News: 2012 Archives

Schneier on Digital Feudalism, Cyberterrorism and Zombie SOPA

  • Adam Popescu
  • ReadWrite
  • December 24, 2012

Bruce Schneier is a bestselling author, TED speaker, and the founder and chief technology officer of BT Managed Security Solutions. ReadWrite got the chance to speak with the candid technologist about digital feudalism, widely considered one of the foremost voices in the world of security and privacy, government regulations and the reality of cyber warfare. 

Online Lord & Vassal

ReadWrite: I read your blog post the other day about Facebook having a “feudal lord” relationship with its users. Tell me what feudal security is.

Bruce Schneier:…

Complexity the Worst Enemy of Security

  • Chee-Sing Chan
  • Computerworld Hong Kong
  • December 17, 2012

Computerworld Hong Kong (CWHK): Are we actually any more secure today than we were five years ago?

Bruce Schneier (BS): In short, no. It’s interesting that every year we have new technologies, new products, new ideas, companies and research, yet people continue to ask why things are so bad with security? And the answer is that fundamentally the problem is complexity.

The Internet and all the systems we build today are getting more complex at a rate that is faster than we are capable of matching. So while security in reality is actually improving but the target is constantly shifting and as complexity grows, we are losing ground…

Reacting May Be Best IT Security Solution

  • Networks Asia Staff
  • Networks Asia
  • November 20, 2012

Trying to predict the next security problem is the wrong way to go about things said Bruce Schneier, chief security technology officer at BT who was speaking at an event in Singapore.

“The more we try to predict, the more the bad guys react around us,” Schneier said. Contrary to popular IT security ideology, what was more important was the ability to react as well as mitigate and recover.

This attempt to predict where the next attack will come from is creating a gap between security and attackers where cyber criminals will be constantly evolving to develop and exploit new attack vectors with IT departments constantly playing catchup…

Anticipating Threats Ineffective in Enhancing Security

  • Ellyne Phneah
  • ZDNet
  • November 19, 2012

SINGAPORE–Companies looking to predict cyberthreats to fend off attacks will not improve their IT systems’ security robustness as the criminals responsible will evolve and develop their technologies accordingly.

Speaking at a seminar here Monday, Bruce Schneier, chief security technology officer at BT, said technology has affected the balance of society and social mechanisms such as law and punishment, which help keep people in check so they will not commit crimes, online or otherwise.

For instance, the Internet has given rise to anonymity and made it easier for cybercriminals to perpetrate their attacks without getting caught, Schneier observed…

One Man's Crusade to End the Hysteria over Cyberwar

  • Christopher Mims
  • Quartz
  • November 14, 2012

Bruce Schneier, a legend among hackers and security experts, is having trouble convincing the world that the threat of cyberwar is overstated. In 2010, the year after the US launched a Cyber Command division of its military, he lost a public debate on the subject. And in October, US Secretary of Defense Leon Panetta said that the US should gird itself for a cyber Pearl Harbor . Yet Schneier is undeterred. Through countless essays, speeches and debates, he has tirelessly argued that what we should really be paying attention to is how we establish trust online…

Now We Must 'Pledge Allegiance' To Apple Or Google To Stay Safe

  • Julie Bort
  • Business Insider
  • November 7, 2012

As we all buy smartphones and use the cloud, we are doing something that’s never been done before: trusting a few big IT companies with our lives.  That’s not necessarily in our best interest, but we have no choice.

So says world-famous security expert Bruce Schneier.

Schneier’s latest book, “Liars and Outliers,” looks at the psychology needed to keep humans safe.

Business Insider talked with Schneier and heard his thoughts. He told us:

  • Smartphones change everything.  A few big companies, like Apple and Google, have gained an alarming amount of control because they own the the device and store the data. “I call it ‘feudal security,’ where you pledge your allegiance to a company and in return they keep you safe.”…

Obligatorisk Læsning

  • Af Poul-Henning Kamp
  • Ingeniøren
  • October 15, 2012

Jeg har lige lagt Bruce Schneiers “Liars and Outliers” fra mig og det bliver ikke nemt at gøre den retfærdighed i en boganmeldelse.

De fleste af jer har aldrig hørt om Bruce Schneier før, men blandt IT folk er han et idol, hvis bøger om kryptografi er obligatoriske klassikere i branchen.

Denne gang har han skrevet en bog om sikkerhed der ikke handler om computere og faktisk kun halvvejs handler om sikkerhed.

