News: 2007 Archives

Bruce Almighty: Schneier preaches security to Linux faithful

Schneier is one of three keynote speakers at 2008 and speaks with Dahna McConnachie about his presentation, books and thoughts.

  • Dahna McConnachie
  • Computerworld
  • December 27, 2007

Internationally renowned security guru, Bruce Schneier, will be encouraging technologists at to take a lesson from Luke Skywalker, and “feel the force” a little more when it comes to security.

Schneier, who is CTO of BT Counterpane, is one of the three keynote speakers at the 2008 He joins Python release manager, Anthony Baxter and founding member of HP’s Linux division, Stormy Peters.

Dahna McConnachie speaks with Schneier about his talk, “Reconceptualising Security” and how technologists need to remember the importance of the human element. He also discusses cyber-war, what Linux has done for security, and the likelihood of another edition of Applied Cryptography…

Bruce Schneier Blazes Through Your Questions

  • Stephen J. Dubner
  • Freakonomics (NYTimes Blog)
  • December 4, 2007

Last week, we solicited your questions for Internet security guru Bruce Shneier. He responded in force, taking on nearly every question, and his answers are extraordinarily interesting, providing mandatory reading for anyone who uses a computer. He also plainly thinks like an economist: search below for “crime pays” to see his sober assessment of why it’s better to earn a living as a security expert than as a computer criminal.

Thanks to Bruce and to all of you for participating. Here’s a note that Bruce attached at the top of his answers: “Thank you all for your questions. In many cases, I’ve written longer essays on the topics you’ve asked about. In those cases, I’ve embedded the links into the necessarily short answers I’ve given here.”…

Guru Beaks Farewell to IT Security Firms

They'll be absorbed by big companies as security gets built into products, Bruce Schneier predicts to OO GIN LEE

  • The Straits Times
  • November 27, 2007

He is sounding the death knell of the consumer IT security market.

IT security guru Bruce Schneier is “100 per cent sure” that consumer security products will cease to exist in the future.

“Companies like Symantec, Network Associates and Qualis will be eventually subsumed as part of larger IT vendors,” said Bruce, who was in town earlier this month to give a talk to the local security industry.

Bruce who is mentioned in the Da Vinci Code novel as a modern cryptologist, gave the recent examples of IBM buying security company Internet Security Systems (ISS)and British Telecom (BT) acquiring Counterpane, the company he founded…

Criminal Hackers Gaining Advantage

But protection remains a hard sell with many companies, says security expert

  • David Finlayson
  • Edmonton Journal
  • November 6, 2007

EDMONTON – Technology’s becoming so fast and complex it’s outstripping our ability to keep out hackers and criminals, computer security guru Bruce Schneier said Monday.

“Complexity is the worst enemy of security,” Schneier told the Canadian Information Processing Society (CIPS) conference Monday. “It’s getting worse faster than security is getting better, and we have no idea how to fix this.”

The hacker hobbyists of 10 years ago have been replaced by sophisticated criminals who can get into your computer or server without you knowing about it, said Schneier, whose latest book is Beyond Fear: Thinking Sensibly About Security in an Uncertain World…

Interview: the Value of Bruce

BT Counterpane's Bruce Schneier talks to Eleanor Dallaway about why he hasn't been fired yet

  • Infosecurity
  • November 2, 2007

Bruce Schneier has increased BT’s press mentions in the North American press by 21% since the UK telecom giant’s acquisition of his firm Counterpane one year ago. BT insists that the acquisition ran smoothly and that the two companies are working well together, and Bruce tells us that the Counterpane people are happy. But it seems there are a few creases in the BT Counterpane story that still need to be ironed out—Bruce’s job title being the first.

“I thought that by now I’d have had a BT title, but find me the person to give me one,” Schneier said, speaking to Infosecurity at the RSA Conference on 23 October. “You see I’m not going to lose my CTO Counterpane title—it’s a good title. But I think they’d [BT] be smart to make me something in BT. But it has to be a title equally good or I’m not going to give this one up. She [talking about BT’s PR representative who accompanied Bruce at the interview] says you just do it, but I don’t know what that means. There has to be someone who says yes and no-one knows who that someone is.”…

Audio: Interview with Bruce Schneier

  • EDUCAUSE 2007
  • November 1, 2007

In a 14 minute interview, BT Counterpane’s Bruce Schneier shares some insightful words about privacy along with interesting commentary about ethics, cybersecurity and blogging.

