Bruce Schneier is a world-renowned cryptographer and security technologist whom the Economist has dubbed an "internet-security guru." Schneier has authored a dozen books since 1993, with his next book—Click Here to Kill Everybody: Peril and Promise in a Hyper-Connected World—due for release in September 2018, and set to tackle the burgeoning trends of cybercrime, corporate surveillance, and how to mitigate the catastrophic risks from unsecured devices.
Earlier this year, Schneier wrote a chilling article in New York Magazine detailing the pressing dangers of unsecured IoT devices and, more recently, consulted on bipartisan legislation that will ensure devices purchased by the U.S. government meet specific security standards.
On top of all that, Schneier frequently blogs on internet and security matters and runs a monthly newsletter, "Crypto-gram," that has amassed a following exceeding 250,000—so we thought he'd be perfect for an ExpressVPN cybersecurity Q+A.
"Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World" is a book meant to scare you, and it does a good job. The book is designed to get our attention and serve as a wake-up call on a number of issues that beg for more robust public discussion. Chief among these issues are mass surveillance from governments and the commercial world, and how this is affecting personal privacy and even public security. More importantly, I believe Bruce Schneier offers some excellent recommendations as to what we should all be talking about and doing when it comes to bringing these critical issues out of the shadows and into the light.
‘Surveillance Is the Business Model of the Internet,’ Berkman and Belfer Fellow Says
In the internet era, consumers seem increasingly resigned to giving up fundamental aspects of their privacy for convenience in using their phones and computers, and have grudgingly accepted that being monitored by corporations and even governments is just a fact of modern life.
In fact, internet users in the United States have fewer privacy protections than those in other countries. In April, Congress voted to allow internet service providers to collect and sell their customers' browsing data. By contrast, the European Union hit Google this summer with a $2.7 billion antitrust fine.
To assess the internet landscape, the Gazette interviewed cybersecurity expert Bruce Schneier, a fellow with the Berkman Klein Center for Internet & Society and the Belfer Center for Science and International Affairs at Harvard Kennedy School.
US Senators just introduced new legislation to regulate the purchase of Internet of Things (IoT) devices. Why did they do it, and what chance is there of success?
The Internet of Things Cybersecurity Improvement Act would set minimum security requirements for federal procurements of connected devices. These include the ability to patch code, a lack of hard-coded passwords, and freedom from known security vulnerabilities.
Under surveillance capitalism, we’ve lost control of our devices and our data – but there is a way back. Interview with Bruce Schneier by Agne Pix.
Agne Pix (AP): Does technology protect our privacy on the internet or is it a threat?
Bruce Schneier (BS): There are a lot of technologies that help preserve privacy and keep us and our data secure, like for example encryption. Technology can also remove privacy: you may think of cameras or listening devices and insecure internet connections. We are living in a world where we often interact with computers. They produce data about these interactions, which is data about ourselves and that is collected by corporations.
Dubbed a 'security guru' by The Economist, Bruce Schneier has authored several books, including NYT bestseller Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, as well as hundreds of articles and academic papers. In 2013, the American security technologist was invited to brief a US Congress group about the documents revealed by whistleblower Edward Snowden, and to explain 'what the NSA (National Security Agency) was doing'. In an email interview to Kim Arora , he spoke about the recent Wannacry ransomware attack, cybersecurity, and threats to privacy. Excerpts:
With the Wannacry ransomware attack, we saw how neglecting to install a security update in time led to massive losses worldwide.
In today’s episode, together with Bruce Schneier, we are talking about how to start and skyrocket your career in cybersecurity.
Paula: I’m here with Bruce Schneier. The most prominent person in security. Thank you so much for being with me.
Why sensationalized terrorism coverage makes us overreact to risk.
For most Americans, terrorism is only ever experienced through a television screen or front page of a newspaper. Despite generating massive headlines, terrorism kills a shockingly small number of Americans every year, especially when compared to a problem like gun violence. In terms of the public's attention, terrorism takes up a lot more space than its death toll warrants.
But for cable news networks, terrorism coverage is big business.
Security expert Bruce Schneier says we're creating an Internet that senses, thinks, and acts, which is is the classic definition of a robot. "I contend that we're building a world-sized robot without even realizing it," he said recently at the Open Source Leadership Summit (OSLS).
In his talk, Schneier explained this idea of a world-sized robot, created out of the Internet, that has no single consciousness, no single goal, and no single creator. You can think of it, he says, as an Internet that affects the world in a direct physical manner.
WikiLeaks may have exposed the CIA's ability to hack into phones, televisions, cars—pretty much everything, but according to internationally renowned security technologist and author Bruce Schneier, it isn't the intelligence agencies you should be worried about. He's more concerned that these technologies have been around for decades. Bruce is sharing three things to be concerned about with Kristina Guerrero.
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.