Bogen er i bund og grund en analyse af hvordan mennesker omgås hinanden, hverken mere eller mindre, men det er ikke nogen særlig hjælpsom opsummering, for det dækker alt fra affaldshåndtering over skattelovgivning til computersikkerhed…

To Endow Trust

  • Benedikt Herrmann
  • Science
  • October 12, 2012

Liars and Outliers Enabling the Trust That Society Needs to Thrive by Bruce Schneier Wiley, Indianapolis, IN, 2012. 382 pp. $24.95, C$27.95. ISBN 9781118143308.

When the extent of the financial crisis came to light in 2008, former chair of the U.S. Federal Reserve Alan Greenspan had to admit to Congress that he had “made a mistake in presuming that the self interest of organizations … was such that they were best capable of protecting their own shareholders and the equity in the firms”—a mistake that turned out to be very costly, and not only to the American economy. It might be unfair to blame Greenspan for his misperception of the self-interest of organizations. Until very recently, there was no way for someone to objectively and impartially measure the nature of human social behavior. From Aristotle to George W. Bush, decisions have been made based on personal beliefs about how selfishly or cooperatively other people will act…

RSA Conference: Governments Trying to "Seize Control" of the Internet

  • Asavin Wattanajantra
  • SC Magazine
  • October 11, 2012

A famed computer security expert believes governments are trying to seize control of the internet, but will fail in the long term to reach that goal.

Bruce Schneier, BT’s chief technology officer and author of several important books on security, said that governments that didn’t understand the internet were trying to take control of it. He looked at US proposals of creating an ‘internet kill-switch’, claiming that policy makers were crazy to even think of a single mechanism to shut-off all internet traffic.

He said: “You see these types of government proposals, and they come from law enforcement, lobbyists or the military, and we’re going to see more of those. Short-term we’re going to see a bunch of years where governments are going to seize more control over this dangerous ‘anarchistic net’ and rein it back in.”…

Stick Punters' Mugs on E-banking Pages, That'll End Fraud – Schneier

Crypto guru urges creative thinking from security pros

  • John Leyden
  • The Register
  • October 11, 2012

Cryptography guru Bruce Schneier called for more creative thinking and a broader perspective as a means to tackle security problems.

For example, the music industry, faced with an explosion in online file-sharing, hired security pros to develop anti-piracy measures, such as digital rights management technology. But these inconvenienced punters while doing little or nothing to stem copyright infringement. A better approach was making songs affordable and easy to buy, a model that has since lined Apple’s deep pockets.

“This [the latter approach] is not something a security person would think up,” Schneier said at the RSA Europe conference. “Security professionals would be too focused on building a better door lock.”…

Schneier Calls for Societal Pressure to Fight Cyber Crime

Security guru Bruce Schneier calls for societal pressure to convince would-be hackers that their actions are not in their own interests

  • Information Age
  • October 10, 2012

Cyber crime will not be resolved with technology alone, security guru Bruce Schneier warned at the RSA conference in London today. Societal pressure is also need to discourage people from becoming cyber criminals, he argued.

Security experts will always be catching up with criminals when it comes to technological exploits, argued Schneier, who is BT’s chief security technology officer. “Attackers have a natural advantage because they can make use of innovations faster and have no procurement pressure or institutional inertia,” he said.

Society therefore has a role to play in discouraging individuals from becoming ‘defectors’, Schneier argued. There are four potenital mechanisms for this, he explained…

RSA London 2012: Governments Will Fail in Bid to Control Internet, claims Bruce Schneier

  • Alastair Stevenson
  • V3.co.uk
  • October 10, 2012

The world’s governments are destined to fail in their attempts to control the internet, according to BT security expert Bruce Schneier.

Schneier claimed that the internet is currently going through a dark period, with legislators creating ill-conceived cyber policies that are damaging rather than helping online developments.

“Governments are starting to use it [the internet] for power,” said Schneier at a press conference in London.

“We’re hitting a period in internet history where governments are seizing more control; one where governments that don’t understand the internet are trying to interfere with it.”…

Video: Keynote Guests discuss Technology Evolution Preparedness & Risk Management

  • HP Protect 2012
  • September 10, 2012

Paul Muller (@xthestreams), Chief Evangelist, HP Software speaks with two of the HP Protect 2012 keynote speakers about security and risk management.

