News: 2010 Archives

Bruce Schneier: We Need "Cyberwar Hotlines" to Match Nuclear Hotlines

  • Anh Nguyen
  • Computerworld
  • December 3, 2010

Security expert Bruce Schneier has called for governments to establish ‘hotlines’ between their cyber commands, much like the those between nuclear commands, to help them battle against cyber attacks.

Cyber security is high on the national agenda, and is regarded as a top threat to the UK’s security. It is also top a concern for other nations around the world. Last month, the EU announced plans to cybercrime centre by 2013, and it agreed with the US to set up a working group on cybersecurity. Meanwhile, NATO also adopted its Strategic Concept Charter, which outlines plans to develop new capabilities to combat cyber attacks on military networks…

Cryptography Engineering: Design Principles and Practical Applications (Review)

  • Ben Rothke
  • Security Management
  • December 1, 2010

Cryptography Engineering: Design Principles and Practical Applications. By Niels Ferguson et al; published by John Wiley & Sons, Inc.,; 384 pages; $55.

Good cryptography can ensure that your data is readable only to authorized parties. The danger of bad cryptography is a false sense of data security. The line between the two is exceptionally thin, and the difference between the two is spelled out in great detail in this text.

The first edition of coauthor Bruce Schneier’s Applied Cryptography came out in 1994. What was revolutionary then, and launched a new generation of security mavens, is now obsolete in many parts. …

Video: False Sense of Security?

  • Fox News
  • November 26, 2010

Are new enhanced TSA procedures a waste of resources?

Watch the Video on

Video: Fear of Flying

  • Countdown with Keith Olbermann
  • November 24, 2010

Bruce Schneier appeared on Countdown with Keith Olbermann to discuss full-body scanners and the TSA.

Fear of Flying

Security and Terrorism Expert Bruce Schneier: TSA Scans "Won't Catch Anybody"

  • Jeff Wise
  • Popular Mechanics
  • November 19, 2010

Since 9/11, cryptology expert and security consultant Bruce Schneier has been one of the most pointed critics of the government’s anti-terrorism security programs. In his 2003 book “Beyond Fear,” he coined the phrase “security theater” to refer to measures which are undertaken not because they will be effective at thwarting attacks, but because the agencies carrying them out need to appear to be doing something useful. We spoke to Schneier about the recent controversy involving the Transport Security Agency’s use of invasive scanners and full-body pat-downs…

Special Report: Bruce Schneier on the Future of IT Security

  • Gordon Smith
  • Silicon Republic
  • November 11, 2010

A security guru has debunked cyber war and cyber terrorism myths.

The threats of cyber war and cyber terrorism have been grossly exaggerated and are hindering a real understanding of risks on the internet, one of the world’s leading information security experts has said. Bruce Schneier, the author and security technologist who is also chief security technology officer with BT, was speaking in Dublin yesterday at an event held by the Irish Institute for European Affairs (IIEA).

Schneier referred to the denial of service attack in Latvia in 2007, which brought down several government services for a time, and said it was most likely the first such cyber war attack against a state. However, he pointed out that just one person was convicted—an ethnic Russian living in Latvia who was apparently angered by the authorities’ decision to remove some statues dating from the Communist era…

Bruce Schneier Writes Down Passwords. So Can You

  • Ben Rooney
  • Tech Europe
  • November 6, 2010

After the conference is over I get some time to talk to security guru Bruce Schneier.

His talk on security was not, what you might imagine, about HTTPS and secure sockets, but rather a much more philosophical talk on the psychology of security. The point Mr. Schneier was making was that there is a difference between actually being secure, and the feeling of secure.

You can be secure when you don’t feel as if you are. And conversely there are times when you think you are secure, but actually you are not—for example the most dangerous part of any holiday journey is the drive to the airport, not the flight in the plane…

Video: RSA Conference Europe: Hugh Thompson and Bruce Schneier

  • RSA Conference Europe
  • October 13, 2010

Two RSA Conference Europe 2010 Keynote speakers discuss Bruce Schneier’s session on Security, Privacy and the Generation Gap.

Watch the Video on YouTube

Book: Secrets & Lies (Review)

  • Anastasios Pingios
  • xorl %eax, %eax
  • September 13, 2010

Everyone knows Bruce Schneier (at least everyone reading my blog); to begin with, this is not a technical book about cryptography, it’s a book that wants to give almost the exact opposite message, that is that cryptography by itself cannot do much since security is comprised by numerous factors. This book was a present of a friend of mine and just for your information, this review/overview was written by reading it just once despite B. Schneier’s suggestion of reading it at least twice in order to understand the message “between the lines”. In any case, here it is……

Audio: Scott Horton Interviews Bruce Schneier

  • Antiwar Radio
  • June 26, 2010

Bruce Schneier discusses Joe Lieberman’s proposal for an internet “kill switch,” why shutting down the internet during a crisis would cause more harm than good, and how controversial websites like WikiLeaks use data redundancy spread out in different countries to prevent being shut down.

