Latest Essays

Page 26

Can Laws Keep Up with Tech World?

  • Bruce Schneier
  • CNN
  • December 21, 2015

On Thursday, a Brazilian judge ordered the text messaging service WhatsApp shut down for 48 hours. It was a monumental action.

WhatsApp is the most popular app in Brazil, used by about 100 million people. The Brazilian telecoms hate the service because it entices people away from more expensive text messaging services, and they have been lobbying for months to convince the government that it’s unregulated and illegal. A judge finally agreed.

    In Brazil’s case, WhatsApp was blocked for allegedly failing to respond to a court order. Another judge …

    Read More →

    The Automation of Reputation

    • Bruce Schneier
    • Edge
    • November 5, 2015

    This essay is part of a conversation with Gloria Origgi entitled “What is Reputation?” Other participants were Abbas Raza, William Poundstone, Hugo Mercier, Quentin Hardy, Martin Nowak and Roger Highfield, Bruce Schneier, and Kai Krause.

    Reputation is a social mechanism by which we come to trust one another, in all aspects of our society. I see it as a security mechanism. The promise and threat of a change in reputation entices us all to be trustworthy, which in turn enables others to trust us. In a very real sense, reputation enables friendships, commerce, and everything else we do in society. It’s old, older than our species, and we are finely tuned to both perceive and remember reputation information, and broadcast it to others…

    Read More →

    The Rise of Political Doxing

    • Bruce Schneier
    • Motherboard
    • October 28, 2015

    Last week, CIA director John O. Brennan became the latest victim of what’s become a popular way to embarrass and harass people on the internet. A hacker allegedly broke into his AOL account and published emails and documents found inside, many of them personal and sensitive.

    It’s called doxing—sometimes doxxing—from the word “documents.” It emerged in the 1990s as a hacker revenge tactic, and has since been as a tool to harass and intimidate people, primarily women, on the internet. Someone would threaten a woman with physical harm, or try to incite others to harm her, and publish her personal information as a way of saying “I know a lot about you—like where you live and work.” Victims of doxing …

    Read More →

    Face Facts about Internet Security

    • Bruce Schneier
    • CNN
    • October 23, 2015

    If the director of the CIA can’t keep his e-mail secure, what hope do the rest of us have—for our e-mail or any of our digital information?

    None, and that’s why the companies that we entrust with our digital lives need to be required to secure it for us, and held accountable when they fail. It’s not just a personal or business issue; it’s a matter of public safety.

    The details of the story are worth repeating. Someone, reportedly a teenager, hacked into CIA Director John O. Brennan’s AOL account. He says he did so by posing as a Verizon employee to Verizon to get personal information about Brennan’s account, as well as his bank card number and his AOL e-mail address. Then he called AOL and pretended to be Brennan. Armed with the information he got from Verizon, he convinced AOL customer service to reset his password…

    Read More →

    The Era Of Automatic Facial Recognition And Surveillance Is Here

    • Bruce Schneier
    • Forbes
    • September 29, 2015

    ID checks were a common response to the terrorist attacks of 9/11, but they’ll soon be obsolete. You won’t have to show your ID, because you’ll be identified automatically. A security camera will capture your face, and it’ll be matched with your name and a whole lot of other information besides. Welcome to the world of automatic facial recognition. Those who have access to databases of identified photos will have the power to identify us. Yes, it’ll enable some amazing personalized services; but it’ll also enable whole new levels of surveillance. The underlying technologies are being developed today, and there are currently no rules limiting their use…

    Read More →

    Stealing Fingerprints

    • Bruce Schneier
    • Motherboard
    • September 29, 2015

    The news from the Office of Personnel Management hack keeps getting worse. In addition to the personal records of over 20 million US government employees, we’ve now learned that the hackers stole fingerprint files for 5.6 million of them.

    This is fundamentally different from the data thefts we regularly read about in the news, and should give us pause before we entrust our biometric data to large networked databases.

    There are three basic kinds of data that can be stolen. The first, and most common, is authentication credentials. These are passwords and other information that allows someone else access into our accounts and—usually—our money. An example would be the 56 million credit card numbers hackers …

    Read More →

    VW Scandal Could Just Be the Beginning

    • Bruce Schneier
    • CNN
    • September 28, 2015

    Portuguese translation by Ricardo R Hashimoto

    For the past six years, Volkswagen has been cheating on the emissions testing for its diesel cars. The cars’ computers were able to detect when they were being tested, and temporarily alter how their engines worked so they looked much cleaner than they actually were. When they weren’t being tested, they belched out 40 times the pollutants. Their CEO has resigned, and the company will face an expensive recall, enormous fines and worse.

    Cheating on regulatory testing has a long history in corporate America. It …

    Read More →

    Living in Code Yellow

    • Bruce Schneier
    • Fusion
    • September 22, 2015

    In 1989, handgun expert Jeff Cooper invented something called the Color Code to describe what he called the ‘combat mind-set.’ Here is his summary:

    In White you are unprepared and unready to take lethal action. If you are attacked in White you will probably die unless your adversary is totally inept.

    In Yellow you bring yourself to the understanding that your life may be in danger and that you may have to do something about it.

    In Orange you have determined upon a specific adversary and are prepared to take action which may result in his death, but you are not in a lethal mode…

    Read More →

    Hacking Team, Computer Vulnerabilities, and the NSA

    • Bruce Schneier
    • Georgetown Journal of International Affairs
    • September 13, 2015

    When the National Security Administration (NSA)—or any government agency—discovers a vulnerability in a popular computer system, should it disclose it or not? The debate exists because vulnerabilities have both offensive and defensive uses. Offensively, vulnerabilities can be exploited to penetrate others’ computers and networks, either for espionage or destructive purposes. Defensively, publicly revealing security flaws can be used to make our own systems less vulnerable to those same attacks. The two options are mutually exclusive: either we can help to secure both our own networks and the systems we might want to attack, or we can keep both networks vulnerable. Many, myself …

    Read More →

    Is It OK to Shoot Down a Drone over Your Backyard?

    • Bruce Schneier
    • CNN
    • September 9, 2015

    Last month, a Kentucky man shot down a drone that was hovering near his backyard.

    WDRB News reported that the camera drone’s owners soon showed up at the home of the shooter, William H. Merideth: “Four guys came over to confront me about it, and I happened to be armed, so that changed their minds,” Merideth said. “They asked me, ‘Are you the S-O-B that shot my drone?’ and I said, ‘Yes I am,’” he said. “I had my 40 mm Glock on me and they started toward me and I told them, ‘If you cross my sidewalk, there’s gonna be another shooting.’” Police charged Meredith with criminal mischief and wanton endangerment…

    Read More →
    ← Earlier EssaysLater Essays →

    Sidebar photo of Bruce Schneier by Joe MacInnis.