Paul speaks with Bruce Schneier, Security Technologist – Author of Liars and Outliers – How societies can use security to enable the trust the need to survive. Paul and Bruce discuss:
– How can security technologists get in front of the security risks resulting from new technologies and general evolutions?
– The importance of swift reaction to inevitable breaches and exploitation tactics.
– Thinking about security in the terms of decision cycles to best anticipate and mitigate risk…

Layers of Security

  • Privacy PC
  • September 5, 2012

Bruce Schneier, the well-known American cryptographer and security specialist, gives an interview to Radio New Zealand’s Bryan Crump during his visit to the country, discussing real-world security issues and whether anti-terror measures done by the authorities worldwide are as effective as expected.

(Bryan Crump): — Bruce Schneier is a security specialist who seems to be trying to talk himself out of a job. His point is a lot of what we do to protect ourselves against terrorism is pointless. The best weapons against terror are, in his opinion, good intelligence and refusing to be terrorized. Bruce is based in the United States of America, was in New Zealand for a conference on identity and identity theft. Recently I spoke to him while he was here and began by asking what attracted him to this seemingly dry topic of airport X-rays baggage checks and the like…

Trust: Ill-Advised in a Digital Age

  • Somini Sengupta
  • The New York Times
  • August 11, 2012

Las Vegas

Bruce Schneier ordered a Coke, no ice, at the Rio casino on a Saturday afternoon. I ordered Diet Coke, also no ice, and handed the bartender an American Express card. He said he needed to see proof of identity. Credit cards are often stolen around here, and eight casino workers had recently been fired for not demanding ID, he quietly explained. The bartender wanted to keep his job.

Mr. Schneier, 49, is a student of interactions like this, offline and on. He is a cryptographer, blogger and iconoclast in the world of computer security, and his latest subject of inquiry is trust: how it is cultivated, destroyed and tweaked in the digital age…

Security Tips from Bruce Schneier

  • Sean Michael Kerner
  • eSecurity Planet
  • August 8, 2012

Bruce Schneier knows a thing or two about security. The author of multiple books on cryptography, Schneier is widely considered to be an expert on the subject of encryption as well as the broader topic of information security. So we jumped at the opportunity to sit down with him for an in-depth interview at the Black Hat 2012 conference in late July. Here are some of the highlights of what he had to say.

The State of Encryption: “Not that great, and getting worse”

Asked to share his view of the state of encryption in this new age of cloud computing, Schneier says: “It’s not that great, and it’s getting worse.”…

Video: Bruce Schneier on the State of Encryption Today

  • InternetNewsBlog
  • August 7, 2012

Bruce Schneier talks to Sean Michael Kerner about what’s wrong with encryption today and provides insight into what the best browser and operating system to use might be.

Watch the Video on YouTube

Video: Bruce Schneier Talks about the Morality of Security

  • InternetNews
  • August 2, 2012

Bruce Schneier gives us his views on why morality might well be the key ingredient for better Internet security.

Watch the Video on YouTube

Can Morality Improve Security?

  • Sean Michael Kerner
  • eSecurity Planet
  • August 2, 2012

This year, more than $22 billion in enterprise security products and services is expected to be sold worldwide. But according to Bruce Schneier, well-known cryptology expert and security luminary, technology alone isn’t the answer to better security.

In an in-depth interview with eSecurity Planet at the Black Hat 2012 conference in Las Vegas last week, Schneier argued that looking at security solely from a technology perspective is to take a too narrow view of the problem.

“If you look at broader society, there is a lot of security that happens at a much more personal level,” Schneier said…

Video: Bruce Schneier Answers Your Questions

  • DEF CON
  • July 28, 2012

Bruce Schneier takes audience questions at the DEF CON 20 hacker convention in Las Vegas.

Watch the Video or Listen to the Audio on DEFCON.org

Geeky Books to Get You through the Summer

  • Keith Shaw
  • InfoWorld
  • June 23, 2012

Excerpt

Liars & Outliers: Enabling the Trust that Society Needs to Thrive,” by Bruce Schneier

Internationally renowned security expert Bruce Schneier delves into the world of trust, bringing together “ideas from across the social and biological sciences to explain how society induces trust … how trust works and fails in social settings, communities, organizations, countries and the world.”

