News: 2013 Archives
Video: Snowden, the NSA, and Free Software
Renowned security expert Bruce Schneier talks with Eben Moglen about what we can learn from the Snowden documents, the NSA’s efforts to weaken global cryptography, and how we can keep our own free software tools from being subverted.
Video: Why We Need a Magna Carta for the Internet: Motherboard Meets Bruce Schneier
Since Edward Snowden’s disclosures about widespread NSA surveillance, Americans and people everywhere have been presented with a digital variation on an old analog threat: the erosion of freedoms and privacy in exchange, presumably, for safety and security.
Bruce Schneier knows the debate well. He’s an expert in cryptography and he wrote the book on computer security; Applied Cryptography is one of the field’s basic resources, "the book the NSA never wanted to be published," raved Wired in 1994. He knows the evidence well too: lately he’s been helping the …
Q&A with Bruce Schneier
Becoming a fellow isn’t your first interaction with the Berkman Center—you spoke here in April about “IT, Security, and Power” with Jonathan Zittrain. In light of that talk and the research you intend to conduct exploring the intersection of security, technology, and people, can you tell us more about the direction your research is going in, any challenges you currently face, and what you will be focusing on as a Berkman fellow?
I’ve been thinking about several things, all centered around power in the information age. I summarized them here before my Spring Berkman visit, and perhaps it’s better to send readers there than to rewrite what I wrote then. Since then, of course, I have been thinking and writing about the Snowden documents and ubiquitous Internet surveillance. My hope is that all of this turns into a book, but it’s too early for me to announce that definitively. I only know that I need something to focus my year at Berkman; otherwise, it will be over in a flurry and I won’t have anything tangible to show for it…
Interview: We Have Made Surveillance Too Cheap
There needs to be wider debate on the value of privacy on the internet—and in society as a whole, a leading computer security and privacy specialist said at the Summit on the Global Agenda in Abu Dhabi. Cryptographer Bruce Schneier says classified documents leaked by former US National Security Agency contractor Edward Snowden could ultimately make all internet users more secure.
The documents leaked by the American whistleblower show how easy it is for parties to indiscriminately capture the personal data on a global scale, said Schneier, who is participating in the summit as a member of the …
Congress Can Give You Back the Internet
More than 150 years after Bull Run—the long, bloody battle that foretold of a long, bloody Civil War—a new Bull Run is the symbol of a very different, bloodless fight.
“Bull Run” is code for a National Security Agency program that asks U.S. Internet security providers to poke holes in their systems (also known as “back doors”)—and to keep those requests—and weaknesses—a secret. “The conceit here is that only the NSA can exploit this vulnerability,” and gain access to encrypted Internet traffic, explained computer security and privacy specialist Bruce Schneier at a recent NSA surveillance briefing convened by the Open Technology Institute on Capitol Hill…
Schneier Tells Washington NSA Broke Internet's Security for Everyone
And techies can only fix it if government stays out of the way.
WASHINGTON, DC—To say that there are a lot of people who are angry with the National Security Agency (NSA) right now would be an understatement. But the things that are getting the most political attention right now—such as the invasion of the privacy of American citizens and spying on the leaders of American allies—are just a fraction of the problem, according to cryptographer and Harvard University Berkman Center for Internet and Society Fellow Bruce Schneier.
At a presentation in a conference room inside the US Capitol on Friday, Schneier—who has been helping …
New Threat Model Army
Excerpt
“The NSA has turned the internet into a giant surveillance platform.” Security guru Bruce Schneier (pictured) did not pull his punches when he addressed the 1,200 engineers gathered for the meeting of Internet Engineering Task Force (IETF) in Vancouver last week. But when it came to the question of what should be done about it, he and the other participants in a panel discussion had less to offer.
Mr Schneier, a fellow at Harvard’s Berkman Centre on Internet and Society, is one of the few people who had seen most if not all the NSA documents downloaded by Edward Snowden. Only a few have been made public so far, with the most recent revelation being the stealth tapping of Google’s internal networks…
Book Review: Bruce Schneier, Liars and Outliers
Trust is all around us. I trust drivers to wait at the red light while I cross the street, my doctor to base his diagnosis on the best available evidence, and my neighbor not to crack me over the head and swipe my wallet and phone as we ride the elevator together. In Liars and Outliers Bruce Schneier attempts to make rigorous the intuition that trust is the foundation of the remarkable degree of cooperation that characterizes successful societies. He makes his case in the context of social contract theory, game theory, behavioral economics, and moral, social, and evolutionary psychology. There is a lot in …
Security Expert Seeks to Make Surveillance Costly Again
The ongoing revelations of governmental electronic spying point to a problem larger than National Security Agency malfeasance, or even of security weaknesses. Rather the controversy arising from Edward Snowden’s leaked documents suggest we face unresolved issues around data ownership, argued security expert Bruce Schneier.
