Security expert Schneier is realistic about the dangers posed by putting software in all types of appliances
Schneier, present at the RSA Conference, said that until now everyone had this "special right" to code the world as they saw fit. "My guess is we're going to lose that right because it's too dangerous to give it to a bunch of techies," he added, according to The Register.
His words came after accepting an observation made by Marc Andreessen six years ago that software was eating the world. "As everything turns into a computer, computer security becomes everything security," Schneier said, to give his previous statement some context.
A connected world is great but dangerous
As he likened the Internet to a giant robot, one capable of affecting the physical world just as it affects the virtual one, the threat becomes much more real.
Bruce Schneier on Tuesday called on technologists to get involved with policy, insisting that as the Internet of things continues to unfold, the knowledge security experts have will become more applicable.
Schneier, CTO of IBM Resilient, stressed in a talk here at the RSA Conference that the need has become more pressing in the wake of Mirai; the threats associated with IoT insecurity are more palpable than ever.
"It's one thing for Reddit to be DDoSed, its another thing for your home thermostat to be DDoSed in the winter," Schneier said.
Schneier posted a list of guidelines that have been written for securing the internet of things last week on his blog.
Open source has won, but victory may be fleeting
The Open Source Leadership Summit began on Tuesday amid roads closed by a landslide: held in The Resort at Squaw Creek near Lake Tahoe, California, it was not easily accessible to attendees traveling Highway 80 from the San Francisco Bay Area.
During his opening keynote, Jim Zemlin, executive director of the Linux Foundation, made light of the mudslides that brought traffic to a crawl near Donner Pass on Monday evening. The trip at least was less arduous than it was last year, he said.
Zemlin's remarks amounted to an open-source victory lap.
According to the IT security expert Bruce Schneier, the consequences of unrestricted connectivity in the Internet of Things could be devastating. In the interview, he calls for greater security for the Internet of Things (IoT).
"The era of fun and games is over," said Bruce Schneier at the Telekom Security Congress in Frankfurt in November 2016. The American expert for IoT security and cryptography is Chief Technology Officer (CTO) of IBM Resilient.
On Tuesday, President-elect Donald Trump named cyber expert Tom Bossert as his homeland security adviser.
Bossert is currently a fellow at the Atlantic Council and was a former national security aide to President George W. Bush.
He says cybersecurity will be one a top priority in his new job.
And if the events of 2016 say anything, Bossert will likely have a lot on his plate.
"American Elections Will Be Hacked." That’s the title of a recent article in The New York Times by our next guest, the leading cybersecurity and privacy researcher Bruce Schneier. Schneier warns, "Our newly computerized voting systems are vulnerable to attack by both individual hackers and government-sponsored cyberwarriors. It is only a matter of time before such an attack happens."
During a House Committee hearing today, Bruce Schneier also asks for the establishment of a new government agency devoted to cybersecurity.
Security experts asked lawmakers for more action, today, during a Congressional hearing on IoT security. On their wishlist: consequences to manufacturers for delivering insecure products, a federally funded independent lab for pre-market cybersecurity testing, and an entirely new federal agency devoted to cybersecurity.
The hearing, "Understanding the Role of Connected Devices in Recent Attacks," was held by the US House Committee on Energy and Commerce, with expert witnesses Dale Drew, senior vice president and chief security officer of Level 3 Communications; Dr. Kevin Fu, CEO of Virta Labs and associated professor of electrical engineering and computer science at the University of Michigan; and Bruce Schneier, fellow of the Berkman Klein Center at Harvard University.
"We are in this sorry and deteriorating state because there is almost no cost to a manufacturer for deploying products with poor cybersecurity to consumers," said Dr. Fu. He later added "also there's no benefit if they deploy something with good security."
"The market can't fix this," said Schneier, because "the buyer and seller don't care ...
Computer security experts on Wednesday pressed for comprehensive federal regulations mandating strong security protocols for the Internet of Things, saying it's not a matter of if but when rules are issued for connected devices.
"The Internet of Things affects the world in a directly physical manner—cars, appliances, thermostat, airplanes," said Bruce Schneier, a computer security expert at Harvard University, during testimony at a hearing held by two House Energy and Commerce subcommittees. "There's real risk to life and property. There's real, catastrophic risks."
With the increasing ubiquity and fundamental vulnerability of IoT technology, Schneier said it's a moot point to argue over whether the federal government will eventually regulate the industry.
The hacking of Democratic Party organizations has made internet security germane to the 2016 presidential election campaign. America's intelligence community has accused high-level Russian officials of backing these cyberattacks in an attempt to influence the election result. Such allegations have helped thrust relations between Washington and Moscow to their lowest point in decades.
Meanwhile, the integrity of America's internet infrastructure was tested on Oct. 21, 2016 with a distributed denial of service (DDoS) attack.
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient, an IBM Company.