Stuxnet Cyberattack by US a "Destabilizing and Dangerous" Course of Action, Security Expert Bruce Schneier Says

  • Ellen Messmer
  • Network World
  • June 18, 2012

Revelations by The New York Times that President Barack Obama in his role as commander in chief ordered the Stuxnet cyberattack against Iran’s uranium-enrichment facility two years ago in cahoots with Israel is generating controversy, with Washington in an uproar over national-security leaks. But the important question is whether this covert action of sabotage against Iran, the first known major cyberattack authorized by a U.S. president, is the right course for the country to take. Are secret cyberattacks helping the U.S. solve geopolitical problems or actually making things worse?…

Bruce Schneier Lyfter Blicken I Ny Bok

Tomas Gilså har läst ”Liars & Outliers” – en utmärkt grundkurs i mänskligt beteende utifrån ett säkerhetsperspektiv.

  • Tomas Gilså
  • IDG.se
  • June 4, 2012

Bruce Schneier, it-säkerhetsbranschens husgud, har lyft blicken än en gång. Efter att ha börjat med ”Applied Cryp­tography” 1994 och fortsatt med böcker om allmän it-säkerhet, informationssäkerhet och praktisk säkerhet är han idag framme vid sin trettonde bok, ”Liars & Outliers”. Med den tar han steget upp på samhällsnivå.

”Liars & Outliers” förklarar säkerhet som en funktion av tillit, dess fördelar och tilkortakommanden. Förklaringarna bygger på såväl beteendevetenskap och sociologi som historia och juridik…

Audio: Liars and Outliers

  • Skeptically Speaking
  • June 3, 2012

This week, we’re talking about trust and cooperation, and the implications these social values have for security in the era of global networking. We’re joined by security technologist and author Bruce Schneier, to talk about his book Liars and Outliers: Enabling the Trust Society Needs to Survive. And anthropologist/ger Greg Laden returns to discuss speculation about cognitive limits on the use of social networks.

For more on the debate between Bruce Schneier and Sam Harris over the effectiveness of profiling in airport security, check out …

Audio: An Interview with Bruce Schneier

  • Cigital Silver Bullet
  • May 30, 2012

On the 74th episode of The Silver Bullet Security Podcast, Gary talks for a second time with Bruce Schneier. They revisit Bruce’s prediction in episode 9 that insight into economics and security would help vendors sell their products more efficiently. In addition, they discuss Bruce’s new book Liars and Outliers: Enabling the Trust that Society Needs to Thrive, how far behind the government is in terms of security, cloud computing, and Uncle Milton’s ant farm.

Listen to the Audio on Cigital.com

Audio: Layers of Security

  • Radio New Zealand
  • May 21, 2012

How secure do you feel – on a personal level or even at a national level? Revealing the cracks in the systems is American cryptographer and security guru Bruce Schneier.

Listen to the Audio on RadioNZ.co.nz

Are Your Customers Friends or Criminals?

  • Margaret Heffernan
  • CBS MoneyWatch
  • April 30, 2012

One of the best books I’ve read this year is by a security technologist, Bruce Schneier. In Liars and Outliers, he sets out to investigate how trust works in society and in business, how it is betrayed and the degree to which technology changes all of that, for the better or the worse.

Schneier absolutely understands how profoundly trust oils the wheels of business and of daily life. “The more customers trust merchants, the more business gets done. The more drivers trust each other, the smoother the traffic.” Trust is what allows us to deal with strangers, to expand our horizons and our companies. It is like the air that we breathe: Invisible but essential. That is invisible may mean that we don’t consider how powerfully it could work for companies if it were considered an asset, capable of generating growth and loyalty…

The Tribal Mind: Moral Reasoning and Public Discourse

  • Arnold Kling
  • The American
  • April 26, 2012

Excerpt

[In The Righteous Mind, Jonathan] Haidt writes:

Moral systems are interlocking sets of values, virtues, norms, practices, identities, institutions, technologies, and evolved psychological mechanisms that work together to suppress or regulate self-interest and make cooperative societies possible.

It is interesting to compare this perspective with what one finds in Liars and Outliers, a recent book by Bruce Schneier on the social problem of trust and security. Schneier, a security consultant, views our lives from the perspective of game theory. Every day, we must decide whether to cooperate or to defect. Do I try to arrive at work on time, or do I show up late? Do I drive safely or aggressively? Do I support the goals of my department, or do I work for myself? Does my department support the goals of the larger organization, or does it pursue its own interests? Does the larger organization work to support the goals of the society to which it belongs, or does it pursue its own goals?…

Audio: Liars and Outliers

  • Wisconsin Public Radio
  • April 9, 2012

Society runs on trust. We have no choice but to trust that the random people, institutions, and systems we interact with will cooperate and be trustworthy. Join Ben Merens and his guest Bruce Schneier as they discuss how security can protect us from defectors; and what enables us to trust strangers at the local, national, and global scale.