Listen to the audio on

Everything about IT Security Will Change

  • Asian Security Review
  • November/December 2007

Bruce Schneier, leading cryptologist described as a “security guru” and a “leading counterterrorism contrarian” by the media, shares his thoughts about the future of information security.

“Crime, Crime, Crime!” Bruce Schneier is adamant when asked to talk about the worst security threats. It’s not coming from fanatics, but from people out to steal for money, he insists.

“It doesn’t matter what form it takes,” he says. “It’s wrong that we defend ourselves against the tactics, because then these guys change tactics.”

He describes a worst scenario where “the crime is so bad that people stop doing commerce on the net.” Information security is there to prevent this from happening…

Schneier: Beware Security Products

A leading security expert has warned businesses to beware of buying shoddy security products.

  • Tom Espiner
  • ZDNet News
  • October 24, 2007

Bruce Schneier, founder and chief technical officer of BT Counterpane, issued the warning at the RSA Conference Europe 2007 in London on Tuesday. He told delegates that they should not necessarily trust security vendors to give a fair representation of the security of those products.

“There might be a political bent to security decisions, or there might be a marketing bent,” said Schneier, citing as an example people selling smart cards who “do a lot to convince us that smart cards are the answer to security problems. For every company that’s secure, there’s at least one ‘me too.’”…

Everything We Know About Security Is Wrong

So says counterterrorism contrarian Bruce Schneier. And the Transportation Security Administration is listening.

  • Jonathan Kaminsky
  • City Pages
  • August 22, 2007

In late July, Transportation Security Administration chief Kip Hawley announced a change in his agency’s air travel screening policy: Effective August 4, cigarette lighters would no longer be banned from airplanes.

Explaining the measure in an interview with the New York Times, Hawley acknowledged that confiscating lighters at security checkpoints—the TSA’s policy for the last two years in the wake of a failed shoe-bombing attempt—had been a waste of resources. Terrorists, he noted, might just as well ignite bombs on airplanes using small batteries (or, as he didn’t note, matches)…

Video: Q&A with Bruce Schneier

  • DEF CON 15
  • August 3, 2007

Bruce Schneier answered questions from the audience at DEF CON 15.

Watch the Video or Listen to the Audio on

Interview with Kip Hawley

  • Bruce Schneier
  • Schneier on Security
  • July 30, 2007

In April, Kip Hawley, the head of the Transportation Security Administration (TSA), invited me to Washington for a meeting. Despite some serious trepidation, I accepted. And it was a good meeting. Most of it was off the record, but he asked me how the TSA could overcome its negative image. I told him to be more transparent, and stop ducking the hard questions. He said that he wanted to do that. He did enjoy writing a guest blog post for Aviation Daily, but having a blog himself didn’t work within the bureaucracy. What else could he do?

This interview, conducted in May and June via e-mail, was one of my suggestions…

Killer Ideas

  • Denis Seguin
  • Slate
  • June 27, 2007

O’Hare, Chicago, the day before Thanksgiving. The nation’s busiest airport is straining against the nation’s busiest holiday. Among the crowd grumbling through the lengthy security line is a lone traveler with an attaché case. He removes a laptop computer from the case and places it on the tray provided. The tray moves along the conveyor belt. Inside the case’s frame, a small ampul of dimethylmercury cracks and seeps into the X-ray machine. The traveler removes his shoes, passes through the metal detector, retrieves the laptop and the attaché. He’s careful not to let the case touch his clothes. He abandons his stuff in the nearest men’s room and then leaves the airport…

Getting To Blocked Websites Not As Hard As You Think

  • Radio Free Europe/Radio Liberty
  • June 27, 2007

A screen shot of a blocked website in Iran (RFE/RL)

June 27, 2007 (RFE/RL)—A recent reportby Freedom House has detailed a “new form of censorship” that has taken hold in CIS states. A particular target of governments’ efforts to control what their citizens read is the Internet—and blocking websites has become common practice in some countries. RFE/RL correspondent Heather Maher asked Bruce Schneier, chief technical officer of computer-security company BT Counterpane, about how such blocking works and what can be done to counter it.

RFE/RL: How exactly does someone—a government official—block a website?…

Trading Off Crime with Terrorism

  • Chris Gibbons
  • World at Six
  • May 16, 2007

Security is a trade, says BT’s Chief Technical Officer Bruce Schneier: and currently we’re trading off the risk of crime on the internet today with the big, scary ‘cyber terrorism’, which is largely a media creation. Here’s more.

