Essays in the Category "National Security Policy"
Page 10 of 14
Bruce Schneier: Security at What Cost?
National ID System Is Not Worth The $23 Billion Price Tag
The argument was so obvious it hardly needed repeating: We would all be safer if we had a better ID card. A good, hard-to-forge national ID is a no-brainer (or so the argument goes), and it’s ridiculous that a modern country such as the United States doesn’t have one. One result of this line of thinking is the planned Real ID Act, which forces all states to conform to common and more stringent rules for issuing driver’s licenses.
But security is always a tradeoff; it must be balanced with the cost. We all do this intuitively. Few of us walk around wearing bulletproof vests. It’s not because they’re ineffective, it’s because for most of us, the tradeoff isn’t worth it. It’s not worth the cost, the inconvenience, or the loss of fashion sense…
Driver's Licenses for Immigrants: Denying Licenses Makes Us Less Safe
Many people say that allowing illegal aliens to obtain state driver’s licenses helps them and encourages them to remain illegally in this country. Michigan Attorney General Mike Cox late last year issued an opinion that licenses could be issued only to legal state residents, calling it “one more tool in our initiative to bolster Michigan’s border and document security.”
In reality, we are a much more secure nation if we do issue driver’s licenses and/or state IDs to every resident who applies, regardless of immigration status. Issuing them doesn’t make us any less secure, and refusing puts us at risk…
What Our Top Spy Doesn't Get: Security and Privacy Aren't Opposites
If there’s a debate that sums up post-9/11 politics, it’s security versus privacy. Which is more important? How much privacy are you willing to give up for security? Can we even afford privacy in this age of insecurity? Security versus privacy: It’s the battle of the century, or at least its first decade.
In a Jan. 21 New Yorker article, Director of National Intelligence Michael McConnell discusses a proposed plan to monitor all—that’s right, all—internet communications for security purposes, an idea so extreme that the word “Orwellian” feels too mild…
Time to Close Gaps in Emergency Communications
I live in Minneapolis, so the collapse of the Interstate 35W bridge over the Mississippi River earlier this month hit close to home, and was covered in both my local and national news.
Much of the initial coverage consisted of human interest stories, centered on the victims of the disaster and the incredible bravery shown by first responders: the policemen, firefighters, EMTs, divers, National Guard soldiers and even ordinary people, who all risked their lives to save others. (Just two weeks later, three rescue workers died in their almost-certainly futile attempt to save six miners in Utah.)…
Is Big Brother a Big Deal?
This essay appeared as part of a point-counterpoint with Marcus Ranum. Marcus’s side, to which this is a response, can be found on his website.
Big Brother isn’t what he used to be. George Orwell extrapolated his totalitarian state from the 1940s. Today’s information society looks nothing like Orwell’s world, and watching and intimidating a population today isn’t anything like what Winston Smith experienced.
Data collection in 1984 was deliberate; today’s is inadvertent. In the information society, we generate data naturally. In Orwell’s world, people were naturally anonymous; today, we leave digital footprints everywhere…
Vigilantism Is a Poor Response to Cyberattack
Last month Marine Gen. James Cartwright told the House Armed Services Committee that the best cyberdefense is a good offense.
As reported in Federal Computer Week, Cartwright said: “History teaches us that a purely defensive posture poses significant risks,” and that if “we apply the principle of warfare to the cyberdomain, as we do to sea, air and land, we realize the defense of the nation is better served by capabilities enabling us to take the fight to our adversaries, when necessary, to deter actions detrimental to our interests.”
The general isn’t alone. In 2003, the entertainment industry tried to get a …
Automated Targeting System
This article was published under the title “They’re Watching.”
If you’ve traveled abroad recently, you’ve been investigated. You’ve been assigned a score indicating what kind of terrorist threat you pose. That score is used by the government to determine the treatment you receive when you return to the U.S. and for other purposes as well.
Curious about your score? You can’t see it. Interested in what information was used? You can’t know that. Want to clear your name if you’ve been wrongly categorized? You can’t challenge it. Want to know what kind of rules the computer is using to judge you? That’s secret, too. So is when and how the score will be used…
Do Federal Security Regulations Help?
This essay appeared as part of a point-counterpoint with Marcus Ranum.
Regulation is all about economics. Here’s the theory. In a capitalist system, companies make decisions based on their own self-interest. This isn’t a bad thing; it’s actually a very good thing. We don’t want companies to act as public charities; we want them to act as for-profit entities. But there are often effects of company decisions that are not borne by the companies; these are known as “externalities” to the decision. Companies aren’t going to take externalities into account, because, well, because they’re someone else’s problem. If we as a society want externalities to factor into company decisions, then we have to make those externalities internal. Once we do that, the natural engine of capitalism will take over…
The ID Chip You Don't Want in Your Passport
This essay also appeared in San Jose Mercury News, Sacramento Bee, Concord Monitor, Fort Worth Star Telegram, Dallas Morning News, Contra Costa Times, Statesman Journal, and The Clarion-Ledger.
If you have a passport, now is the time to renew it—even if it’s not set to expire anytime soon. If you don’t have a passport and think you might need one, now is the time to get it. In many countries, including the United States, passports will soon be equipped with RFID chips. And you don’t want one of these chips in your passport.
RFID stands for “radio-frequency identification.” Passports with RFID chips store an electronic copy of the passport information: your name, a digitized picture, etc. And in the future, the chip might store fingerprints or digital visas from various countries…
Is There Strategic Software?
This essay appeared as part of a point-counterpoint with Marcus Ranum. Marcus’s side can be found on his website.
If you define “critical infrastructure” as “things essential for the functioning of a society and economy,” then software is critical infrastructure. For many companies and individuals, if their computers stop working then they stop working.
It’s a situation that sneaked up on us. Everyone knew that the software that flies 747s or targets cruise missiles is critical, but who thought of the airlines’ weight and balance computers, or the operating system running the databases and spreadsheets that determine which cruise missiles get shipped where? These sorts of systems are more vulnerable around the edges than they are head-on. And over the years, common, off-the-shelf, personal- and business-grade software has been used for more and more critical applications. Today, we find ourselves in a position where a well-positioned flaw in Windows or Cisco routers or Apache could seriously affect the economy. (Some researchers have suggested that well-designed worms could overwhelm the Internet in fifteen minutes.)…
Sidebar photo of Bruce Schneier by Joe MacInnis.