Latest Essays
Page 34
The Internet Is a Surveillance State
I’m going to start with three data points.
One: Some of the Chinese military hackers who were implicated in a broad set of attacks against the U.S. government and corporations were identified because they accessed Facebook from the same network infrastructure they used to carry out their attacks.
Two: Hector Monsegur, one of the leaders of the LulzSac hacker movement, was identified and arrested last year by the FBI. Although he practiced good computer security and used an anonymous relay service to protect his identity, he …
Rhetoric of Cyber War Breeds Fear—and More Cyber War
Americans have a weird relationship with the word “war”. We hate using it to describe actual wars but we love using it in a rhetorical context. We had the war on poverty, the war on crime, the war on drugs and the war on terror.
One of the big “wars” we’re talking about now is cyber war and, in this case, the word is dangerous. It is both a rhetorical war as well as something with elements of actual combat. The word also confuses the political debate about how to deal with cyber security.
The danger is that words frame the debate. If we use the rhetoric of war, we invoke feelings of fear and helplessness. We understand that this is something nations do to each other and that it’s not “normal” time when we’re at war…
Our Security Models Will Never Work—No Matter What We Do
A core, not side, effect of technology is its ability to magnify power and multiply force—for both attackers and defenders. One side creates ceramic handguns, laser-guided missiles, and new-identity theft techniques, while the other side creates anti-missile defense systems, fingerprint databases, and automatic facial recognition systems.
The problem is that it’s not balanced: Attackers generally benefit from new security technologies before defenders do. They have a first-mover advantage. They’re more nimble and adaptable than defensive institutions like police forces. They’re not limited by bureaucracy, laws, or ethics. They can evolve faster. And entropy is on their side—it’s easier to destroy something than it is to prevent, defend against, or recover from that destruction…
Danger Lurks in Growing New Internet Nationalism
Cyber-espionage is old news. What's new is the rhetoric, which is reaching a fever pitch right now.
For technology that was supposed to ignore borders, bring the world closer together, and sidestep the influence of national governments, the Internet is fostering an awful lot of nationalism right now. We’ve started to see increased concern about the country of origin of IT products and services; U.S. companies are worried about hardware from China; European companies are worried about cloud services in the U.S; no one is sure whether to trust hardware and software from Israel; Russia and China might each be building their own operating systems out of concern about using foreign ones…
Take Stop-and-Scan with a Grain of Salt
Security Has Become a For-Profit Business
This is an edited version of a longer essay.
It’s a new day for the New York Police Department, with technology increasingly informing the way cops do their jobs. With innovation come new possibilities, but also new concerns.
For one, the NYPD is testing a security apparatus that uses terahertz radiation to detect guns under clothing from a distance. As Police Commissioner Ray Kelly explained back in January, “If something is obstructing the flow of that radiation, for example a weapon, the device will highlight that object.”
Ignore, for a moment, the glaring constitutional concerns, which make the stop-and-frisk debate pale in comparison: virtual strip-searching, evasion of probable cause, potential profiling. Organizations like the American Civil Liberties Union are all over those, even though their opposition probably won’t make a difference. We’re scared of terrorism and crime (even as the risks decrease), and when we’re scared, we’re willing to give up all sorts of freedoms to assuage our fears. Often, the courts go along…
IT for Oppression
View or Download in PDF Format
Whether it’s Syria using Facebook to help identify and arrest dissidents or China using its “Great Firewall” to limit access to international news throughout the country, repressive regimes all over the world are using the Internet to more efficiently implement surveillance, censorship, propaganda, and control. They’re getting really good at it, and the IT industry is helping. We’re helping by creating business applications—categories of applications, really—that are being repurposed by oppressive governments for their own use:…
The Court of Public Opinion Is About Mob Justice and Reputation as Revenge
Recently, Elon Musk and The New York Times took to Twitter and the internet to argue the data —and their grievances—over a failed road test and car review. Meanwhile, an Applebee’s server is part of a Change.org petition to get her job back after posting a pastor’s no-tip receipt comment online. And when he wasn’t paid quickly enough, a local Fitness SF web developer rewrote the company’s webpage to air his complaint.
All of these ‘cases’ are seeking their judgments in the court of public opinion. The court of public opinion has a full docket; even brick-and-mortar establishments aren’t immune…
How Secure Is the Papal Election?
Spanish translation
Portuguese translation
As the College of Cardinals prepares to elect a new pope, security people like me wonder about the process. How does it work, and just how hard would it be to hack the vote?
The rules for papal elections are steeped in tradition. John Paul II last codified them in 1996, and Benedict XVI left the rules largely untouched. The “Universi Dominici Gregis on the Vacancy of the Apostolic See and the Election of the Roman Pontiff” is surprisingly detailed.
Every cardinal younger than 80 is eligible to vote. We expect 117 …
Trust and Society
This morning, I flew from Boston to New York. Before that, I woke up in a hotel, trusting everyone on the staff who has a master key. I took a Boston taxi to the airport, trusting not just the taxi driver, but everyone else on the road. At Boston’s Logan Airport, I had to trust everyone who worked for the airline, everyone who worked at the airport, and the thousands of other passengers. I also had to trust everyone who came in contact with the food I bought and ate before boarding my plane. In New York, I similarly had to trust everyone at LaGuardia Airport, my New York taxi driver, and the staff at my new hotel—where I am right now, writing this…
Power And The Internet
This essay appeared as a response to Edge‘s annual question, “What *Should* We Be Worried About?“
All disruptive technologies upset traditional power balances, and the Internet is no exception. The standard story is that it empowers the powerless, but that’s only half the story. The Internet empowers everyone. Powerful institutions might be slow to make use of that new power, but since they are powerful, they can use it more effectively. Governments and corporations have woken up to the fact that not only can they use the Internet, they can control it for their interests. Unless we start deliberately debating the future we want to live in, and information technology in enabling that world, we will end up with an Internet that benefits existing power structures and not society in general…
Sidebar photo of Bruce Schneier by Joe MacInnis.