Chris Gibbons: Well coming up at the end of the month, 22 to 25 May, in fact is the IT Web Security Summit. Now in recent years, security has dominated the corporate agenda. And while there has been significant effort expended in protecting organisational resources, security incidences have been on the rise, the risk of exposures, the confidential customer, corporate and personal information is at an all time high…

Is Security a Solvable Problem?

Or is security the computer equivalent of the War on Terror? Bruce Schneier gives us the story.

  • IT Security
  • May 16, 2007

Bruce Schneier is as close as you can get to being a rock star in the security industry. A cryptographer, computer security specialist and bestselling author of numerous books, he’s written countless articles and columns on security issues. He blogs about them at “Schneier on Security”, and publishes the monthly Crypto-Gram Newsletter that has a global readership of around 130,000.

He also finds time to be active in the industry as chief technology officer of BT Counterpane, a managed security services and consulting company he started in 1999 – plus he’s one of our …

Bedre på sikkerhet, verre for brukerne

Slik vurderer Bruce Schneier, kjent ekspert innen IT-sikkerhet, Microsofts utvikling de siste årene.

  • Harald Brombach
  • May 6, 2007

Bruce Schneier er blant verdens mest kjente eksperter på IT-sikkerhet. Han er utdannet innen kryptografi og er gründer og teknisk sjef i et selskap som i fjor høst ble kjøpt av British Telecom (BT). Selskapet heter nå BT Counterpane.

Schneier var i forrige uke i Norge og fikk en prat med ham. Det var flere temaer som var naturlige å ta opp med Schneier, blant annet sikkerheten i Windows Vista.

Overraskende nok har ikke Schneier, som riktignok er kjent for å være skeptisk til Microsoft, prøvd Windows Vista noe særlig. Han hadde likevel både litt ris og ros å komme med…

Regn med at kundene er idioter

Sikkerhetsguru Bruce Schneier forteller det nettbankene ikke tør si.

  • Jonas Blich Bakken
  • Dagens IT
  • May 6, 2007

—Gi opp sikkerhet hvis svindel er billigere!

Bruce Schneier er det nærmeste man kommer en rockestjerne innen it-sikkerhet. Teknologisjefen i BT Counterpane er mest kjent som frittalende blogger, og nyter usedvanlig stor respekt for sin innsikt i sikkerhet.

Spissformuleringene sitter tett når han snakker, og nylig var han i Oslo på Ciscos sikkerhetskonferanse for å snakke om det eneste middelet han tror på for å få orden på it-sikkerheten – ren egeninteresse. møtte ham før konferansen, for å snakke om nettbanksvindel…

Interview: Bruce Schneier

BT Counterpane's founder and chief technology officer talks to SA Mathieson at Infosecurity Europe

  • Infosecurity
  • May/June 2007

Bruce Schneier packed out the show’s keynote theatre when he spoke about ‘The Psychology of Security’, based on a draft essay he published in February. He outlined a range of research suggesting that our perceptions of a given risk are heightened if it is – among other things – spectacular, discussed widely, outside our normal experience or willingly taken rather than beyond our control. Such biases are ideal for hunter-gatherers living in small family groups in Kenya in 100 000BC, he argues, but not for modern life.

So how does this apply to infosecurity risks? “The obvious place is the people who are afraid of cyber-terrorism, while minimising cyber-crime,” he says. “Cyber-terrorism gets the news, it’s the hot topic, it’s the scary topic and people are afraid of it. Cyber-crime doesn’t get as much news, and I think people very much underplay that threat. You see it also when people overplay the threat of peer-to-peer, or they get all scared of people bringing their iPods in and maybe putting data on it. They forget that data could walk out on paper. So there is a lot of people reacting to the news, instead of to the reality of security. Now, it’s hard to blame them. This is what’s reported, this is what people worry about, but I think there’s a big difference in how people perceive internet security and what’s really going on…

Schneier Questions Need for Security Industry

  • Will Sturgeon
  • CNET
  • April 30, 2007

Outspoken author and security guru Bruce Schneier has questioned the very existence of the security industry, suggesting it merely indicates the willingness of other technology companies to ship insecure software and hardware.

Speaking at Infosecurity Europe 2007, a leading trade show for the security industry, Schneier said, “the fact this show even exists is a problem. You should not have to come to this show ever.”