“Fundamentally, this is a debate about data sharing, about surveillance as a business model, about the dichotomy of the societal benefits of big data versus the individual risks of personal data,” Schneier told attendees of the Usenix LISA (Large Installation System Administration Conference), being held in Washington this week…
Schneier: Make Wide-Scale Surveillance Too Expensive
Lessons from NSA revelations hit at heart of the "fundamental issue of the information age," says Bruce Schneier
Other articles about the IETF plenary session appeared in MIT Technology Review, Intellectual Property Watch, and The Economist, and Help Net Security.
As custodians of the Internet mull over the lessons that revelations about National Security Agency (NSA) surveillance offer about the insecurity of the Internet’s infrastructure, architects must find ways to make wholesale spying more expensive. So said noted cryptographer and security evangelist Bruce Schneier in a talk today about Internet hardening at the Internet Engineering Task Force (IETF) plenary session…
Former DHS/NSA Official Attacks Bruce Schneier With Bizarre, Factually Incorrect, Nonsensical Rant
Excerpt
Over the years, at times, I’ve seen people criticize Bruce Schneier for perhaps getting more publicity than other security researchers, but it’s rare to see people question his knowledge. The complaints often appear to stem more out of jealousy than anything else. But, I’ve never seen anything quite as ridiculous as this “CNN iReport” by Richard Marshall and Andre Brisson, which appears to be a blatant hatchet job attack on Schneier that is at times incomprehensible, at times factually incorrect and bizarre throughout. Marshall is a former NSA and DHS “cybersecurity” expert, but he’s now the CEO of “Whitenoise Labs,” (something …
Video: NSA "Probably Can Read Your E-mails"—the Key Questions
Following the row over claims German chancellor Angela Merkel’s phone was hacked by the US, Channel 4 News speaks to security expert Bruce Schneier and asks if the NSA has gone too far.
NSA and the Murky Relationship Between Contractors, Government Secrets and Journalism
Excerpt
National Security Agency Director Gen. Keith Alexander this week defended the private sector’s cooperation with the agency’s electronic surveillance programs, telling Congress the companies involved are being punished in the media for meeting legal obligations under U.S. law and helping to save lives.
‘We have compelled industry to help us…by court order,’ said Alexander, during testimony Oct. 29 before the House Permanent Select Committee on Intelligence. ‘And what they’re doing is saving lives’ in the U.S. and around the world. ‘And it’s the right thing to do,’ Alexander said…
Liars and Outliers Review
I’ve just finished reading Liars and Outliers by Bruce Schneier. I received a signed copy thanks to Schneier’s discounted signed book offer of $11 plus a review. So here’s a review:
In this book, Schneier takes on all of security: What is it, and why does it work? The answer flows through diverse areas of study, from evolutionary psychology to game theory. He begins (appropriately enough) with history; a discussion of predators and prey. From microbiology, we move rapidly forward through time to modern society.
After taking a look at history, Schneier moves into a discussion of the four societal pressures: moral, reputational, institutional, and security. Each kind of pressure is built off of the previous ones, with security being the most advanced…
Video: What Are the Implications of Spying?
International cyber security expert, Bruce Schneier weighs in on the U.S recent spying scandal.
Video: How to Protect Phones from Infiltration
Rumours of the NSA hacking Angela Merkel’s encrypted phone have got the world wondering how it would even be possible.
Becky Anderson talks to security technologist Bruce Schneier about protecting phones from infiltration by third parties and how the German Chancellor’s phone may have been vulnerable.
Applied Cryptography by Bruce Schneier
This is the next entry in the series of Russ reading books that he bought years ago and never got around to reading. Thankfully, this time, the book has aged somewhat better.
This review is for the second edition of Applied Cryptography, published in 1996. Given how important computer security has become, and how central cryptography is to computer security, one might think that the passage of 17 years would make a book effectively obsolete. This turns out not to be the case. Yes, Rijndael (the current AES standard and the most widely-used block cipher), Camellia (the up-and-comer in the block cipher world), and the SHA-2 hash postdate this book and aren’t discussed. Yes, there have been some further developments in elliptic-curve public-key cryptography. And yes, much of the political information in this book, as well as the patent situation for public-key cryptosystems, is now mostly of historical interest. But a surprising amount of this book still applies directly…
Video: Interview with Bruce Schneier—Internationally Renowned Security Technologist
Maria Xynou interviewed Bruce Schneier on privacy and surveillance. View this interview and gain an insight on why we should all "have something to hide"!
The Centre for Internet and Society (CIS) interviewed Bruce Schneier on the following questions:
-
Do you think India needs privacy legislation? Why/ Why not?
-
The majority of India’s population lives below the line of poverty and barely has any Internet access. Is surveillance an elitist issue or should it concern the entire population in the country? Why/ Why not?
-
“I’m not a terrorist and I have nothing to hide…and thus surveillance can’t affect me personally.” Please comment.
-
Can free speech and privacy co-exist? What is the balance between privacy and freedom of expression?…
Audio: NSA is Wasteful and Dangerous
During a podcast on Occupy Radio, the host and a renowned security expert Bruce Schneier get to discuss the NSA practices in terms of treating citizen privacy and other related issues.
