Essays in the Category "Laws and Regulations"
Page 3 of 9
Snoops May Soon Be Able to Buy Your Browsing History. Thank the US Congress
Think about all of the websites you visit every day. Now imagine if the likes of Time Warner, AT&T and Verizon collected all of your browsing history and sold it on to the highest bidder. That’s what will probably happen if Congress has its way.
This week, lawmakers voted to allow internet service providers to violate your privacy for their own profit. Not only have they voted to repeal a rule that protects your privacy, they are also trying to make it illegal for the Federal Communications Commission to enact other rules to protect your privacy online…
The Internet of Things Will Upend Our Industry
View or Download in PDF Format
Everything is becoming a computer. Your microwave is a computer that makes things hot. Your refrigerator is a computer that keeps things cold. Your smartphone is a portable computer that makes phone calls. Your car is a distributed system with more than 100 computers plus four wheels and an engine. More alarmingly, a nuclear power plant is a computer that produces energy. This is happening at all levels of our lives and all over the world.
As everything turns into a computer, computer security becomes everything security. This will upend the IT security industry, because our knowledge and experience with computer security will be much more broadly applicable, and the restrictions and regulations from the physical world will be applied to the computer world. The beachhead for all of this is the Internet of Things (IoT), which I liken to a world-sized robot—one that can kill people and destroy property…
Testimony at the U.S. House of Representatives Joint Hearing “Understanding the Role of Connected Devices in Recent Cyber Attacks”
Testimony of Bruce Schneier
Fellow, Berkman-Klein Center at Harvard University
Lecturer and Fellow, Harvard Kennedy School of Government
Special Advisor to IBM Security and CTO of Resilient: An IBM Company
Before the
U.S. House of Representatives
Committee on Energy and Commerce
Subcommittee on Communications and Technology, and the
Subcommittee on Commerce, Manufacturing, and Trade
Joint Hearing Entitled
“Understanding the Role of Connected Devices in Recent Cyber Attacks”
November 16, 2016
10:00 AM
Good morning. Chairmen Walden and Burgess, Ranking Members Eshoo and Schakowsky, members of the committee: thank you for the opportunity to testify on this matter. Although I have an affiliation with both Harvard University and IBM, I am testifying in my personal capacity as a cybersecurity expert and nothing I say should be construed as the official position of either of those organizations…
Your WiFi-Connected Thermostat Can Take Down the Whole Internet. We Need New Regulations.
Late last month, popular websites like Twitter, Pinterest, Reddit and PayPal went down for most of a day. The distributed denial-of-service attack that caused the outages, and the vulnerabilities that made the attack possible, was as much a failure of market and policy as it was of technology. If we want to secure our increasingly computerized and connected world, we need more government involvement in the security of the “Internet of Things” and increased regulation of what are now critical and life-threatening technologies. It’s no longer a question of if, it’s a question of when…
A ‘Key’ for Encryption, Even for Good Reasons, Weakens Security
This essay is part of a debate with Denise Zheng of the Center for Strategic and International Studies.
Encryption keeps you safe. Encryption protects your financial details and passwords when you bank online. It protects your cell phone conversations from eavesdroppers. If you encrypt your laptop—and I hope you do—it protects your data if your computer is stolen. It protects our money and our privacy.
Encryption protects the identity of dissidents all over the world. It’s a vital tool to allow journalists to communicate securely with their sources, N.G.O.s to protect their work in repressive countries, and lawyers to communicate privately with their clients. It protects our vital infrastructure: our communications network, the power grid and everything else. And as we move to the Internet of Things with its cars and thermostats and medical devices, all of which can …
Why You Should Side With Apple, Not the FBI, in the San Bernardino iPhone Case
Either everyone gets security, or no one does.
Earlier this week, a federal magistrate ordered Apple to assist the FBI in hacking into the iPhone used by one of the San Bernardino shooters. Apple will fight this order in court.
The policy implications are complicated. The FBI wants to set a precedent that tech companies will assist law enforcement in breaking their users’ security, and the technology community is afraid that the precedent will limit what sorts of security features it can offer customers. The FBI sees this as a privacy vs. security debate, while the tech community sees it as a security vs. surveillance debate…
The Internet of Things Will Be the World's Biggest Robot
The Internet of Things is the name given to the computerization of everything in our lives. Already you can buy Internet-enabled thermostats, light bulbs, refrigerators, and cars. Soon everything will be on the Internet: the things we own, the things we interact with in public, autonomous things that interact with each other.
These “things” will have two separate parts. One part will be sensors that collect data about us and our environment. Already our smartphones know our location and, with their onboard accelerometers, track our movements. Things like our thermostats and light bulbs will know who is in the room. Internet-enabled street and highway sensors will know how many people are out and about—and eventually who they are. Sensors will collect environmental data from all over the world…
How an Overreaction to Terrorism Can Hurt Cybersecurity
Many technological security failures of today can be traced to failures of encryption. In 2014 and 2015, unnamed hackers—probably the Chinese government—stole 21.5 million personal files of U.S. government employees and others. They wouldn’t have obtained this data if it had been encrypted.
Many large-scale criminal data thefts were made either easier or more damaging because data wasn’t encrypted: Target, T.J. Maxx, Heartland Payment Systems, and so on. Many countries are eavesdropping on the unencrypted communications of their own citizens, looking for dissidents and other voices they want to silence…
How the Internet of Things Limits Consumer Choice
In theory, the Internet of Things—the connected network of tiny computers inside home appliances, household objects, even clothing—promises to make your life easier and your work more efficient. These computers will communicate with each other and the Internet in homes and public spaces, collecting data about their environment and making changes based on the information they receive. In theory, connected sensors will anticipate your needs, saving you time, money, and energy.
Except when the companies that make these connected objects act in a way that runs counter to the consumer’s best interests—as the technology company Philips did recently with its smart ambient-lighting system, Hue, which consists of a central controller that can remotely communicate with light bulbs. In mid-December, the company pushed out a …
Can Laws Keep Up with Tech World?
On Thursday, a Brazilian judge ordered the text messaging service WhatsApp shut down for 48 hours. It was a monumental action.
WhatsApp is the most popular app in Brazil, used by about 100 million people. The Brazilian telecoms hate the service because it entices people away from more expensive text messaging services, and they have been lobbying for months to convince the government that it’s unregulated and illegal. A judge finally agreed.
In Brazil’s case, WhatsApp was blocked for allegedly failing to respond to a court order. Another judge …
Sidebar photo of Bruce Schneier by Joe MacInnis.