Latest Essays

Page 46

How Perverse Incentives Drive Bad Security Decisions

  • Bruce Schneier
  • Wired
  • February 26, 2009

An employee of Whole Foods in Ann Arbor, Michigan, was fired in 2007 for apprehending a shoplifter. More specifically, he was fired for touching a customer, even though that customer had a backpack filled with stolen groceries and was running away with them.

I regularly see security decisions that, like the Whole Foods incident, seem to make absolutely no sense. However, in every case, the decisions actually make perfect sense once you understand the underlying incentives driving the decision. All security decisions are trade-offs, but the motivations behind them are not always obvious: They’re often subjective, and driven by external incentives. And often security trade-offs are made for nonsecurity reasons…

Read More →

The Secret Question Is: Why Do IT Systems Use Insecure Passwords?

  • Bruce Schneier
  • The Guardian
  • February 19, 2009

Since January, the Conficker.B worm has been spreading like wildfire across the internet, infecting the French navy, hospitals in Sheffield, the court system in Houston, Texas, and millions of computers worldwide. One of the ways it spreads is by cracking administrator passwords on networks. Which leads to the important question: why are IT administrators still using easy-to-guess passwords?

Computer authentication systems have two basic requirements. They need to keep the bad guys from accessing your account, and they need to allow you to access your account. Both are important, and every system is a balancing act between the two. Too little security, and the bad guys will get in too easily. But if the authentication system is too complicated, restrictive, or hard to use, you won’t be able, or won’t bother, to use it…

Read More →

Thwarting an Internal Hacker

  • Bruce Schneier
  • The Wall Street Journal
  • February 16, 2009

Rajendrasinh Makwana was a UNIX contractor for Fannie Mae. On October 24, he was fired. Before he left, he slipped a logic bomb into the organization’s network. The bomb would have “detonated” on January 31. It was programmed to disable access to the server on which it was running, block any network monitoring software, systematically and irretrievably erase everything—and then replicate itself on all 4,000 Fannie Mae servers. Court papers claim the damage would have been in the millions of dollars, a number that seems low. Fannie Mae would have been shut down for at least a week…

Read More →

Social Networking Risks

  • Bruce Schneier
  • Information Security
  • February 2009

This essay appeared as the first half of a point-counterpoint with Marcus Ranum.

Are employees blogging corporate secrets? It’s not an unreasonable fear, actually. People have always talked about work to their friends. It’s human nature for people to talk about what’s going on in their lives, and work is a lot of most people’s lives. Historically, organizations generally didn’t care very much. The conversations were intimate and ephemeral, so the risk was small. Unless you worked for the military with actual national secrets, no one worried about it very much…

Read More →

Terrorists May Use Google Earth, But Fear Is No Reason to Ban It

  • Bruce Schneier
  • The Guardian
  • January 29, 2009

This essay also appeared in The Hindu, Brisbane Times, and The Sydney Morning Herald.

German translation

It regularly comes as a surprise to people that our own infrastructure can be used against us. And in the wake of terrorist attacks or plots, there are fear-induced calls to ban, disrupt or control that infrastructure. According to officials investigating the Mumbai attacks, the terrorists used images from Google Earth to help learn their way around. This isn’t the first time Google Earth has been charged with helping terrorists: in 2007, Google Earth images of British military bases were found in the homes of …

Read More →

How to Ensure Police Database Accuracy

  • Bruce Schneier
  • The Wall Street Journal
  • January 27, 2009

Earlier this month, the Supreme Court ruled that evidence gathered as a result of errors in a police database is admissible in court. Their narrow decision is wrong, and will only ensure that police databases remain error-filled in the future.

The specifics of the case are simple. A computer database said there was a felony arrest warrant pending for Bennie Herring when there actually wasn’t. When the police came to arrest him, they searched his home and found illegal drugs and a gun. The Supreme Court was asked to rule whether the police had the right to arrest him for possessing those items, even though there was no legal basis for the search and arrest in the first place…

Read More →

Why Technology Won't Prevent Identity Theft

  • Bruce Schneier
  • The Wall Street Journal
  • January 9, 2009

Hebrew translation

Impersonation isn’t new. In 1556, a Frenchman was executed for impersonating Martin Guerre and this week hackers impersonated Barack Obama on Twitter. It’s not even unique to humans: mockingbirds, Viceroy butterflies, and the brown octopus all use impersonation as a survival strategy. For people, detecting impersonation is a hard problem for three reasons: we need to verify the identity of people we don’t know, we interact with people through “narrow” communications channels like the telephone and Internet, and we want computerized systems to do the verification for us…

Read More →

Tigers Use Scent, Birds Use Calls—Biometrics Are Just Animal Instinct

  • Bruce Schneier
  • The Guardian
  • January 8, 2009

Biometrics may seem new, but they’re the oldest form of identification. Tigers recognise each other’s scent; penguins recognise calls. Humans recognise each other by sight from across the room, voices on the phone, signatures on contracts and photographs on drivers’ licences. Fingerprints have been used to identify people at crime scenes for more than 100 years.

What is new about biometrics is that computers are now doing the recognising: thumbprints, retinal scans, voiceprints, and typing patterns. There’s a lot of technology involved here, in trying to both limit the number of false positives (someone else being mistakenly recognised as you) and false negatives (you being mistakenly not recognised). Generally, a system can choose to have less of one or the other; less of both is very hard…

Read More →

State Data Breach Notification Laws: Have They Helped?

  • Bruce Schneier
  • Information Security
  • January 2009

This essay appeared as the second half of a point/counterpoint with Marcus Ranum. Marcus’s half is here.

THERE ARE THREE REASONS for breach notification laws. One, it’s common politeness that when you lose something of someone else’s, you tell him. The prevailing corporate attitude before the law—”They won’t notice, and if they do notice they won’t know it’s us, so we are better off keeping quiet about the whole thing”—is just wrong. Two, it provides statistics to security researchers as to how pervasive the problem really is. And three, it forces companies to improve their security…

Read More →

Architecture of Privacy

  • Bruce Schneier
  • IEEE Security & Privacy
  • January/February 2009

View or Download in PDF Format

The Internet isn’t really for us. We’re here at the beginning, stumbling around, just figuring out what it’s good for and how to use it. The Internet is for those born into it, those who have woven it into their lives from the beginning. The Internet is the greatest generation gap since rock and roll, and only our children can hope to understand it.

Larry Lessig famously said that, on the Internet, code is law. Facebook’s architecture limits what we can do there, just as gravity limits what we can do on Earth. The 140-character limit on SMSs is as effective as a legal ban on grammar, spelling, and long-winded sentences: KTHXBYE…

Read More →
← Earlier EssaysLater Essays →

Sidebar photo of Bruce Schneier by Joe MacInnis.