“We shouldn’t have to come and find a company to secure our e-mail. E-mail should already be secure. We shouldn’t have to buy from somebody to secure our network or servers. Our networks and servers should already be secure.”…

Homeland Security Follies

  • RU Sirius
  • 10 Zen Monkeys
  • April 10, 2007

According to the sleeve of his latest book, Beyond Fear: Thinking Sensibly About Security “in an Uncertain World, Bruce Schneier is the go-to security expert for business leaders and policy makers.” If only the policy makers would listen, we’d be safer, happier and still free.

Other books include Applied Cryptography, described by Wired as “the book the NSA wanted never to be published.”

Beyond Fear deals with security issues ranging from personal safety to national security and terrorism. Schneier is also a frequent contributor to Wired magazine, …

Yochai Benkler, Cory Doctorow, and Bruce Schneier Win EFF Pioneer Awards

  • Electronic Frontier Foundation
  • March 27, 2007

San Francisco – The Electronic Frontier Foundation (EFF) is pleased to announce the winners of its 2007 Pioneer Awards: Professor Yochai Benkler of Yale Law School, writer and Boing Boing co-editor Cory Doctorow, and security technologist Bruce Schneier. Mark Cuban—HDNet Chairman and NBA Dallas Mavericks owner—and EFF’s Fred von Lohmann will debate copyright, YouTube and the future of Web 2.0 at the award ceremony.

The 16th annual Pioneer Awards will be held at 7:30pm, March 27th at the Manchester Grand Hyatt in San Diego in conjunction with the O’Reilly Emerging Technology Conference…

Expert Warns of On-line Identity Theft

  • Ron Kaplan
  • New Jersey Jewish News
  • March 22, 2007

Since the World Trade Center and Pentagon attacks in 2001, Americans have had to endure tighter screening at airports, a color-coded national alert system, irradiated mail, the Patriot Act, and the Department of Homeland Security.

But according to security expert Bruce Schneier, all these measures, meant to protect the population at large, overlook dangers at a more personal, if less lethal, level.

Average people should be less worried about being attacked by terrorists, said Schneier, and more concerned about protecting their identities on-line…

Code Cracker Hot

  • Sobha Menon
  • The Economic Times
  • March 18, 2007

By now, Bruce Schneier is reconciled to the fact that most people will always be interested in him first and foremost because he’s been mentioned in Dan Brown’s The Da Vinci Code. Sceptical, aren’t you, about the ‘reconciled’ bit? Schneier’s own achievements are no less striking actually. Or else, why would he be in the best-seller for that matter.

Founder and chief technology officer of BT Counterpane, which was acquired by BT in 2005, Schneier is a security technologist and cryptographer. BT Counterpane provides managed security services to medium and big enterprises. With data security being one of the chief concerns in the world today and some of the biggest crimes shifting gradually from the real to the virtual world, Schneier is in one of the most hot and happening areas of information technology—and he’s considered a security guru…

Global Cyber Cop Hits Town, Says Hacking Is Passe

  • Narayanan Madhavan
  • Hindustan Times
  • March 12, 2007

Bearded, wiry, with his eyes sparkling as he unfurls accurate sound bites, Bruce Schneier hardly looks like the master geek that he is. But his claim to fame is precisely that: Schneier has breathed passion, detail and a touch of evangelism to the business of computer network security, a dull topic even for those who need it badly.

The global cyber cop is the chief technical officer of BT Counterpane, the British telecom company’s subsidiary that adds security layers and network patrolling to its business of building and managing computer networks. Schneier, who landed in Delhi to promote cyber security services targeting IT companies and call centers, believes hacking by cocky young men seeking short-term fame has given way to more methodical and dangerous cyber crime gangs that need checking…

High Five: Meet Bruce Schneier, CTO Of BT Counterpane

  • Kelly Jackson Higgins
  • InformationWeek
  • February 10, 2007

Security guru—and part-time restaurant critic—Bruce Schneier is best known as the developer of the Blowfish and Twofish encryption algorithms and author of books that examine security and society. He’s also a renowned speaker, blogger, and columnist.

    Schneier writes restaurant reviews as an escape, but he sees ties to his security work: “Food is more about how a culture uses what it has to make an interesting meal. That’s the same thinking as security. I look at it from a systemic point of view—what is going on here in the bigger picture that creates this traditional dish.”…

RSA '07: Bruce Schneier Casts Light on Psychology of Security

Security decisions often are much less rational than one would prefer, Schneier says

  • Ellen Messmer
  • Network World
  • February 7, 2007

SAN FRANCISCO—One of the security industry’s most outspoken experts, Bruce Schneier, spoke at RSA Conference on the topic of how security decisions and perceptions are often driven by irrational and subconscious motives in human beings.