Listen to the Audio on Archive.org
– Bruce Schneier is an internationally recognized expert on cryptography and data security. He was dubbed a ‘Security Guru’ by the Economist magazine. His most recent book is ‘Liars and Outliers: Enabling the Trust that Society Needs to Thrive’. Bruce’s newsletter, Cryptogram, and his blog Schneier on Security are read by over a quarter of a million people. Thank you, Bruce, for joining me on Occupy Radio.
– Hey, thanks for having me.
– My pleasure. I have been looking forward to this interview. We’ve been talking about talking for about a couple of weeks now, and you seem like the guy to educate me on what the heck is going on with NSA and Snowden, and Prism, and all of these things that seem to have just opened up before as lately. That seems to be your daily whack, right?…
Audio: Mobile Security with Bruce Schneier
Scott and Peter speak with special guest cryptographer and security expert Bruce Schneier about Touch ID, biometrics, and general mobile phone security and privacy issues. Bruce is an outstanding speaker on these topics – you don’t want to miss this.
Audio: Virtually Speaking with Jay Ackroyd
Security and crytography expert Bruce Schneier, author of Secrets and Lies and most recently, Liars and Outliers, discusses the recent NSA revelations.
Video: Trust and the Surveillance State
Trust is an invisible yet essential force in our lives, the great stabilizer of human relations. How do we create it? How do we lose it? Bruce Schneier, author of Liars & Outliers: Enabling the Trust that Society Needs to Thrive, joins Steve Paikin to discuss the essential role of trust in society and the threat the “surveillance state” may pose to it.
Bruce Schneier: NSA Spying Is Making Us Less Safe
The security researcher Bruce Schneier, who is now helping the Guardian newspaper review Snowden documents, suggests that more revelations are on the way.
Bruce Schneier, a cryptographer and author on security topics, last month took on a side gig: helping the Guardian newspaper pore through documents purloined from the U.S. National Security Agency by contractor Edward Snowden, lately of Moscow.
In recent months that newspaper and other media have issued a steady stream of revelations, including the vast scale at which the NSA accesses major cloud platforms, taps calls and text messages of wireless carriers, and tries to subvert encryption.
This year Schneier is also a fellow at Harvard’s Berkman Center for Internet and Society. In a conversation there with David Talbot, chief correspondent of …
Video: NSA Working with Tech Companies to Insert Weaknesses Into Code
Bruce Schneier discusses the latest NSA revelations including the NSA working with tech companies to insert weaknesses into their code.
Audio: Removing Yourself from the Public-Private Surveillance Web
You signed up for government surveillance when you signed up for your email address. Not knowingly perhaps, (although who actually reads the user agreement?) but NSA spying is only possible with the help of the same private companies you trust with your data in the first place. The individual/government/corporate relationship has never been so exposed and so (hopefully) up for debate. Security technologist Bruce Schneier should be one of the voices you listen to in that debate.
Audio: Bruce Schneier on the NSA, Cryptography and Trust
Dennis Fisher talks with cryptographer Bruce Schneier about the revelations of the NSA’s capabilities to subvert and weaken cryptographic algorithms, security products and standards, and what it will take to help defeat these capabilities.
Audio: Episode 253 of the Matthew Filipowicz Show
On today’s show, we have encryption specialist and author Bruce Schneier here to discuss the latest NSA revelations including the NSA working with tech companies to insert weaknesses into their code.
Listen to the Audio on MatthewF.net
Transcript
Privacy PC published the following transcript of the interview.
– All right, joining me now here on the Matthew Filipowicz show is Bruce Schneier. Bruce is a security technologist and encryption specialist. He’s written for the Guardian, the Economist, Wired and more. He’s the author of 12 books; his latest is Liars and Outliers: Enabling the Trust Society Needs to Survive, all of which and more you can find at …
Audio: Industria del espionaje coludida en todos niveles: Bruce Schneier
En entrevista para Grupo Imagen Multimedia con Rodrigo Pacheco, Bruce Schneier, criptógrafo y experto en seguridad, dijo desconocer cuál es la implicación de las empresas en el escándalo de espionaje en Estados Unidos.
Lo cierto, indicó, “es que la industria está coludida a todos los niveles y entonces podríamos ver que ésta pelea porque hay mucha indignación en torno al tema”.
