Latest Essays

The Twitter Hacks Have to Stop

  • Bruce Schneier
  • The Atlantic
  • July 18, 2020

Twitter was hacked this week. Not a few people’s Twitter accounts, but all of Twitter. Someone compromised the entire Twitter network, probably by stealing the log-in credentials of one of Twitter’s system administrators. Those are the people trusted to ensure that Twitter functions smoothly.

The hacker used that access to send tweets from a variety of popular and trusted accounts, including those of Joe Biden, Bill Gates, and Elon Musk, as part of a mundane scam—stealing bitcoin—but it’s easy to envision more nefarious scenarios. Imagine a government using this sort of attack against another government, coordinating a series of fake tweets from hundreds of politicians and other public figures the day before a major election, to affect the outcome. Or to escalate an …

Bruce Schneier says we need to embrace inefficiency to save our economy

  • Bruce Schneier
  • Quartz
  • June 30, 2020

It took a global pandemic and stay-at-home orders for 1.5 billion people worldwide, but something is finally occurring to us: The future we thought we expected may not be the one we get.

We know that things will change; how they’ll change is a mystery. To envision a future altered by coronavirus, Quartz asked dozens of experts for their best predictions on how the world will be different in five years.

Below is an answer from Bruce Schneier, a security expert focused on technology. He is a fellow at the Berkman Klein Center for Internet & Society at Harvard University and a lecturer in public policy at the Harvard Kennedy School. He is also the author of more than a dozen books—his latest, …

The Public Good Requires Private Data

  • Bruce Schneier
  • Foreign Policy
  • May 16, 2020

This essay appeared as part of a round table on “How the Coronavirus Pandemic Will Permanently Expand Government Powers.”

There’s been a fundamental battle in Western societies about the use of personal data, one that pits the individual’s right to privacy against the value of that data to all of us collectively. Until now, most of that discussion has focused on surveillance capitalism. For example, Google Maps shows us real-time traffic, but it does so by collecting location data from everyone using the service.

COVID-19 adds a new urgency to the debate and brings in new actors such as public health authorities and the medical sector. It’s not just about smartphone apps tracing contacts with infected people that are currently being rolled out by corporations and governments around the world. The medical community will seize the pandemic to boost its case for accessing detailed health data to perform all sorts of research studies. Public health authorities will push for more surveillance in order to get early warning of future pandemics. It’s the same trade-off. Individually, the data is very intimate. But collectively, it has enormous value to us all…

How Hackers and Spies Could Sabotage the Coronavirus Fight

Intelligence services have a long history of manipulating information on health issues, and an epidemic is especially tempting for interference. Why aren’t we better prepared?

  • Bruce Schneier and Margaret Bourdeaux
  • Foreign Policy
  • February 28, 2020

Spanish translation

The world is racing to contain the new coronavirus that is spreading around the globe with alarming speed. Right now, pandemic disease experts at the World Health Organization (WHO), the U.S. Centers for Disease Control and Prevention (CDC), and other public-health agencies are gathering information to learn how and where the virus is spreading. To do so, they are using a variety of digital communications and surveillance systems. Like much of the medical infrastructure, these systems are highly vulnerable to hacking and interference…

Technologists vs. Policy Makers

  • Bruce Schneier
  • IEEE Security & Privacy
  • January/February 2020

Spanish translation

Sometime around 1993 or 1994, during the first Crypto Wars, I was part of a group of cryptography experts that went to Washington to advocate for strong encryption. Matt Blaze and Ron Rivest were with me; I don’t remember who else. We met with then Massachusetts Representative Ed Markey. (He didn’t become a senator until 2013.) Back then, he and Vermont Senator Patrick Leahy were the most knowledgeable on this issue and our biggest supporters against government backdoors. They still are.

Markey was against forcing encrypted phone providers to implement the NSA’s Clipper Chip in their devices, but wanted us to reach a compromise with the FBI regardless. This completely startled us techies, who thought having the right answer was enough. It was at that moment that I learned an important difference between technologists and policy makers. Technologists want solutions; policy makers want consensus…

We’re Banning Facial Recognition. We’re Missing the Point.