The CTO at BT Counterpane, who is known for his talent in cryptography as well as his critical observations about technology use, yesterday turned his attention to a different matter: an analysis of human behavior in the face of risk-management decisions.

In Schneier’s view, security managers need to be aware that they themselves, their business managers and their corporate user groups are likely to make critical security decisions based on barely acknowledged impressions of fear and irrational response, rather than a careful study of facts…

Why Don't Companies Buy More Secure Software?

  • Don Marti
  • LinuxWorld
  • February 2, 2007

Balancing security and functionality is nothing new. But is there a way to fairly allocate the security costs to the users who benefit from the functionality? We ask the LinuxWorld OpenSolutions Summit keynote speaker Bruce Schneier.

LinuxWorld: Welcome to the Linux World Podcast. Hi, I’m Don Marti, and I’m here with Bruce Schneier from Counterpane Internet Security. Welcome, Bruce.

Bruce Schneier: Thanks for having me.

LinuxWorld: Why don’t companies buy more secure software, or at least why don’t they buy less insecure software?

Schneier: You know those of us in the security industry have been wringing our hands over that question for years, for decades. Why don’t they do it? There are a couple of reasons. The first is—it’s sometimes hard to tell what a secure product is. I can hold up two products; they use the same buzzwords. They have the same protocol standards. What is secure, and what isn’t? And you don’t know. And these might be security products. These might be networking products or office products. It’s very hard to tell what a secure product is and what an insecure product is. That’s reason one…

Schneier: In Touch With Security's Sensitive Side

  • Kelly Jackson Higgins
  • Dark Reading
  • February 1, 2007

This article was linked from Slashdot.

Cryptologist and now, psychologist: Renowned security expert Bruce Schneier once again is turning security on its head—literally. Schneier will share his latest research and insight at the RSA conference next week on the interplay between psychology and security. (See Schneier On Schneier.)

Schneier says the goal of his talk at RSA is not to discuss security technologies or tactics, but to explain how people think, and feel, about security. “A lot of the time at RSA, we are just puzzled why people don’t secure their computers, and why they behave irrationally. Psychology has a way of explaining this,” he says. “If we in the [security] industry expect to build products, we need to understand our customers.”…

Schneier on Schneier

  • Kelly Jackson Higgins
  • Dark Reading
  • January 9, 2007

He’s eaten guinea pig in Peru, whale in Japan, and tried insects in Australia. But security guru—and part-time restaurant critic—Bruce Schneier mostly steers clear of chain restaurants, which he finds oppressively uniform.

When he’s not sampling exotic cuisine, Schneier is best known as the developer of the Blowfish and Twofish encryption algorithms and as the bestselling author of Applied Cryptography, which has been called the bible for hackers. He’s written other books that examine security and society, and he is a renowned security speaker, blogger, and columnist, as well as a popular media talking head who offers unique views on everything from encryption to post-9/11 security overkill…

And You Thought Snow Globes Were Harmless Decorations

  • Joe Sharkey
  • New York Times
  • January 2, 2007

To paraphrase a classic line from Lily Tomlin, I worry that the person who thought up the rules for carrying liquids and gels on airplanes last year is busy thinking up something new this year.

The thought arises partly because of a scene just after Christmas at an airport security checkpoint, where a half-dozen festive snow globes—like the ones with Frosty the Snowman in a liquid-filled glass globe that simulates snowfall when you shake it—were lined up on a counter.

Wasn’t that nice! The Transportation Security Administration had decorated the checkpoint! But as it turned out, Frosty and his co-conspirators had actually been busted—confiscated from passengers’ carry-on bags pursuant to the following notification by the security administration:…

Bloggers on Blogging: Bruce Schneier

  • Rebecca Blood
  • Rebecca's Pocket
  • January 2007

Bruce Schneier started his immensely popular blog Schneier on Security in October 2004. He is the CTO of BT Counterpane and the author of eight books, including the bestselling Beyond Fear: Thinking Sensibly About Security in an Uncertain World, Secrets and Lies: Digital Security in a Networked World, Applied Cryptography, and Practical Cryptography.

Bruce, 44, has a B.S. in Physics from the University of Rochester and an M.S. in Computer Science from American University. He created the the influential Blowfish and Twofish encryption algorithms, has testified before Congress, and has served on several government technical committees. He serves on the Board of Directors of the …

Sidebar photo of Bruce Schneier by Joe MacInnis.