News: 2009 Archives
Bruce Schneier, my security guru, thinks that the President should confront the American people with the hard truth: Onerous new security regimes in our civilian aviation system won't protect us. What will protect us is our own resilience. I had an e-mail exchange with Bruce yesterday, and here is an edited transcript:
Jeffrey Goldberg: Do you think that we are moving toward the Israelification of American airport security?
Bruce Schneier: I don't think it's possible.
BT Group PLC Chief Security Technology Officer Bruce Schneier logs long hours trudging through airports to attend conferences and speaking engagements on a wide range of security issues. By his own count, he will take 170 flights this year.
Mr. Schneier relishes pointing out flaws in institutions' security plans--sometimes testing the boundaries himself--and has been a critic of post-9/11 security measures like those at airports. He recently spoke to The Wall Street Journal about "airport-land" rules, skipping to the head of the security line and getting your sandwich taken by the U.S.
Leading security expert Bruce Schneier was in London this week on a whirlwind lecture tour. ZDNet UK caught up with the ex-NSA man, who is now BT's chief security technology officer, at lectures in parliament and at University College London.
Schneier talked to ZDNet UK about his views on behavioural advertising, the efforts of various governments to tackle unlawful file-sharing, cyber-warfare and vendor lock-in.
Q: The UK government is currently trying to pass the Digital Economy Bill, which includes provisions to penalise unlawful file-sharing. Is this technically feasible?
A: The problem with a lot of these measures is that they only affect the average user.
Cybercrime is just like any other type of crime only with different tactics, Bruce Schneier tells Infosecurity.
"In information security there are very real threats, and the main threat is crime," Schneier said, although he also pointed out that many information security threats are due to 'accidents' rather than malice.
Another trend going forward, is the interaction between IT and physical systems such as ID cards, ATM machines, Oyester cards, etc. "When the physical hits the IT world.
Managing security effectively is critical when sharing data over the internet
Dubai: Online security, server crashes, disaster recovery, data theft, cyber crime... these are just some of the challenges faced by businesses worldwide.
How does one handle them? The solution lies with the information technology departments and their heads — usually chief technology officers.
In this podcast you'll hear a Q&A with Bruce Schneier of BT Counterpane, as moderated by Risky Business host Patrick Gray at the recent GovCERT Symposium in Rotterdam, Netherlands.
Topics covered include cloud computing, privacy, software manufacturer liability for defects, two factor authentication and more!
At 2009's Information Security Decisions conference, security expert Bruce Schneier sat down to answer some of readers' security questions, which range from the trustworthiness of outsourced security services to the usefulness of awareness training in securing new technologies.
World-renowned IT security expert Bruce Schneier gave a talk on the future of the industry, which remains quite new.
As well as being Chief Security Technology Officer at BT, Bruce Schneier is also the author of several books on the topics of security and cryptography with a particular, if not exclusive, focus on the IT industry, which has led The Economist to describe him as a "security guru". And when discussing security he is refreshingly candid and forthright, not dissimilar in tone to Freakonomics author Steven Levitt, while sharing with Levitt the ability to view his chosen field from an angle less ordinary.
"Security is hard to sell for two reasons, economic and psychological," he says. The industry is not necessarily logical: it is by nature complex, and as a consequence easy to get wrong.
In a security industry full of FUD and hype, cryptographer and consultant Bruce Schneier offers a no-nonsense reality check verging on social commentary.
He has worked on numerous ciphers, hash functions, and other cryptographic algorithms that are arcane to the average computer user but which have been instrumental in protecting the privacy of data. But his influence extends beyond the world of encryption.
Schneier wrote several bestselling books--including "Secrets and Lies: Digital Security in a Networked World," "Beyond Fear: Thinking Sensibly about Security in an Uncertain World," and his latest, "Schneier on Security"--that provide perspective on risks and threats in everything from e-mail to airport security.
Bruce Schneier answered audience questions at the DEFCON hacking conference.
Dennis Fisher talks with security expert Bruce Schneier about the usefulness of cryptography, the psychology of security and fear and the war on the unexpected after 9/11.
Security guru Bruce Schneier says that whatever cloud computing is, the security issues and conversations around it are nothing new. The key, he says, always comes down to trust and transparency.