The whole point of modern surveillance is to treat people differently, and facial recognition technologies are only a small part of that.

  • Bruce Schneier
  • The New York Times
  • January 20, 2020

Spanish translation

Communities across the United States are starting to ban facial recognition technologies. In May of last year, San Francisco banned facial recognition; the neighboring city of Oakland soon followed, as did Somerville and Brookline in Massachusetts (a statewide ban may follow). In December, San Diego suspended a facial recognition program in advance of a new statewide law, which declared it illegal, coming into effect. Forty major music festivals pledged not to use the technology, and activists are calling for a nationwide ban. Many Democratic presidential candidates …

China Isn’t the Only Problem With 5G

The network has plenty of other security weaknesses, including ones the United States doesn’t want to fix since they help its own surveillance efforts.

  • Bruce Schneier
  • Foreign Policy
  • January 10, 2020

Spanish translation

The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access. Eavesdropping is also a risk, although efforts to listen in would almost certainly be detectable. More insidious is the possibility that Beijing could use its access to degrade or disrupt communications services in the event of a larger geopolitical conflict. Since the internet, especially the “internet of things,” is expected to rely heavily on 5G infrastructure, potential Chinese infiltration is a serious national security threat…

Bots Are Destroying Political Discourse As We Know It

They’re mouthpieces for foreign actors, domestic political groups, even the candidates themselves. And soon you won’t be able to tell they’re bots.

  • Bruce Schneier
  • The Atlantic
  • January 7, 2020

Spanish translation

Presidential-campaign season is officially, officially, upon us now, which means it’s time to confront the weird and insidious ways in which technology is warping politics. One of the biggest threats on the horizon: Artificial personas are coming, and they’re poised to take over political debate. The risk arises from two separate threads coming together: artificial-intelligence-driven text generation and social-media chatbots. These computer-generated “people” will drown out actual human discussions on the internet.

Text-generation software is already good enough to fool most people most of the time. It’s writing news stories, particularly in …

We Must Bridge the Gap Between Technology and Policymaking. Our Future Depends on It

  • Bruce Schneier
  • World Economic Forum
  • November 12, 2019

This essay also appeared in The OECD Forum Network.

Technologists and policymakers largely inhabit two separate worlds. It’s an old problem, one that the British scientist CP Snow identified in a 1959 essay entitled The Two Cultures. He called them sciences and humanities, and pointed to the split as a major hindrance to solving the world’s problems. The essay was influential – but 60 years later, nothing has changed.

When Snow was writing, the two cultures theory was largely an interesting societal observation. Today, it’s a crisis. Technology is now deeply intertwined with policy. We’re building complex socio-technical systems at all levels of our society. Software constrains behaviour with an efficiency that no law can match. It’s all changing fast; technology is literally creating the world we all live in, and policymakers can’t keep up. Getting it wrong has become increasingly catastrophic. Surviving the future depends in bringing technologists and policymakers together…

Every Part of the Supply Chain Can Be Attacked

When it comes to 5G technology, we have to build a trustworthy system out of untrustworthy parts.

  • Bruce Schneier
  • The New York Times
  • September 25, 2019

The United States government’s continuing disagreement with the Chinese company Huawei underscores a much larger problem with computer technologies in general: We have no choice but to trust them completely, and it’s impossible to verify that they’re trustworthy. Solving this problem — which is increasingly a national security issue — will require us to both make major policy changes and invent new technologies.

The Huawei problem is simple to explain. The company is based in China and subject to the rules and dictates of the Chinese government. The government could require Huawei to install back doors into the 5G routers it sells abroad, allowing the government to eavesdrop on communications or — even worse — take control of the routers during wartime. Since the United States will rely on those routers for all of its communications, we become vulnerable by building our 5G backbone on Huawei equipment…

Sidebar photo of Bruce Schneier by Joe MacInnis.