Listen to the Audio on WPR.org

Audio: Dresser After Dark with Michael Dresser

  • Dresser After Dark
  • March 30, 2012

Bruce Schneier discussed issues of trust on Dresser After Dark with host Michael Dresser.

Listen to the Audio on BlogTalkRadio.com

Audio: Bruce Schneier on the Importance of Trust in Society

  • Surprisingly Free
  • March 27, 2012

Bruce Schneier, internationally renowned security expert and author, discusses his new book entitled, “Liars & Outliers: Enabling the Trust That Society Needs To Thrive.” Schneier starts the discussion by looking at society and trust and explains why he thinks the two are necessary for civilization. According to Schneier, two concepts contribute to a trustful society: first, humans are mostly moral; second, informal reputation systems incentivize trustworthy behavior. The discussion turns to technology and trust, and Schneier talks about how the information society yields greater consequences when trust is breached. He then describes how society deals with technology and trust and why he thinks the system is not perfect but working well overall…

Video: Interview: Liars and Outliers

  • RSA Conference 2012
  • March 5, 2012

Davi Ottenheimer, President of flyingpenguin, interviews Bruce Schneier on his latest book.

We don’t demand a background check on the plumber who shows up to fix the leaky sink. We don’t do a chemical analysis on food we eat. In the absence of personal relationships, we have no choice but to substitute confidence for trust, compliance for trustworthiness. This progression has enabled society to scale to unprecedented complexity, but has also permitted massive global failures. At the same time, too much cooperation is bad. Without some level of rule-breaking, innovation and social progress become impossible. Society stagnates. Bruce Schneier, world-renowned for his level-headed thinking on security and technology, tackles this complex subject head-on. Society can’t function without trust, and yet must function even when people are untrustworthy…

Video: Interview: The Meaning of Trust in Today's Digital World

  • RSA Conference 2012
  • March 2, 2012

Bruce Schneier discussed his book Liars and Outliers at the RSA Conference 2012.

Watch the Video on Youtube

Video: Bruce Schneier Tackles Sociology of Trust and Security

  • TechTarget
  • March 1, 2012

Bruce Schneier’s latest book, Liars and Outliers, is a departure from his previous landmark books on cryptography and information security. In Liars and Outliers, Schneier pulls back from technology and looks at trust and security and how those very human concepts have evolved in concert with  the development of cooperative societies to build the trust and security mechanisms we have today.

In this interview conducted at RSA Conference 2012, Schneier explains his interest in the sociology of security and trust and how today’s online interactions are changing the trust dynamic. He paints a not-so-bleak picture of why the Internet remains a trustworthy and viable platform for communication and ecommerce, and talks about whether social networking and technical feedback mechanisms comprise the new trust going forward…

RSA 2012: Are Software Liability Laws Needed?

  • Infosecurity
  • March 1, 2012

Software liability laws are needed to hold software companies accountable for making faulty products, argued Bruce Schneier, chief technology security officer with BT during a pro-con debate held Wednesday at the RSA Conference.

Schneier said that liability laws would transfer the economic cost for faulty software from the user to the developer and provide an incentive for the developer to fix the problem.

He compared the situation of the software market to the early days of the automobile industry when Congress passed laws that held auto manufacturers responsible for faulty vehicles that caused accidents. This prompted the auto industry to begin fixing the problems, such as stop using wooden wheels that would fall apart at high speeds…

RSA 2012: Three Greatest (And Suprising) Internet Security Dangers

  • Antone Gonsalves
  • CRN
  • February 29, 2012

Cybercriminals are not the greatest threat to Internet security. It’s the many forces trying to bend the world’s computer network to fit their interests.

That’s according to Bruce Schneier, a renowned security technologist and author of several books, including “Applied Cryptography.” Schneier told attendees Tuesday at the RSA Conference that the three greatest dangers are Big Data companies, poorly thought out government regulations, and the cyberwar arms race.