Acerca de los perjuicios que esta situación pudiera generar en los negocios que hacen esas empresas con otros países, manifestó que además de ellos las personas pudieran verse perjudicados, pero además indicó que no hay manera de protegerse por lo que habrá que confiar en los sistemas de protección de información porque “no hay ningún tipo de confianza”…
Video: "Undermining the Very Fabric of the Internet": Bruce Schneier on NSA’s Secret Online Spying
In an effort to undermine cryptographic systems worldwide, the National Security Agency has manipulated global encryption standards, utilized supercomputers to crack encrypted communications, and has persuaded—sometimes coerced—Internet service providers to give it access to protected data. Is there any way to confidentially communicate online? We speak with security technologist and encryption specialist Bruce Schneier, who is a fellow at Harvard’s Berkman Center for Internet and Society. He has been working with The Guardian on its recent NSA stories and has read hundreds of top-secret NSA documents provided by Edward Snowden. "I have resisted saying this up to now, and I am saddened to say it, but the U.S. has proved to be an unethical steward of the internet. The U.K. is no better. The NSA’s actions are legitimizing the internet abuses by China, Russia, Iran and others," wrote Schneier on Thursday…
Five More Questions: Privacy Expert Bruce Schneier Sees Outdated Data Laws Benefiting Feds, Businesses
Editor’s note: Five More Questions is an occasional series by Brian Lambert that follows up on people who recently made news.
Bruce Schneier has carved out an interesting niche for himself.
The southwest Minneapolis resident has become one, if not the best-known, of credible voices on the topics of privacy and security, personal and otherwise. His thinking on matters from Edward Snowden and the NSA to the nexus of government and corporate data-mining has made him a regular presence on The Atlantic, Forbes, Foreign Policy, Bloomberg and Guardian websites…
Audio: Bruce Schneier on NSA Surveillance
In America today, we find ourselves increasingly living in a new kind of country: where constant surveillance and paramilitary policing are normalized. Bruce Schneier is among the most insightful and important voices speaking out against unchecked government surveillance and the alarming lack of transparency among our democratic institutions.
If Bruce Schneier Ran the NSA, He'd Ask a Basic Question: "Does It Do Any Good?"
Ars asks a tech and legal all-star team how to fix America's security state.
Excerpt
For the last two months, we’ve all watched the news about the National Security Agency and its friends over at the Foreign Intelligence Surveillance Court (FISC), which approves secret orders on behalf of the NSA and other spy agencies. But more often than not, a lot of these articles take the same basic structure: documents provided by NSA leaker Edward Snowden show X, and then privacy advocates and civil libertarians decry X for Y reason.
That now raises the question, what would these privacy advocates do if they were put in charge of the NSA and the FISC? Or more specifically, what changes would they immediately enact at those two opaque institutions?…
The 25 Best Bloggers, 2013 Edition
Excerpt
Technology expert Bruce Schneier has been blogging about security since 2004. If the subject was ever a niche, those days are long gone. His work touches on vital issues of safety and privacy at home, out in the world and, of course, on computers and other gadgets. Many of his posts simply point you towards items elsewhere—and he’s so important a figure in his field that the mere fact that Bruce Schneier found an article to be worthwhile is a significant endorsement.
Отзыв о книге Брюса Шнайера «Liars and Outliers»
Примерно год назад (в августе 2012 года) в блоге Брюса Шнайера (Bruce Schneier) «Schneier on Security» появилось сообщение о том, что он рассылает некоторое количество экземпляров своей новой книги «Liars and Outliers: Enabling the Trust that Society Needs to Thrive» [1] по сниженной цене (и с личной подписью) в обмен на публикацию отзыва об этой книге после прочтения. По причине того, что в последнее время переводы нехудожественных книг на русский язык достаточно посредственны, да и «специфические» книги переводятся у нас не очень скоро, уже несколько лет я стараюсь читать оригиналы книг (бумажные или электронные), изданных на английском языке. Данный блог (рассылку «Crypto-Gram») и предыдущие книги были мне интересны, поэтому учитывая то, что цена с учётом доставки, оказалась достаточно привлекательной (по сравнению с доставкой с Amazon, про цены на оригиналы на Озоне я даже не говорю), я заказал экземпляр у Брюса Шнайера. Благодаря нашей почте, книгу я получил только в начале ноября. Из-за проблем со свободным временем чтение и составление отзыва пришлось отложить на новогодние праздники, а затем и до отпуска. Несколько дней назад я прочитал книгу и теперь выполняю своё обещание. Приношу свои извинения Брюсу Шнайеру за столь длительную задержку…
Audio: Bruce Schneier on Surveillance and Security
Revelations of the NSA’s data surveillance efforts have raised serious questions about the ethics and necessity of violating privacy that have been bubbling under the surface for some time. Efforts to monitor communication are nothing new, but electronically mediated communication has increased the amount of information being shared, and the possibilities for eavesdropping are endless. But there’s a trade off. People tolerate incursions into privacy for greater security or even convenience: health care, transportation, public safety, or any number of web utilities we use on a daily basis. Bruce Schneier is an author, Berkman fellow, and security technologist. He sat down with David Weinberger to talk about the positives and perils of privacy violation…
Applied Cryptography Engineering
If you’re reading this, you’re probably a red-blooded American programmer with a simmering interest in cryptography. And my guess is your interest came from Bruce Schneier’s Applied Cryptography.
Applied Cryptography is a deservedly famous book that lies somewhere between survey, pop-sci advocacy, and almanac. It taught two generations of software developers everything they know about crypto. It’s literate, readable, and ambitious. What’s not to love?
