Essays: 2022 Archives

When Corporate Interests and International Cyber Agreements Collide

  • Bruce Schneier and Tarah Wheeler
  • The Cipher Brief
  • May 5, 2022

The Paris Call for Trust and Stability in Cyberspace is an initiative launched by French President Emmanuel Macron during the 2018 UNESCO’s Internet Governance Forum. It’s an attempt by the world’s governments to come together and create a set of international norms and standards for a reliable, trustworthy, safe, and secure Internet. It’s not an international treaty, but it does impose obligations on the signatories. It’s a major milestone for global Internet security and safety.

Corporate interests are all over this initiative, sponsoring and managing different parts of the process. As part of the Call, the French company Cigref and the Russian company Kaspersky chaired …

Why Vaccine Cards Are So Easily Forged

Sometimes a little security theater isn’t the worst thing.

  • The Atlantic
  • March 8, 2022

My proof of COVID vaccination is recorded on an easy-to-forge paper card. With little trouble, I could print a blank form, fill it out, and snap a photo. Small imperfections wouldn’t pose any problem; you can’t see whether the paper’s weight is right in a digital image. When I fly internationally, I have to show a negative COVID test result. That, too, would be easy to fake. I could change the date on an old test, or put my name on someone else’s test, or even just make something up on my computer. After all, there’s no standard format for test results; airlines accept anything that looks plausible…

Letter to the US Senate Judiciary Committee on App Stores

  • Bruce Schneier
  • January 31, 2022

View or Download in PDF Format

The Honorable Dick Durbin
Chair
Committee on Judiciary
711 Hart Senate Office Building
Washington, D.C. 20510

The Honorable Amy Klobuchar
Chair
Subcommittee on Competition Policy,
Antitrust, and Consumer Rights
425 Dirksen Senate Office Building
Washington, D.C. 20510

The Honorable Chuck Grassley
Ranking Member
Committee on Judiciary
135 Hart Senate Office Building
Washington, D.C. 20510

The Honorable Mike Lee
Ranking Member
Subcommittee on Competition Policy,
Antitrust, and Consumer Rights
361A Russell Senate Office Building…

Robot Hacking Games

  • IEEE Security & Privacy
  • January/February 2022

View or Download in PDF Format

Hacker “Capture the Flag” has been a mainstay at hacker gatherings since the mid-1990s. It’s like the outdoor game, but played on computer networks. Teams of hackers defend their own computers while attacking other teams’. It’s a controlled setting for what computer hackers do in real life: finding and fixing vulnerabilities in their own systems and exploiting them in others’. It’s the software vulnerability lifecycle.

These days, dozens of teams from around the world compete in weekend-long marathon events held all over the world. People train for months. Winning is a big deal. If you’re into this sort of thing, it’s pretty much the most fun you can possibly have on the Internet without committing multiple felonies…

Sidebar photo of Bruce Schneier by Joe MacInnis.