These threats foster instability through those lobbying for changes that further their self-interests, instead of what’s better universally, Schneier said. “The security community doesn’t have a lobby, common sense doesn’t have a lobby and technical excellence doesn’t have a lobby.”…

Government, Business, Military are Internet Security Threats

  • Iain Thompson
  • The Register
  • February 29, 2012

RSA 2012 Usually the bête noire of the annual RSA conference is the criminal hacking community, but security guru Bruce Schneier asserts that government, business, and the military may well pose a bigger threat to security professionals.

“The current risks to internet freedom, openness, and innovation don’t come from the bad guys — they are political and technical. I suppose I should call this talk ‘Layer eight and nine threats’,” he told his audience on Tuesday at RSA 2012.

Attempts at ill-conceived legislation are a major concern, he said. Outsiders trying to legislate something they have no understanding of (a “…

RSA 2012: Schneier on Why Anonymous Is Not a Group and Why They're Certainly Not As Good As You Think They Are

  • Infosecurity
  • February 29, 2012

At the RSA Conference 2012 in San Francisco, February 29, Bruce Schneier and Davi Ottenheimer discuss Schneier’s latest book and how to enable the trust that society needs to thrive.

Following on from Schneier’s talk yesterday on the three biggest risks to information security in 2012, this discussion focussed purely on the topic of Schneier’s latest book, Liars and Outliers.

Here are some of the session highlights:

  • Security depends on people. “I started in cryptography because I didn’t like people. I wanted to study numbers. Anyone in security needs to understand that people act in unpredictable ways.”…

RSA 2012: Schneier Reveals Three Biggest Information Security Risks in 2012

  • Infosecurity
  • February 29, 2012

In his session at the RSA Conference in San Francisco, February 28th 2012, Bruce Schneier listed what he perceives to be the three biggest risks to information security right now: The rise of big data; ill-conceived law enforcement regulations; and the cyberwar arms race.

The rise of big data

The rise of big data, Schneier declared, is inevitable due to the cost of saving data being so cheap. “It’s easy and cheaper to search than sort,” he said. “The collection of data is being aggravated – mainly so the companies doing it can make more money… Companies like Apple, Amazon and Google are all competing to be the company that monetises your data.”…

Audio: Bright Ideas with Bruce Schneier

  • MPR News
  • February 27, 2012

Stephen Smith spoke with security expert Bruce Schneier about the importance of security in maintaining a flourishing society.

Lisen to the Audio on MPRNews.org

Audio: Bruce Schneier on Liars and Outliers

  • Threatpost
  • February 27, 2012

Dennis Fisher talks with cryptographer and author Bruce Schneier about his new book, Liars and Outliers, the role of trust in society and security, the ways in which technology helps promote trust and how various groups and actors defect the norm and take advantage of that trust.

Listen to the Audio on Threatpost.com

Audio: Interview: New Threats to the Internet Infrastructure

  • RSA Conference 2012
  • February 24, 2012

Jean Friedman interviewed Bruce Schneier about his talk at RSA 2012.

Listen to the Audio on EdgeBoss.net

Schneier: Government, Big Data Pose Bigger 'Net Threat than Criminals

  • Dan Goodin
  • Ars Technica
  • February 23, 2012

As Bruce Schneier spent the past decade watching the growing rash of phishers, malware attacks, and identity theft, a new Internet threat has emerged that poses even greater risks, the security expert said.

Unlike the security risks posed by criminals, the threat from government regulation and data hoarders such as Apple and Google are more insidious because they threaten to alter the fabric of the Internet itself. They’re also different from traditional Internet threats because the perpetrators are shielded in a cloak of legitimacy. As a result, many people don’t recognize that their personal information or fortunes are more susceptible to these new forces than they ever were to the Russian Business Network or other Internet gangsters…

Bruce Schneier on Trust

Modern society depends on trust more than we realise, and the basis for that trust is security. The trick, says the security guru, is preserving the forces that allow us to trust one another, while also knowing who not to trust

  • Alec Ash
  • The Browser
  • February 23, 2012

You’re best known as a security expert but our theme today is “trust”. How would you describe the connection between the two?

Security exists to facilitate trust. Trust is the goal, and security is how we enable it. Think of it this way: As members of modern society, we need to trust all sorts of people, institutions and systems. We have to trust that they’ll treat us honestly, won’t take advantage of us and so on – in short, that they’ll behave in a trustworthy manner. Security is how we induce trustworthiness, and by extension enable trust…

13 Security Myths You'll Hear — But Should You Believe?

  • Ellen Messmer
  • Network World
  • February 14, 2012

Excerpt

Security Myth No. 1: “More Security is Always Better.”