Cloud computing is all the buzz. Amidst all the noise, a lot of the discussion has been about what cloud computing actually is. Some say it is anything you consume outside the firewall.
Security guru Bruce Schneier is best known as the developer of the Blowfish and Twofish encryption algorithms and author of books that examine security and society. He is the chief security technology officer of BT Group and a founder and the chief technical officer of BT Counterpane. Described by The Economist as a "security guru," Bruce has authored a series of books on security and related technologies. His first bestseller, Applied Cryptography explained how the arcane science of secret codes works, and was described by Wired as "the book the National Security Agency wanted never to be published." His latest book, Beyond Fear, tackles the problems of security from the small to the large: personal safety, crime, corporate security, national security.
BROOKLYN -- Americans living in the age of ultra-security have been subjected to a massive number of small accommodations in the name of the "War on Terror."
Although most people have become accustomed to not bringing bottles of water on airplanes, there exists some cynicism about the effectiveness of our new security measures and how they relate to our day-to-day lives.
However, it takes an experienced security analyst like Brooklyn's Bruce Schneier to understand the connections between the face of national security that we all can see, and the facts and technology behind it.
"So when does it end? The terrorists invented a particular tactic, and you're defending against it.
The IAPP is pleased that security guru, chief technologist and author Bruce Schneier will present a keynote address at the Privacy Summit, March 11-13 in Washington, DC. Here's a preview of what you'll hear when Schneier takes the stage.
IAPP: You have a cult-like following youon Facebook. One group is called Bruce Schneier for president (31 members); another calls itself Bruce Schneier is my hero (200 members).
Bruce Schneier joined Paul Harris to talk about whether we are in fact safer with current airport procedures than those before 9/11 and whether government and private industry are doing enough to harden security at possible terrorist targets like nuclear and chemical plants. They also talked about technology's role in global security (e.g. whether Google Earth deserved the criticism after investigators found that the terrorists who shot up Mumbai in November had used the imaging information to plan their attack), and about the restrictions on taking liquids onto commercial flights -- the 3.5-ounce rule -- and whether there is any proof that a terrorist could construct a bomb from two liquids they mixed in an airplane lavatory.
Security expert Bruce Schneier talks about privacy and property in the information state
As Washington, D.C., gears up for the inauguration, there's one thing that you're not seeing around town. Shoe-checking stations. While one attempted shoe bombing was enough to make all of us wander unshod through the airports of this great nation for years -- there will be security check points all over Capitol Hill -- shoe checking will not be part of the action.
Bruce Schneier, a security commentator and author who The Register calls, "The closest the security industry has to a rock star," took time to correspond via e-mail with Government Technology about the latest security threats to public-sector IT.
He publishes a popular blog and newsletter on Schneier.com. His most recent book, Schneier on Security, is a collection of previously published essays on security-related topics, such as identification cards, cyber-crime, election security and the psychology of security.
A few CIOs in government are touting "user-generated government" -- i.e., mash-up applications and open source built by citizens.
Bruce Schneier's evolution of interests is well documented, moving from encryption to broader and broader perspectives on security. (Hence his recent appearance on 60 Minutes, commenting on TSA's airport screening procedures.) To bring wider perspectives to bear on security issues, Schneier (Chief Security Technology Officer at BT) held in 2008 the first Workshop in Security and Human Behavior, with participants from a broad swath of disciplines including economics, psychology and more. Schneier spoke with CSOonline about his multidisciplinary view of the field and plans for 2009.
CSO: What was the biggest surprise or most enlightening development at the Workshop in Security and Human Behavior?
The most interesting aspect of the workshop was how different the ways in which people were thinking about the same sorts of issues.
Over the years, Mr. Schneier has been a tough critic of the security agency, though he credits Mr. Hawley for "doing the best job he could with the bad hand he was dealt." By that, he says he means that the agency operates under mandates from Congress and elsewhere that resulted in a vast, expensive bureaucracy.
The agency, he argues, is required to spend less effort than it should on sophisticated intelligence-gathering and more than it should on deeply flawed procedures, like depending on travel documents that can be easily counterfeited, or fishing in passengers' bags for contraband screwdrivers and prohibited items like jars of spaghetti sauce that exceed three ounces.
Incessant warnings about "inappropriate" comments are "police state-like," he said.
"It's watch what you say, watch what you say," he said.
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.