Listen to the Audio on

CSO Compass Award: Bruce Schneier

  • Bill Brandel
  • CSO Security and Risk
  • May 11, 2010

As an author of books on security, the influential Crypto-Gram newsletter and the blog Schneier on Security (, as well as a frequent guest on TV and radio, Bruce Schneier has become something of a celebrity in the world of security: He may be the only CSO whose likeness is used to sell T-shirts. Still, the most rewarding aspect of his career, as he conveyed in this interview conducted by e-mail, is that he believes he is having an impact on people’s thinking about security.

CSO: What are three fail-proof principles of security leadership?…

Security Expert: Data Is the Pollution of the Information Age

  • Victor Godinez
  • Lexington Herald-Leader
  • May 5, 2010

During a panel discussion at the recent Worldwide Cybersecurity Summit in Dallas that otherwise was as dry as a highway in the Sahara, security guru Bruce Schneier made a provocative argument.

He contended that just as pollution was the unfortunate byproduct of the Industrial Revolution, data is the waste product of the digital revolution.

And just like pollution, all the data we generate during our lives never degrades.

He noted that almost every transaction and interaction now generates data.

Whether it’s buying a product with a debit card when we used to pay with cash, or communicating via text message or e-mail when we used to just make a phone call, activities that previously left no trace now generate a significant digital trail…

What Faisal Shahzad could learn from "The Wire"

  • Thomas Rogers
  • May 4, 2010


In the wake of Shahzad’s arrest, the dangers of disposable phones are likely to be scrutinized once again—and there are sure to be renewed calls for their closer regulation. We called Bruce Schneier, security technologist, chief security technology officer at British Telecom, and author of “Beyond Fear: Thinking Sensibly About Security in an Uncertain World,” to find out how dangerous they really are.

How dangerous are these disposable cellphones from a national security perspective?

I think it’s a trivial danger. There are a lot of people who will say these anonymous cellphones are bad, that we’re all going to die. But stealing a cellphone is easy. It’s easy to get a cellphone in somebody else’s name. Cellphone hijacking is easy. I actually don’t believe that disposable cellphones are a problem—it’s a huge red herring…

Top 10 Science and Technology Writers

  • Shaun Nichols and Iain Thomson
  • Australian PC Authority
  • May 3, 2010


6. Bruce Schneier

Shaun Nichols: While he’s not so known in the larger industry, Bruce Schneier is one of the most respected and revered people in the computer security business. At conferences such as RSA he always seems to be booked for the main stage and we always try to book a few minutes for an interview.

This is because Schneier is not only a respected authority on the antivirus, network security and encryption fields, but he also has a knack for breaking things down in common language. In an industry that has nearly crafted its own language from a jumble of acronyms and buzz words, Schneier’s ability to clearly explain things is invaluable…

Video: Bruce Schneier on Cryptography and Government Information Security

  • Information Security
  • April 9, 2010

Author and leading security expert Bruce Schneier digs into the topics of the current state of cryptography and whether or not companies should care about the U.S. government’s release of portions of the CNCI.

Watch the Video or Read the Transcript on

Video: Bruce Schneier on Security for Cloud Computing

  • Information Security
  • April 9, 2010

In part one of this interview with Bruce Schneier, he discusses the impending shift in how security will be delivered. Schneier expects security to be embedded in Web-based services and sold directly to service providers, rather than to enterprises and end users. This is a radical transformation for the security industry that security professionals must prepare for. Schneier also discusses consumerization and how traditional security technologies and services must adjust as more untrusted devices connect to trusted networks.

Watch the Video or Read the Transcript on…

Audio: Virtually Speaking with Jay Ackroyd

  • Blog Talk Radio
  • March 25, 2010

Bruce Schneier and James Fallows of The Atlantic appeared on Virtually Speaking with Jay Ackroyd.

Listen to the Audio on

Review of the Book Beyond Fear

  • Erik Tews
  • IACR Book Reviews
  • March 11, 2010

1. Summary of the review

Bruce Schneier’s Beyond Fear is a book about security in general. In contrast to many other books, Schneier explains how security works in the most general case, starting from protecting your diary of your sister to protecting the nation from global terrorism. Schneier’s book does not focus on cryptography or network security, instead it uses examples of systems everyone is expected to be familiar with. Such examples include home burglar systems, airport security or hotel room security.

2. Summary of the book

Bruce Schneier’s …

RSA 2010: Q&A with Bruce Schneier

Schneier on security, SSL and squid

  • Iain Thomson
  • March 3, 2010 managed to get five minutes with security legend Bruce Schneier at RSA 2010 in San Francisco to get his views on the current threat landscape.