Bruce Schneier, security expert and author of several books, including his most recent, Liars and Outliers, explains why this security concept of “you can’t get enough” that’s often bandied about is off the mark to him. Schneier explains: “More security isn’t necessarily better. First security is always a trade-off, and sometimes additional security costs more than it’s worth. For example, it’s not worth spending $100,000 to protect a donut. Yes, the donut would be more secure, but it would make more sense to simply risk the donut.” He also notes that “additional security is subject to diminishing returns. That is, measures that reduce a particular crime — say, shoplifting — by 25% cost some amount of money; but additional measures to reduce it another 25% cost much more. There will always be a point where more security isn’t worth it. And as a corollary, absolute security is not achievable.” Sometimes security may even become a moral choice and being in compliance might be an immoral decision, as it could pertain to a totalitarian system, for example. “Security enforces compliance, and sometimes complying isn’t the right thing to do.”…

Audio: Guarding Without Guardians

Bruce Schneier is concerned that without trust, society itself may be impossible

  • IEEE Spectrum
  • February 9, 2012

Socrates famously asked if a person could lead a just life in an unjust society. A new book, Liars & Outliers, by Bruce Schneier doesn’t in so many words raise the question, Can a person lead a secure life in an insecure society? but it does answer it. There’s only so much we can do without there being a framework of trust: There have to be moral codes; peer pressures are needed; institutions have to have their own codes of conduct, and so on.

It’s hard to imagine such a book being written by anyone but Bruce Schneier, one of the world’s foremost authorities on security. He started out in cryptography and published some world-class algorithms, but he quickly came to realize that the mathematics was rarely the weak link in the security chain. His books, starting with the best-selling …

"Liars and Outliers" by Bruce Schneier

  • Matt Sarrel
  • Byte
  • February 1, 2012

Society runs on trust and would collapse without it. The interconnectedness of the modern world creates new and dangerous risks to trust.

Bruce Schneier‘s recent book Liars and Outliers is a philosophical exploration of the role of trust in society, and is likely to appeal more to policy makers and academics than to information security practitioners. He describes how theories regarding trust (and perhaps trust itself) have evolved over time and sets this within the context of today’s global interconnected society.

Schneier has done a very careful literature review, citing theories and experiments across multiple disciplines such as sociology, anthropology, and psychology. The computer scientist will find that the book does a very good job of discussing abstract concepts, while the computer professional will find that it lacks a concreteness needed for it to be useful in their daily work…

Liars and Outliers

  • Curtis Frye
  • Technology and Society
  • February 2012

Liars and Outliers, Bruce Schneier’s most recent security-related text, is an interesting and wide-ranging review of trust in commerce and broader society. And I do mean wide-ranging — he covers everything from the implications of early mankind’s organization into groups of around 150 individuals (the “Dunbar number”) to reputation systems such as eBay and Yelp reviews. Liars and Outliers doesn’t hang together quite as well as his previous books, but it’s still a terrific primer for readers who want more insights into the complex world of security and trust…

Review: Liars & Outliers

Bruce Schneier’s new book explores the relationships of trust on which civilization depends

  • Paul Wallich
  • IEEE Spectrum
  • February 1, 2012

Bruce Schneier is a security icon, the cryptological equivalent of action-movie superstar Chuck Norris, able to straighten elliptic curves with his bare hands. Liars & Outliers isn’t the book you’d expect from someone whose portrait adorns posters—nor from the coauthor of several important encryption algorithms (one of them a finalist for the next generation of national encryption standards).

On his blog, Schneier reminds us almost daily that protecting our secrets with a 4096-bit key doesn’t do much good if we have to tape the new pass phrase to our monitors, and that an unforgeable ID card can be a very bad idea if someone can get one by slipping 20 bucks to a file clerk. In …

Why Doesn't Society Just Fall Apart?

  • Adam Thierer
  • Forbes
  • January 23, 2012

Since the days when Plato and Aristotle walked this Earth, philosophers have debated what constitutes the ideal state and, more specifically, what holds societies together. Why doesn’t society just fall apart? How does society function when you know you can’t possibly trust everyone in it? And why aren’t we living in what Thomas Hobbes memorably referred to as a state of constant “war of all against all“?

There is no single or simple answer, says security technologist Bruce Schneier in his enlightening new book, Liars & Outliers: Enabling the Trust that Society Needs to Thrive…

Sidebar photo of Bruce Schneier by Joe MacInnis.