Just this: as an instruction manual, Applied Cryptography is dreadful. Even Schneier seems to concede the point…
Book Review: Schneier on Security
I had long ago listened to Schneier on TED and his expose on the fallacy of airport security, and security in general. But this book made me realize his activism is not limited to airport security—he talks on a broad range of topics including the privacy, government transparency (where it kinda didn’t sit well with me) and his advocacy around the how bad a job the US government in general, and organizations such as FBI, CIA and TSA in specific with respect to protecting its citizens. Here I do want to make a point—while his concepts are certainly global, his inferences are time and again to the Americans—whether due to the fact that most of the readers would anyways be Americans, or he views the world as “Americans and others”, I am not sure. Overall it is a decent read, but if I were to summarize his points into few bullet points, they are as follows:…
Security Experts Bruce Schneier and Mikko Hypponen on the NSA, PRISM and Why We Should Be Worried
As Edward Snowden is linked to one country after the next, the media has its eye fixed on where he will next request asylum. (Today, it’s Russia.) Meanwhile, back at US headquarters, as NSA officials speak in a House Judiciary Committee hearing, the agency is still doing what it’s doing. To get more information on exactly what that means, the TED Blog wrote to two security experts, Bruce Schneier (watch his talk) and Mikko Hypponen (see his talk), to ask them about what it is we should be worried about. Turns out, pretty much everything.
For people who work in security, is the existence of PRISM surprising? Which aspects of it are routine or expected or even necessary, and which are genuinely dangerous?…
Secrets and Lies: Nine Years Later
UPDATE: Just found out that most of the book was actually copyright 2000, even more impressive!
I just finished reading Secrets and Lies: Digital Security in a Networked World and wanted to write up some of my thoughts while it was still fresh in my mind. The book was published in early 2004, hundreds of years ago in tech-time. However I was really surprised at just how pertinent it still is.
This book was written before Stuxnet, before the PRISM scandal…heck, the book was written BEFORE FACEBOOK, yet after reading Secrets and Lies I feel like Bruce Schneier saw them coming from a decade away. Like a Digital Nostradamus…
Berkman Center Announces 2013-2014 Community
Excerpt
The Berkman Center for Internet & Society at Harvard University today announced the fellows, faculty associates, and affiliates who will join the community in the 2013-2014 academic year, continuing a tradition of providing a home for some of the most incisive minds in law, technology, and social science, alongside path-breaking entrepreneurs and activists.
“Our incoming community is brimming with vision, talent, and a commitment to understand and drive change across the world, both online and off,” Urs Gasser, Berkman’s Executive Director, said. “With curiosity, rigor, and friendship, this network will explore and transform our collective knowledge, use, and governance of the Internet and digital technologies. We are privileged to bring these incredible people together at Berkman in the coming year.”…
The Security Processes
I have been reading Bruce Schneier’s Secrets and Lies: Digital Security in a Networked World for some time now. Why it took me so long to finally read it, I don’t know – any security geek worth his salt needs the background this book provides. Granted, technology has changed and advanced since this book was first published in 2000, making some of the examples irrelevant in today’s environment, but the basics of security that they illustrate have not.
In Chapter 24, Mr. Schneier outlines and explains security processes in depth and states the obvious that most of us either never think about or take for granted:…
Bruce Schneier´s Liars & Outliers
We learn to trust strangers from a very young age. Not just uncles, cousins and neighbors, but also teachers, policemen, doctors and even newsreaders on TV. Compared to our ancestors and other animal species, humans have raised trust to unknown heights. Bruce Schneier, in his new book Liars & Outliers, takes us on a tour of how that trust came to be, how it manages to work in the majority of cases and why it doesn’t work in the rest.
Schneier uses Francis Fukuyama’s definition of trust, which holds that other members of society act in a predictable, honest and co-operative way, based on shared norms. This is enormously helpful for society as a whole, because there are costs and risks involved in dealing with others and establishing their trustworthiness. If society can organize itself so that we can safely trust other members, that saves us a lot of time and money…
Video: Consumer Benefits in Lack of Privacy?
Liars and Outliers author Bruce Schneier on the impact on consumers of data mining by technology companies and the government.
Video: Silicon Valley and the National Security State
More than 10 years ago, NSA officials went to Silicon Valley to learn how to build a better data operation. Chris Hayes talks to Bruce Schneier, security expert, and Colleen Taylor, reporter for TechCrunch and TechCrunch TV.
Audio: Schneier on Power, the Internet, and Security
Bruce Schneier, author and security guru, talks with EconTalk host Russ Roberts about power and the internet. Schneier argues that the internet enhances the power of the powerless but it also enhances the power of the powerful. He argues that we should be worried about both corporate and government uses of the internet to enhance their power. Recorded before news of the PRISM system and the use of Verizon’s customer information by the NSA (National Security Agency), Schneier presciently worries about government surveillance that we are not aware of and explains how governments—democratic and totalitarian—can use the internet to oppress their citizens. The conversation closes with a discussion of terrorism and the costs of the current system for reducing the probability of a terrorist attack…
Audio: Bruce Schneier on Technology and Power
This is a feature cast, an episode of The Command Line Podcast.