Yesterday we saw a presentation saying that anti-virus systems are failing 10-30 per cent of the time. What’s your take on that?
I don’t believe that, otherwise I’d be infected with lots of malware. If it is, I’m not paying attention. It’s true that signature-based anti-virus is reaching the end of its useful life, but I’m not seeing data that supports that position.

We’ve also seen Secure Sockets Layer (SSL) come under attack, and some experts are saying it is useless. Do you agree?…

Security Guru Bruce Schneier '88 Demystifies Technology

  • Mikhailina Karina
  • American University Alumni Spotlight
  • March 2010

“Security affects every aspect of people’s lives,” says world renowed security expert and critic Bruce Schneier, CAS/MS ’88. “It helps people make better personal, corporate, and national decisions.”

A regular columnist for the Wall Street Journal and the Guardian newspaper in the UK, Schneier calls himself “an explainer.” Through his best-selling books, Applied Cryptography, Secrets and Lies, and Beyond Fear, and countless mainstream and security media articles and speaking engagements, he explains difficult topic matter to regular folks. His reputation as a leading cryptographer even got him mentioned in Dan Brown’s mega-bestseller, …

Security Superstars 2010: Visionaries

  • Stefanie Hoffman
  • CRN
  • February 26, 2010


Schneier is the official rock star of the security industry with deep knowledge of crytopgraphy and privacy. He is the author of Applied Cryptography; Beyond Fear: Thinking Sensibly About Security in an Uncertain World; and Secrets and Lies: Digital Security in a Networked World. Schneier is also a frequent speaker at security events as well as the author of the BlowFish and TwoFish algorithms.

Bruce Schneier: Geek of the Week

  • Richard Morris
  • Simple-Talk
  • February 16, 2010

If one were to close one’s eyes and imagine a BT Executive, one would never conjure up Bruce Schneier. He is one of the greatest experts in cryptography, and a well-known mathematician. He even got a brief mention in the book The Da Vinci Code. He also remains an outspoken and articulate critic of the way that security is actually implemented in applications, as Richard Morris found out when we dispatched him to interview him.

Once a sleepy IT backwater, Identity Management has been thrust into the spotlight over the past few years. More and more companies, alarmed by the escalating incidence of identity theft, have come to understand the importance of protecting the integrity of digital information held about individuals and the grave risks they run if they neglect to do it…

Privatsphäre ist eine Voraussetzung der Freiheit, der Demokratie, des Kapitalismus

Der Experte für IT-Sicherheit über Lauschangriffe ohne Nutzwert, notwendiges Vertrauen und Daten als Umweltverschmutzung des Informationszeitalters

  • Jürgen Drommert
  • Lufthansa Magazine
  • February 2010

Lufthansa Exclusive: Mr. Schneier, Sie sind Spezialist für IT-Sicherheit und Kryptografie. Trotzdem als Erstes eine Frage, die eher ins Fach Psychologie fällt. Ich versende manche E-Mails verschlüsselt, das eingebaute Mikrofon meines Computers ist im Normalfall deaktiviert, auf meiner Festplatte befindet sich eine verschlüsselte Partition. Und wenn ich ein wirklich vertrauliches Gespräch unter vier Augen führen wollte, würde ich den Akku aus meinem Smartphone entfernen. Bin ich ein Fall für den Psychiater?

Bruce Schneier: Nur wenn Sie das besagte vertrauliche Gespräch mit ihm führen wollen. Sicherheit ist ein Kompromiss, und ich kann Ihre Sicherheitsmaßnahmen nicht beurteilen, wenn ich nicht mehr über Ihre Risiken weiß. Einiges von dem, was Sie da aufführen, ist extrem, aber es gibt Menschen, die extremen Risiken ausgesetzt sind – Menschenrechtler in totalitären Staaten zum Beispiel. Ich persönlich verschlüssele meine Festplatte, aber ich führe einige meiner wirklich vertraulichen Gespräche über mein Smartphone…

Be Our Guest: Bruce Schneier

  • P. Baum & F. Lefebvre
  • Technicolor Security Newsletter
  • Winter 2010

Could you please tell us how you got involved in security?

Cryptography has always been a hobby of mine. My first job after college was with the Department of Defense. Years later, I was laid off from AT&T Bell Labs; I started writing about cryptography for computer magazines, and then my first book: Applied Cryptography. I also started doing cryptography consulting, forming a company Counterpane. Since then, my career has been an endless series of generalizations: from mathematical security to computer and network security, to more general security technology, to the economics of security and now the psychology of security. My current research centers around the human side of security, especially the security of complex socio-technical systems…

Sidebar photo of Bruce Schneier by Joe MacInnis.