert Bruce Schneier takes a look at systems, how they are vulnerable, and what that fact means for all of us.

BRUCE SCHNEIER:

Hacking isn’t limited to computer systems, or even technology. Any system can be hacked.

What sorts of system? Any system of rules, really.

Think about the tax code. It’s not computer code, but it’s a series of rules—supposedly deterministic algorithms—that take data about your income and determine the amount of money you owe. This code has vulnerabilities, more commonly known as loopholes. It has exploits; those are tax avoidance strategies. And there is an entire industry of black-hat hackers who exploit vulnerabilities in the tax code: we call them accountants and tax attorneys…

Opinion: What Peter Thiel and the ‘Pudding Guy’ revealed

  • CNN
  • February 7, 2023

The Roth IRA is a retirement account allowed by a 1997 law. It’s intended for middle-class investors and has limits on both the investor’s income level and the amount that can be invested.

But billionaire Peter Thiel and others found a hack. As one of the founders of PayPal, Thiel was able—entirely legally— to use an investment of less than $2,000 to buy 1.7 million shares of the company at $0.001 per share, turning it into $5 billion in 20 years—all forever tax-free, according to ProPublica. (Thiel’s spokesperson didn’t respond to ProPublica’s questions about its 2021 report.)…

How ChatGPT Hijacks Democracy

  • Nathan E. Sanders and Bruce Schneier
  • The New York Times
  • January 15, 2023

Launched just weeks ago, ChatGPT is already threatening to upend how we draft everyday communications like emails, college essays and myriad other forms of writing.

Created by the company OpenAI, ChatGPT is a chatbot that can automatically respond to written prompts in a manner that is sometimes eerily close to human.

But for all the consternation over the potential for humans to be replaced by machines in formats like poetry and sitcom scripts, a far greater threat looms: artificial intelligence replacing humans in the democratic processes—not through voting, but through lobbying…

How to Decarbonize Crypto

The sins of FTX aren’t the only problem the crypto world needs to pay for.

  • Christos Porios and Bruce Schneier
  • The Atlantic
  • December 6, 2022

Maintaining bitcoin and other cryptocurrencies causes about 0.3 percent of global CO2 emissions. That may not sound like a lot, but it’s more than the emissions of Switzerland, Croatia, and Norway combined. As many cryptocurrencies crash and the FTX bankruptcy moves into the litigation stage, regulators are likely to scrutinize the crypto world more than ever before. This presents a perfect opportunity to curb their environmental damage.

The good news is that cryptocurrencies don’t have to be carbon intensive. In fact, some have near-zero emissions. To encourage polluting currencies to reduce their carbon footprint, we need to force buyers to pay for their environmental harms through taxes…

Centralized Vs. Decentralized Data Systems—Which Choice Is Best?

  • David Weldon
  • VentureBeat
  • September 12, 2022

Healthcare and insurance payers spend nearly $496 billion each year on billing and insurance-related costs, noted Bruce Schneier, chief of security architecture at Inrupt—a company created by the father of the modern web, Tim Berners-Lee. As the amount of data continues to grow, it is becoming more difficult for healthcare providers to access necessary information when treating patients.

Providers typically turn to centralized means such as healthcare information exchanges, but these present a laundry list of potential problems, Schneier argued…

NIST’s Post-Quantum Cryptography Standards Competition

  • IEEE Security & Privacy
  • September/October 2022

View or Download in PDF Format

Quantum computing is a completely new paradigm for computers. A quantum computer uses quantum properties such as superposition, which allows a qubit (a quantum bit) to be neither 0 nor 1, but something much more complicated. In theory, such a computer can solve problems too complex for conventional computers.

Current quantum computers are still toy prototypes, and the engineering advances required to build a functionally useful quantum computer are somewhere between a few years away and impossible. Even so, we already know that that such a computer could potentially factor large numbers and compute discrete logs, and break the RSA and Diffie-Hellman public-key algorithms in all of the useful key sizes…

Sidebar photo of Bruce Schneier by Joe MacInnis.