The feature this week is an interview with Bruce Schneier. The catalyst for this conversation is a post on his blog that frames out some of the themes he has been considering for his next book. Among other things, we refer to Rebecca Mackinnon’s book and Kevin Kelly’s most recent book in the course of the conversation. You can find all of Bruce’s books here.
Security guru: FBI Internet-Tapping Good for Criminals, Bad for Everyone Else
If you’re looking for more evidence that politicians don’t get technology, look no further than the FBI’s proposal to make Internet communications easier to wiretap. Specifically, the FBI wants to force companies to design their email, IM, VoIP, and other Internet-based communication products such that law-enforcement agents can eavesdrop on conversations—naturally, in the name of collecting evidence against evil-doers.
Although the plan reportedly has support from the Obama Administration, it doesn’t have the backing of a guy who knows a thing or two about security: …
Audio: M-Unition Podcast Series: Bruce Schneier Discusses the Advanced Persistent Threat, Cyberwar and Feudalism
With news outlets flooded with talk of advanced targeted threats and Mandiant’s recently released APT1 report, we wanted to know what industry experts thought of the security industry today.
We sat down and spoke with Bruce Schneier about his thoughts on where the security industry is going and to get insight into his new book he is working on. "Cyberwar is based on fear and rhetoric", according to Schneier, "and it is damaging for us to push war rhetoric because it makes us feel helpless." He goes on to say that if we feel a sense of helplessness we naturally can’t do anything to protect our systems. It requires a shift in how we view the situation…
Interview: "It's Pretty Much Impossible" To Protect Online Privacy
From online companies tracking users’ digital footprints to the trend for more and more data to be stored on cloud servers, Internet privacy seems like a thing of the past—if it ever existed at all. RFE/RL correspondent Deana Kjuka recently spoke about these issues with online security analyst Bruce Schneier, author of the book “Liars and Outliers: Enabling the Trust Society Needs to Survive.”
RFE/RL: It is no secret that online companies like Google, Facebook, and Twitter are tracking users’ digital footprints. How accurate are these online profiles? What are they used for, other than advertising?…
Video: IT, Security and Power
Bruce Schneier & Jonathan Zittrain in Conversation
From Bruce Schneier:
What I’ve Been Thinking About
I have been thinking about the Internet and power: how the Internet affects power, and how power affects the Internet. Increasingly, those in power are using information technology to increase their power. This has many facets, including the following:
1. Ubiquitous surveillance for both government and corporate purposes—aided by cloud computing, social networking, and Internet-enabled everything—resulting in a world without any real privacy.
2. The rise of nationalism on the Internet and a …
Schneier and Zittrain on Digital Security and the Power of Metaphors
Excerpt
Bruce Schneier is one of the world’s leading cryptographers and theorists of security. Jonathan Zittrain is a celebrated law professor, theorist of digital technology and wonderfully performative lecturer. The two share a stage at Harvard Law School’s Langdell Hall. JZ introduces Bruce as the inventor of the phrase ‘security theatre’, author of a leading textbook on cryptography and subject of a wonderful internet meme.
The last time the two met on stage, they were arguing different sides of an issue—threats of cyberwar are grossly exaggerated—in an Oxford-style debate. Schneier was baffled that, after the debate, his side lost. He found it hard to believe that more people thought that cyberwar was a real threat than an exaggeration, and realized that there is a definitional problem that makes discussing cyberwar challenging…
Video: Bruce Schneier Explains Why There Is No Privacy on the Internet
Big data is a phrase that means a lot of things to a variety of people. For marketers, it means being able to target ads at certain segments of the population more accurately than ever before; for security pros, it means detecting and responding to incidents more quickly; and for every user connected to the Internet, big data means personal privacy on the Internet is gone.
In this video interview, recorded at the 2013 RSA Conference, security industry luminary and author Bruce Schneier uses three high-profile examples to explain why there is currently no privacy on the Internet. Among those examples is the Mandiant APT1 report, which he uses to show how easily even the most disciplined of Internet users can slip up and expose their identities to the world. Schneier, chief technology security officer with BT Counterpane, finishes by discussing whether governments and corporations can drive the change needed to ensure better …
Video: Bruce Schneier at RSA
Each year at RSA Conference, David Spark does a series of video interviews for the blog of security vendor Tripwire. In this installment, Spark and Bruce Schneier discuss “Feudal Security.”
Video: Bruce Schneier on Breaking Free from "Feudal Security"
"We live in a world where we’re ceding a lot of our power to other companies," said Bruce Schneier (@schneierblog), security blogger and author of "Liars and Outliers" in our conversation at the 2013 RSA Conference in San Francisco.
Schneier was referring to companies such as Google and Facebook that control our data as well as companies that control our devices, such as Apple.
"These companies are in charge of our security and we have no choice but to trust them and in many cases their interests don’t align with ours," said Schneier. "It’s not that these companies are evil. It’s just that they’re acting in their best interests which isn’t necessarily our best interests." …
Audio: Live from RSA—Richard Bejtlich Interviews Bruce Schneier
As part of an ongoing series from RSA USA 2013, Richard Bejtlich sits down with industry luminary, Bruce Schneier to discuss his latest book, Liars and Outliers and Mandiant’s new APT1 report.
During the podcast, Schneier looks back at his “monitor first” advice from 2001 and discusses its impact today, “We are learning from the recent attacks in the news,” said Schneier. “The lesson hasn’t changed.” On the cusp of an early cyber arms race, Schneier digs into the Mandiant report and shares his concerns on the future of cybersecurity.
Bruce Schneier: "We Live in a Feudal Security World"
We live today in a “feudal security world”, says internationally renowned security technologist Bruce Schneier.”
We pledge our allegiance to the service providers—the likes of Google, Facebook – and expect them to provide us with security in return—akin to serfs and peasants paying tribute to their lords in the form of personal data, says Schneier, the author of Liars and Outliers: Enabling the Trust Society Needs to Survive, and chief security technology officer at BT.
“What I am seeing is a shift in power on the internet, that we generally have less control over our IT infrastructure, our products, our user devices, our services. “We basically have to trust our vendors,” he says. “We just don’t have the ability to control security or configuration the way we did when we owned and controlled the platforms…
The Compulsion to Share
Type ‘security expert’ into Google and the third result is Schneier on Security, a blog written by Bruce Schneier, the author of several books and chief security technology officer at BT.
The blog is also the top Google result for ‘security blogger’ and No. 7 for ‘computer security expert,’ despite the fact that Schneier doesn’t describe himself as an expert. (Qualifier: Google customizes results to the user, so your mileage may vary.)
It gets more interesting when you look at references to Bruce Schneier in media outlets: 175 mentions in The New York Times, 146 in The Wall Street Journal and almost 400 each in Computerworld and InformationWeek. All this in a market that is one of the most information-saturated in the technology sphere…
Video: Bruce Schneier on Data Privacy and Google's Feudal Model of Security
Like the rest of the world, the day-to-day function of the Internet relies on trust, according to author and security luminary Bruce Schneier. However, that trust is being frequently and seriously violated by many of companies that dominate the Internet.
In this video interview, Schneier, chief technology security officer with BT Counterpane, discusses the ways in which trust—and, in turn, data privacy—is threatened on the Internet, and explains how Google, Apple and others have adopted a feudal model of security, in which their customers have little, if any, recourse to ever reclaim data that rightfully belongs to them…
Security Expert: Trusting Service Providers With Security Is Dangerous
In the days of feudalism, serfs and minor lords pledged allegiance to the king and received protection in return. As long as the king held up his end of the bargain, the system worked. If he didn’t, the system would crumble, as it eventually did in Europe around the 15th century.
Bruce Schneier, CTO of BT Managed Security Solutions, sees the feudalism dynamic happening today on the Web, where users of social networking and other online services must blindly trust that the companies providing those services are paying enough attention to security. And given the power these firms wield, that is by no means a safe assumption…
Book Review: Liars and Outliers
I’ve been a fan of Bruce Schneier ever since I read his post about security theater in the post 9/11 world. As soon as I discovered that he wrote a book, Liars and Outliers, I added it to my to-read list and just finished reading it over the weekend. It’s one of those books that is obvious as you read it but spawns a ton of thoughts. He develops a framework that he uses to analyze security and trust in individuals, organizations, and differently-sized societies.
Trust is the foundation that’s allowing the world to become faster paced and interconnected. We’re interacting with people all across the globe, our organizations and businesses are larger than ever, and we’re more dependent on technology than ever. Modern life depends on these complex trust systems and Schneier does a great job explaining the various interactions and the impact technology is having. As others have said, the 21st century will be about data and the rise of social networks, wearable computers, and the quantified self movement are an indicator of the type of data that will be collected. We need to make sure proper systems are in place to prevent abuse and Liars and Outliers provides a great framework to think about these issues and prepare us for the data century…
No Longer a Liar (Or an Outlier)
I criticized Bruce Schneier for the poor handling of his “trust experiment” with regard to his latest book, Liars & Outliers. I have now read it, thus perhaps putting me back into his good graces.
I’m a fan of Bruce Schneier. I’ve followed his blog for years, and I enjoy his moderate and practical approach to various security issues. So when he offered signed copies of his latest book at a discounted price in exchange for a review, I jumped at the opportunity.
Overall, I quite enjoyed this book. Perhaps because I’m already familiar, and agree, with many of his ideas, I didn’t find too many surprising ideas here. Nonetheless, Schneier does a great job of laying out a broad, fairly consistent framework for looking at how people cooperate and, if the title is meant to indicate a theme, “defect” from various forms of pressure meant to induce that cooperation…
Audio: Virtually Speaking with Jay Ackroyd
Bruce Schneier returns to talk about his new book, Liars and Outliers. He and host Jay Ackroyd discuss the nature of trust and its relationship to a well functioning and stable society.
Liars and Outliers: A Review
Recently, Bruce Schneier offered a discounted copy of his latest book “Liars and Outliers” in exchange for a review. Because I am a fan of his, I jumped at the opportunity. Bruce is known for is work in the field of cryptography, but cryptography systems have improved to the point that they often are no longer the weak link in the system. People are. Because of this, he has been studying psychology and human behavior. Liars and Outliers is the latest of his books in this area.
Right off the bat, this book opens with a revelation.
Just today, a stranger came to my door claiming he was here to unclog a bathroom drain. I let him into my house without verifying his identity, and not only did he repair the drain, he also took off his shoes so he wouldn’t track mud on my floors. When he was done, I gave him a piece of paper that asked my bank to give him some money. He accepted it without a second glance. At no point did he attempt to take my possessions, and at no point did I attempt the same of him. In fact, neither of us worried that the other would. My wife was also home, but it never occurred to me that he was a sexual rival and I should therefore kill him…
Here's How Hackers Took Over the Burger King Twitter Account
Burger King and Jeep both saw their Twitter accounts get hacked this week.
How and why does this happen?
Bruce Schneier is a revered computer security expert, prominent for his thoughts on the intersection of technology, security, and trust.
He was kind enough to fill us in on the details surrounding how hacks like these are possible.
How a Twitter account gets hacked
A person attempting to break into an account isn’t hunched over a keyboard typing guessed password after guessed password until something works. He’ll use a password cracker.
A password cracker is a piece of software that employs a technique to guess passwords much more quickly than a human ever could. The two most common approaches are the “brute force method” and the “dictionary method.” While the dictionary method simply tries every word in a dictionary until it works, the brute force method tries every possible combination of characters (including numbers and punctuation) until something works…
Video: Surveillance Technology
The digital technologies that so delight us also have a dark side. On this Episode of Inventing the Future with Robert Tercek, the topic of discussion is the future of surveillance technologies. Whether it be the government, big business, organized crime, or even your next door neighbor, chances are you’re being tracked and analyzed.
Joining Robert Tercek in asking whether or not privacy is dead are BT Managed Security Solutions’ Chief Security Technology Officer, Bruce Schneier and Research Fellow at The Cato Institute, Julian Sanchez.
Interview: Critical Infrastructure Security Perspectives From Bruce Schneier
A couple weeks ago we asked Bruce Schneier if he would be kind enough to respond to a few questions about security related to critical infrastructures such as the power grid. We are delighted and honored that Mr. Schneier would take the time from his busy schedule to answer our request! Below is a perspective that we are certain you will find interesting and useful in your quests to build and support practical security solutions at your organization.
Q1: There seems to be a great deal of fear and hyperbole about potentially catastrophic cyberattacks against critical infrastructure such as the power grid. How do we clear away the hype and determine what threats realistically exist and what should the industry consider doing about them?…
Bruce Schneier: "It Is Not Prevention or Detection, It Is Response"
Coverage of this interview also appeared in International Business Times.
As well as being a renowned cryptographer, influential security expert and outspoken conference favourite, Bruce Schneier has had his share of coverage in recent months as the Prism story unfolded. He chose to leave his position as BT’s security futurologist at the end of last month and has now turned his hand to incident response.
Schneier recently left BT, who acquired his company Counterpane in 2006, to join Co3 Systems as chief technology officer this month. I began by asking him what attracted him to a relatively unknown company…
Video: Privacy, Security, & the Future
Adam Ford interviewed Bruce Schneier at the Winter Intelligence / AGI 12 conference in Oxford.
The Ever Widening Gyre of Liars and Outliers
So, two months ago, I mentioned that I was going to read something fairly new. Two months ago, I was already late in reading and reviewing the book. Work, holidays, blaah blaah mea culpa.
Anyway, the book is Bruce Schneier’s Liars and Outliers. In the interest of full disclosure I should probably mention received a signed review copy, bizarrely enough. No, the glamorous literati did not suddenly recognize my wit and genius. Instead, Schneier came up with an interesting idea to send a substantial number of copies to readers of his blog on the condition that they write reviews. I was one of those readers. This is my review. It’s an interesting experiment. I have no idea how successful it has been or what the criteria for success really is in this case, but I’m really hoping that Schneier writes a blog post or something about it…
IFSEC 40: The Most Influential People in Security & Fire
9. Bruce Schneier, BT Managed Security Solutions
"Bruce Schneier instantly knows the amount of Jelly Beans in a jar"—this is one of many "facts" about the security technologist and author from the website schneierfacts.com, an Internet meme dedicated to him.
And there’s a reason his fans attach his face to the body of Chuck Norris: He is killing it in the world of online security.
He founded the company that became BT Managed Security Solutions of which he remains chief security technology officer.
He has authored a number of books, including …
Sidebar photo of Bruce Schneier by Joe MacInnis.